#vicesociety — Public Fediverse posts

Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign https://www.securityweek.com/microsoft-revokes-over-200-certificates-to-disrupt-ransomware-campaign/ #VanillaTempest #certificates #ViceSociety #Ransomware #disrupted #Microsoft #Rhysida

Microsoft Disrupts Vanilla Tempest Campaign Using Fraudulent Code-Signing Certificates https://thecyberexpress.com/microsoft-disrupts-vanilla-tempest-campaign/ #ThreatIntelligenceNews #ThreatIntelligence #VanillaTempest #FirewallDaily #ThreatActors #ViceSociety #Ransomware #CyberNews

IP cluster linking ransomware activity and Eye Pyramid C2
#EyePyramid #RansomHub #Rhysida #ViceSociety
https://www.intrinsec.com/wp-content/uploads/2025/04/TLP-CLEAR-IP-cluster-linking-ransomware-activity-and-Eye-Pyramid-C2-EN.pdf

ViceSociety revendique une attaque informatique avec exfiltrations de données relatives aux activités de 🇫🇷 CAFPI SAS (cafpi.fr) #france #vicesociety #credits #ransomware #courtages #orias #market #immobiliers #clients #cnil #assurances #gdpr #prets #customers #commercial #financements #business #mandataires #agences #rgpd #banking #achats #hypothéques #money #data #smart #management #courtiers #online #digital #services #informatique

Vice Society revendique une attaque informatique à l'encontre de 🇺🇸 CommScope Holding Company, Inc (commscope.com) #usa #telecom #ransomware #networks #vicesociety #infrastructure #provider #employees #technologies #careers #digital #software #future #threats #products #numérique #commercial #broadband #fiber #campus #manufacturers #support #cloud #hardware #devices #intelligence #business #engineers #brands #smart #systems #edge #firms #innovative #healthcare #partnership #industry #databreach #equipments #cellular #market #antennas #spectrum #services #cables #assets #amplifiers #solutions #wireless #informatique

🇺🇸 Vice Society diffuse des données relatives aux activités de Berkeley County Schools (berkeleycountyschools.org) #usa #education #ransomware #students #teachers #tax #scholars #vicesociety #solutions #digital #educational #parents #virtual #district #enrollment #management #learning #sales #campus #systems #idtheft #threats #employees #community #teachers #superintendent #databreach #technologies #academics #informatique

ViceSociety revendique des attaques informatiques à l'encontre de:

• 🇺🇸 Bristol Community College (bristolcc.edu)

• 🇦🇹 EGR (egr.at)

• 🇪🇨 Seguros Equinoccial (segurosequinoccial.com)

• 🇬🇧 NPTC Group of Colleges (nptcgroup.as.uk)

• 🇧🇪 Scheppersinstituut Wetteren (scheppers-wetteren.be)

• 🇨🇦 TechInsights (techinsights.com)

• 🇮🇹 Società Italiana Brevetti S.p.A. (sib.it)

#usa #canada #italy #uk #belgium #ecuador #education #ransomware #vicesociety #líder #teachers #community #campus #databreach #financial #vehículos #services #students #electronics #antennen #employees #diritto #konzepte #tuition #payments #digital #leistungen #shops #kundenservice #products #automatie #web #chemie #elektrische #online #microelectronics #actividades #smart #threats #grades #inteligente #portal #insights #balances #college #siniestros #telekommunikation #elektronica #systems #electrónico #virtual #competitivo #careers #mobilfunk #retails #semiconductors #technologies #brevetti #analysis #digital #mercado #telefonische #fysica #autotechnieken #courses #karriere #sanitair #market #robotics #direktvertrieb #innovative #coberturas #webapi #equipayment #business #póliza #cyberaanval #mercati #mobile #consultas #produkte #competitive #autoconectado #property #application #consumers #laws #firms #facturación #serviceleistungen #productos #patents #seguros #electrónica #riesgos #fiduciaros #automation #wiskunde #tecnología #industriële #piattaforma #asistencias #admissions #soluzioni #belgique #italie #informatique

With #Hive ransomware infrastructure taken down last week and speculation of similar action against #LockBit, which groups will likely take the “top” #RaaS spots in the first part of the year? If you don’t track #ransomware-as-a-service closely, you may not realize how many other groups regularly carry out attacks (or at least claim & extort victims publicly)

Since the takedown on Thursday, five RaaS groups have claimed nearly 30 victims publicly, with LockBit 3.0, #Clop, and #ViceSociety leading the pack. In our ransomware landscape briefing last week, a participant asked which group concerned us most into the new year. My answer is “most” seen in the slide here (but if I had to narrow, I choose LockBit in the short-term, and Vice Society in the medium/longer term)

Last week I argued that many, if not most, of the “top” groups (measured quickly by last year’s victim count) should be on most security teams’ radars. While there are some notable trends in victim sectors, like a relative increase in attacks on public services organizations, in general most of the leading groups are associated with a broad range of victim verticals (a similar trend holds for victim size too – a relative rise in mid-sized organizations, but still a notable number of large enterprises like in years past)

