U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DoppelPaymer ransomware gang leaked Hall County, Georgia, voter info

The DoppelPaymer ransomware operators have released data that was stolen from Hall County, Georgia earlier this month. The DoppelPaymer ransomware operators have published online data that was stolen from Hall County, Georgia earlier this month. The attack took place on October 7, it hit Hall County, in the northern part of the state and it […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

The DoppelPaymer ransomware operators have released data that was stolen from Hall County, Georgia earlier this month.

The DoppelPaymer ransomware operators have published online data that was stolen from Hall County, Georgia earlier this month.

The attack took place on October 7, it hit Hall County, in the northern part of the state and it disabled the county’s voter signature database.

The ransomware attack hit a Georgia county government and disabled a database used to verify voter signatures in the authentication of absentee ballots. It is a common process to validate absentee ballots sent by mail by analyzing signatures.

The media pointed out that this is the first reported case of a ransomware attack against a system used in the incoming 2020 Presidential election.

Ransomware attacks could have a dramatic impact on the elections, they could disrupt voting systems and raise doubts about the validity of the vote.

While the media reported that the ransomware operators leaked stolen data on their dark web leak site to force the organization to pay the ransom, Hall County stated that there was no indication that the hackers stole any unencrypted data before encrypting the systems.

“At this time, there is no evidence to show that citizen or employee data has been compromised. However, citizens and employees are encouraged to take precautionary measures to monitor and protect their personal information,” Hall County stated.

The DoppelPaymer ransomware gang finally published over 1 GB of files stolen from Hall County systems and revealed that 2,464 devices were encrypted during the attack.

DoppelPaymer ransomware Hall County
Source Bleeping Computer

According to Bleeping Computer, The dump includes election documents, lobby comment cards, 911 spreadsheets, accounting and financial records.

“The election documents reviewed by BleepingComputer contain ballot proofs, poll worker lists, administrative documents, accounting and financial records, and city bulletins.” reported Bleeping Computer. “Also included are voter registration records containing resident’s voter registration ID, full name, address, and assigned ballot, which is, for the most part, public information.”

Most of the information leaked is public, but can be exploited by threat actors to carry out malicious activities against voters.

Recently the US government revealed that Iran-linked hackers were behind voter intimidation emails that were sent to Democrats in Florida and Alaska that pretended to be from the far-right Proud Boys group.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – DoppelPaymer ransomware, Hall County)

[adrotate banner=”5″]

[adrotate banner=”13″]