@BleepingComputer @billtoulas @TrendMicro

More about these attackers:

Rhysida #Ransomware Analysis Reveals #ViceSociety Connection #cybersecurity #infosec https://www.infosecurity-magazine.com/news/rhysida-vice-society-connection/

Vice Society publishes data stolen during Vesuvius ransomware attack - A notorious ransomware gang has claimed responsibility for a cyber attack against Vesuviu... https://grahamcluley.com/vice-society-publishes-data-stolen-during-vesuvius-ransomware-attack/ #vicesociety #ransomware #databreach #dataloss #malware

It looks like #ViceSociety has added another UK school to its leak site: Guildford County School.

La società italiana Brevetti rimane vittima del ransomware Vice Society che pubblica i dati online

La famigerata banda #ViceSociety, colpisce un’altra #organizzazione #Italiana.Oggi è il turno della società #Italiana brevetti (SIB) che si trova a combattere con il #ransomware “viola”.

E mette a disposizione un link tramite il quale è possibile accedere ad una pagina di #directory Listing dove sono caricati i documenti #esfiltrati dalle #infrastrutture #IT dell’azienda in questione.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/la-societa-italiana-brevetti-rimane-vittima-del-ransomware-vice-society-e-pubblica-i-dati-online/

#Ransom | #Ransomware | o, altro | Target 🇮🇹
Gruppo: #ViceSociety
Target: Società Italiana Brevetti SpA
https://sib.it
#DRM:
https://ransom.insicurezzadigitale.com/index.php?page=post_details&id_post=5912

🏴‍☠️️💰 Yesterday hit another record with 17 #ransomware victims announced by ransomware groups #LockBit (x14) #vicesociety (x2) and #Royal.

🛡️ Stay vigilant and protect your systems.

🔗 https://www.ransomware.live

#cybersecurity

With #Hive ransomware infrastructure taken down last week and speculation of similar action against #LockBit, which groups will likely take the “top” #RaaS spots in the first part of the year? If you don’t track #ransomware-as-a-service closely, you may not realize how many other groups regularly carry out attacks (or at least claim & extort victims publicly)

Since the takedown on Thursday, five RaaS groups have claimed nearly 30 victims publicly, with LockBit 3.0, #Clop, and #ViceSociety leading the pack. In our ransomware landscape briefing last week, a participant asked which group concerned us most into the new year. My answer is “most” seen in the slide here (but if I had to narrow, I choose LockBit in the short-term, and Vice Society in the medium/longer term)

Last week I argued that many, if not most, of the “top” groups (measured quickly by last year’s victim count) should be on most security teams’ radars. While there are some notable trends in victim sectors, like a relative increase in attacks on public services organizations, in general most of the leading groups are associated with a broad range of victim verticals (a similar trend holds for victim size too – a relative rise in mid-sized organizations, but still a notable number of large enterprises like in years past)

Rather than burn resources trying to track each new victim associated with each group every day, there is value in identifying top common tactics, techniques, & procedures among groups with generally similar motivations & victim patterns, and focusing response drills, defensive reinforcements, log source & detection tuning, and, where resources allow, unit testing or adversary simulation or emulation around that subset of TTPs

Our living matrix of top ransom & extortion group #TTPs is found here, covering nearly 30 groups and 175 techniques, although the cluster of top common ones is much smaller. Click the labels in the ribbon at the top to see source references for every mapping and procedural details for many: https://app.tidalcyber.com/share/9a0fd4e6-1daf-4f98-a91d-b73003eb2d6a

You can also catch the recording of last week’s session and slides with this and similar metrics & graphics on-demand here: https://www.brighttalk.com/webcast/19703/570527

#threatinformeddefense #TTP #risk

"Vice Society Ransomware Group Targets Manufacturing Companies"

#ViceSociety #Ransomware #Cyberattack #databreach
#CobaltStrike #PowerShell #IoC

https://www.trendmicro.com/en_us/research/23/a/vice-society-ransomware-group-targets-manufacturing-companies.html

Ouaip… je sais ce que c'est d'avoir une infra à moitié pété à reconstruire et revoir de fond en comble la sécurité.

https://www.bleepingcomputer.com/news/security/vice-society-ransomware-leaks-university-of-duisburg-essen-s-data/