Rather than burn resources trying to track each new victim associated with each group every day, there is value in identifying top common tactics, techniques, & procedures among groups with generally similar motivations & victim patterns, and focusing response drills, defensive reinforcements, log source & detection tuning, and, where resources allow, unit testing or adversary simulation or emulation around that subset of TTPs

Our living matrix of top ransom & extortion group #TTPs is found here, covering nearly 30 groups and 175 techniques, although the cluster of top common ones is much smaller. Click the labels in the ribbon at the top to see source references for every mapping and procedural details for many: https://app.tidalcyber.com/share/9a0fd4e6-1daf-4f98-a91d-b73003eb2d6a

You can also catch the recording of last week’s session and slides with this and similar metrics & graphics on-demand here: https://www.brighttalk.com/webcast/19703/570527

#threatinformeddefense #TTP #risk

🇺🇸 Vice Society revendique une attaque informatique à l'encontre de Monmouth College (monmouthcollege.edu) #usa #education #liberal #ransomware #enrolment #careers #digital #students #virtual #institution #private #vicesociety #learning #management #programs #solutions #educational #campus #infrastructure #school #databreach #sports #graduate #diplomas #families #employees #academics #threats #services #athletics #support #classroom #informatique

"Angriff mit #Schadsoftware - #Daten der Uni Duisburg-Essen im #Darknet aufgetaucht"

"Nachdem #Hacker zunächst .. Systeme der Universität .. lahmgelegt hatten, erhöhen sie .. Druck + stellen erbeutete Daten ins Netz. #Lösegeld will .. Hochschule aber nicht bezahlen."

".. steckt hinter dem Angriff die Hacker-Truppe »#ViceSociety«."

".. Hochschule war innerhalb weniger Wochen zweimal Ziel eines ..angriffs .."

https://www.spiegel.de/netzwelt/web/universitaet-duisburg-essen-daten-nach-hackerangriff-im-darknet-aufgetaucht-a-82dfcdcb-a766-47d8-b95b-f0ba4154d570

#Datensicherheit #Datenschutz #Cybersecurity #UDE

17.1.2023

🏴‍☠️💰 Record broken on January 16 with 12 #ransomware victims announced from #Hive #Blackbyte #Royal (x2) #ViceSociety #lockbit3 (x5) #Mallox and #Play groups

🔗 Source : https://www.ransomware.live

#cyberattack #Leak

Les opérateurs Vice Society revendiquent une attaque informatique à l'encontre de 🇩🇪 University of Duisburg-Essen (uni-due.de) #germany #education #ransomware #vicesociety #campus #databreach #students #programs #scholar #threats #educational #software #degrees #numérique #schools #services #diplomas #families #management #careers #digital #graduate #virtual #employees #allemagne #informatique

https://www.uni-due.org/udeoffline/wiederaufbau-der-it-infrastruktur/

🇺🇸 Les opérateurs Vice Society revendiquent une attaque informatique à l'encontre de Central Texas College (ctcd.edu) #usa #education #ransomware #vicesociety #scholar #campus #staff #programs #threats #scholar #virtual #management #families #software #degrees #numérique #services #careers #databreach #students #schools #military #eagle #members #vocational #degrees #online #veterans #educational #diplomas #digital #employees #graduate #informatique

Here's a look at which #ransomware leak sites were the most active during the first week of 2023!

1️⃣​ #ViceSociety
2️⃣​ #PlayRansomware
3️⃣​​ #Lockbit

🔗​ Dashboard Source Code:
https://github.com/colincowie/LeakSiteAnalytics/

ℹ️​ Data provided via RansomWatch

#ThreatIntel #CTI

Les opérateurs Vice Society revendiquent des attaques informatiques à l'encontre de:

• 🇩🇪 LetMeRepair GmbH (letmerepair.com)

• 🇬🇧 City Lit (citylit.ac.uk)

• 🇺🇸 San Francisco Bay Area Rapid Transit District (bart.gov) https://infosec.exchange/@brett/109644893406217674

• 🇬🇧 Park View (parkview.haringey.sch.uk)

#uk #germany #usa #education #ransomware #schools #business #fleets #enterprise #statement #digital #vaccinations #contractors #curriculum #staff #parents #careers #students #threats #virtual #learning #vicesociety #community #employees #members #consultants #trains #scholar #databreach #customers #sales #systems #presales #products #electronics #parking #maintenance #mobility #devices #board #university #fiscal #laptops #emergencies #equipment #software #stations #escalators ️#safety #transportation #services #policy #teachers #budget #management #pupils #networks #intercom #transport #electronics #providers #support #offices #robotics #repair #trips #telecoms #printers #online #shop #smartphones #clients #tracks #consumer #computers #logistics #departures #informatique

Les opérateurs Vice Society revendiquent des attaques informatiques à l'encontre de:

• 🇵🇭 Duty Free Philippines (dfp.com.ph)

• 🇬🇧 Swift Academies (swiftacademies.org.uk)

