Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Ransomware attack hit the City of Johannesburg municipality

A new ransomware attack made the headlines, this time the victim is the City of Johannesburg municipality. A ransomware attack infected systems at the City of Johannesburg municipality shutting down the website, the e-services platform, and the billing system (SAP ISU and CRM). “The City of Johannesburg reported a breach of its network on Thursday night […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

A new ransomware attack made the headlines, this time the victim is the City of Johannesburg municipality.

A ransomware attack infected systems at the City of Johannesburg municipality shutting down the website, the e-services platform, and the billing system (SAP ISU and CRM).

“The City of Johannesburg reported a breach of its network on Thursday night and shut down its website and all e-services, hours after receiving a bitcoin ransom note from a group called the Shadow Kill Hackers.” states the Times Live.

“The hack occurred at the same time that several banks also reported internet problems believed to be related to cyber attacks.”

According to a ransom note, hackers also accessed to the information stored on the infected systems.

“The City of Johannesburg has detected a network breach which resulted in unauthorized access to its information systems,” reads the alert issued after the ransomware attack. 

“The incident is currently being investigated by City of Joburg cyber security experts, who have taken immediate and appropriate action to reinforce security measures to mitigate any potential impacts. As a result several customer facing systems – including the city’s website, e-services, billing system – have been shut down as a precaution.”

The city of Johannesburg municipality published alerted citizens via Twitter after several city employees received the ransom note.

“All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.” reads the ransom note.

The hackers demand the payment of 4 bitcoins by October 28 at 5pm, in case of failure they are threatening to leak the data online. At the time of writing, the City of Johannesburg did not pay the ransom.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ransomware attack, Johannesburgs)

[adrotate banner=”5″]

[adrotate banner=”13″]