#vicesociety #ransomware

🏴‍☠️💰 Record broken on January 16 with 12 #ransomware victims announced from #Hive #Blackbyte #Royal (x2) #ViceSociety #lockbit3 (x5) #Mallox and #Play groups

🔗 Source : https://www.ransomware.live

#cyberattack #Leak

Vice Society ransomware leaks University of Duisburg-Essen’s data
#Security #CyberSecurity #privacy #dataleak #databreach #hhtsecurity #Dataleakility #CyberAttack #CyberSec #cybercrime #DarkWeb #ViceSociety
https://www.bleepingcomputer.com/news/security/vice-society-ransomware-leaks-university-of-duisburg-essen-s-data/

#GBR #cyberattack Pates Grammar School und weiter Schulen von #ViceSociety #Ransomware betroffen. Tracked bei @Heimschule76@twitter.com
https://www.bbc.com/news/uk-england-gloucestershire-63637883

Last week we have observed 37 events across 15 countries and attributed them to 9 ransomwares.
The top targeted country was #UnitedStates and the most targeted sector was #HigherEducation.
The ransomware #ViceSociety has been busy with 8 new events (22%)!

Vice Society releases info stolen from 14 UK schools, including passport scans
#Security #CyberSecurity #privacy #dataleak #databreach #hhtsecurity #Dataleakility #CyberAttack #CyberSec #cybercrime #DarkWeb #ViceSociety
https://www.darkreading.com/attacks-breaches/vice-society-releases-info-stolen-uk-schools-passport-scans

Here's a look at which #ransomware leak sites were the most active during the first week of 2023!

1️⃣​ #ViceSociety
2️⃣​ #PlayRansomware
3️⃣​​ #Lockbit

🔗​ Dashboard Source Code:
https://github.com/colincowie/LeakSiteAnalytics/

ℹ️​ Data provided via RansomWatch

#ThreatIntel #CTI

Vice Society listed BART on their ransomware blog.
#bart #ransomware #vicesociety

#vicesociety entering 2023 swinging - image from Darkfeed.io #bart #ransomware

New #PolyVice #ViceSociety branded #Ransomware sample uploaded on VT
Ext: .v1cesO0ciety
Ransom Note: AllYFilesAE!

URL --> https://www.virustotal.com/gui/file/1df9b68a8642e6d1fcb786d90a1be8d9633ee3d49a08a5e79174c7150061faa8/details

Mails:
876505846904@onionmail[.]org
316186524106@onionmail[.]org
v-society.official@onionmail[.]org

Tor:
vsociethok6sbprvevl4dlwbqrzyhxcxaqpvcqt5belwvsuxaxsutyad[.]onion
vsocietyjynbgmz4n4lietzmqrg2tab4roxwd2c2btufdwxi6v2pptyd[.]onion
ssq4zimieeanazkzc5ld4v5hdibi2nzwzdibfh5n5w4pw5mcik76lzyd[.]onion
wmp2rvrkecyx72i3x7ejhyd3yr6fn5uqo7wfus7cz7qnwr6uzhcbrwad[.]onion
ml3mjpuhnmse4kjij7ggupenw34755y4uj7t742qf7jg5impt5ulhkid[.]onion
fuckcisanet5nzv4d766izugxhnqqgiyllzfynyb4whzbqhzjojbn7id[.]onion
fuckfbrlvtibsdw5rxtfjxtog6dfgpz62ewoc2rpor2s6zd5nog4zxad[.]onion

Cyber attacks set to become ‘uninsurable’, says Zurich chief: https://www.ft.com/content/63ea94fa-c6fc-449f-b2b8-ea29cc83637d

My comment: Making ransom payments uninsurable is not likely to reduce the likelihood of k-12 entities becoming victims -- at least not based on what #ViceSociety and #Hive have said to me. They don't even check insurance before deciding whether to attack a victim.

#ransomware #cyberinsurance #cyberattack #infosec #cybersecurity #EduSec

@douglevin @brett

#ViceSociety #ransomware gang is using a custom locker
https://securityaffairs.co/wordpress/139924/cyber-crime/vice-society-ransomware-custom-locker.html
#securityaffairs #hacking #malware