#uk #philippines #education #ransomware #students #systems #networks #curriculum #financial #vicesociety #governance #staff #digital #pupils #future #databreach #boards #parents #canteens #courses #dutyfree #schools #classroom #academics #employees #family #virtual #scholar #careers #teachers #business #future #threats #vacancies #training #shops #market #stores #travel #commercial #community #informatique

🇪🇸 Les opérateurs Vice Society revendiquent une attaque informatique à l'encontre de Feu Vert (feuvert.es) #spain #ransomware #automotive #vicesociety #especialistas #financial #databreach #digital #mantenimiento #entretiens #commercial #employees #online #services #vehículos #business #services #retails #réparation #neumáticos #mecánicos #stores #reparación #équipement #mobilité #bicicletas #eléctricas #equipment #market #informatique

🇺🇸 Les opérateurs Vice Society revendiquent une attaque informatique à l'encontre de Cincinnati State (cincinnatistate.edu) #usa #education #services #ransomware #college #office #campus #cyber #vicesociety #teachers #staff #courses #family #partners #certificates #academics #bachelors #management #employees #future #board #scholar #community #degree #admissions #careers #coursework #databreach #students #threats #outage #training #informatique

Analyzing #TTP overlap for nine top #ransomware

This originates from analysis of ransomware targeting schools, but most of these families have threatened a range of critical infrastructure & other industries too

Each ransomware covered here has published extortion threats involving a school or university during the past year, and this trend is increasing. I tallied 66 ransomware extortion threats against these #education entities since last October. A few groups dominate (see pie chart), and victim count jumped especially high in recent months for schools (K-12) (see bar chart).

The #malware covered here (and count of associated extortion threats against education entities) are: #ViceSociety (25), #Pysa (8), #LockBit 3.0 (7), #ALPHV / #BlackCat (6), LockBit 2.0 (5), #Hive (4), #BianLian (3), #Quantum, Snatch (2), & #Conti, #REvil, Sabbath, and Stormous (1 each). Also #HelloKitty / #FiveHands, which is used by Vice Society, but no relevant posts were observed.

Visual summary of my analysis: https://app.tidalcyber.com/share/8d9f212a-0312-4c2f-bba5-85ab7c7224c6

Overall the nine ransomware map to 131 unique techniques total, sourced from 30 recent public reports, mainly malware analysis & government advisories ("Show only labelled techniques" gives the best view). The underlines & numbers in the cells indicate number of malware mapped to that technique. Background color gradient represents number of sources referencing it. This tool helps with pivoting to defenses and analytics (think Sigma rules), offensive tests (Atomic Red Team), and data sources (make sure you have proper logging enabled) mapped to the same techniques.
#threatintel #SharedWithTidal

🇬🇧 Les opérateurs Vice Society revendiquent l'attaque informatique à l'encontre de Samuel Ryder Academy (samuelryderacademy.co.uk) #uk #education #ransomware #systems #staff #family #university #management #internet #community #cyber #vicesociety #coursework #future#study #scholar #schools #digital #planning #board #campus #numérique #departments #parents #students #databreach #technologies #classroom #international #online #school #classes #empire #research #admissions #academics #threats #library #learning #careers #informatique

🇬🇧 Les opérateurs Vice Society revendiquent l'attaque informatique à l'encontre de SOAS University of London (soas.ac.uk) #uk #education #ransomware #academics #campus #international #departments #research #vicesociety #careers #university #students #threats #parents #cyber #empire #admissions #systems #future#classes #learning #internet #school #online #digital #library #technologies #board #management #planning #staff #scholar #family #coursework #community #classroom #databreach #schools #threats #study #informatique

Les opérateurs Vice Society revendiquent l'attaque informatique à l'encontre de 🇺🇸 Sierra College (sierracollege.edu) #usa #education #ransomware #vicesociety #campus #cyber #classes #learning #online #internet #support #academics #services #threats #teachers #mobile #courses #careers #parents #email #planning #smart #application #board #management #students #staff #databreach #school #department #family #partners #city #community #classroom #district #scholar #coursework #schools #informatique

🇬🇧 Les opérateurs Vice Society revendiquent une attaque informatique à l'encontre de Frances King School of English (francesking.com) #uk #ransomware #learning #online #internet #threats #students #databreach #lessons #intensive #staff #vicesociety #flexitime #cyber #standard #teachers #courses #academics #language #tourism #travel #insurance #community #payments #english #culture #family #schools #foreigners #programme #business #examination #school #preparation #marketing #partners #intensive #corporate #careers #planning #management #informatique

Les opérateurs Vice Society revendiquent l'attaque informatique à l'encontre de 🇪🇸 Vygon España (vygon.es) appartenant à 🇫🇷 Vygon Group #france #spain #campus #productos #healthcare #crioterapia #ransomware #certification #medical #threats #services #compliant #care #formación #databreach #smart #médico #hospital #market #customers #vicesociety #certificado #health #clinical #safety #industrial #innovative #medical #pumps #subsidiary #technologies #engineers #corporate #patients #components #ginecología #products #urgencias #material #quirúrgico #sanitarias #paediatrics #business #espagne #informatique