Software Archives - ICSSTRIVE

SoftProject GmbH Reports Ransomware Attack

July 21, 2023

SoftProject GmbH was the target of a ransomware attack on its data center. According to available findings, part of SoftProject GmbH’s application landscape was encrypted. The forensic audits to date have revealed no evidence of a data leak. The detected malware “CryTox” is only used for encryption. The office domain of SoftProject GmbH’s administrative location was not part of the attack. According to current knowledge, there was no data leakage here either. SoftProject GmbH is working on putting the systems back into operation and carrying out further forensic analyses.

The incident was immediately and properly reported. SoftProject offers products and services for digitizing and automating business processes in all industries

Ransomware Attack at Constellation Software; ALPHV Steals over 1TB Data

April 3, 2023

Constellation Software confirmed some of its systems were breached. “The Incident was limited to a small number of systems related to internal financial reporting and data storage”. “The independent IT systems were not impacted by this Incident in any way.” It had contained the attack and restored the IT infrastructure systems impacted. Business partners and individuals whose information was stolen are being contacted.

Constellation Software acquires, manages, and builds software businesses through six operating groups: Volaris, Harris, Jonas, Vela Software, Perseus Group, and Topicus.

German Software Provider Bismarck Suffers Data Leak

January 23, 2023

On January 23, media reports suggested that Bitmarck, an IT service provider for
German health insurance companies, had suffered a data leak. A cybercrime group
reportedly extracted data from the company’s Jira project management and
databases and put it up for sale. There is no indication that any personal health
data was exposed.

Entire Data Centers Taken Offline at Giant German IT Service Provider Bitmarck

April 30, 2023

Bitmarck, one of the largest IT service providers within Germany’s statutory health insurance system, announced on Sunday it had taken all of its customer and internal systems offline due to a cyberattack.

Bitmarck, which employs around 1,600 people, said that the customer and internal systems were

Taking these services offline impacts a range of individuals and organizations associated with Bitmarck’s services, particularly those who rely on the company to issue electronic sickness certificates used in Germany to pay employees’ leave. Bitmarck also warned that pharmacies it works with may also experience technical problems.

In its statement, the company said disruptions were likely to continue “for the foreseeable future,” as entire data centers were taken offline and restarting these was likely to be accompanied by temporary service failure.

“We very much regret the inconvenience caused to our customers, service providers and insured persons and are working to restore the systems as quickly as possible,” the company stated.

Hack at Largest Taxi Service in Russia Caused Chaos in Moscow Traffic

September 1, 2022

In a bizarre incident, hackers broke into the ride-hailing service provider Yandex Taxi’s software and sent dozens of cars to the same location, resulting in a traffic jam that lasted for three hours. According to cyber experts, the hackers bypassed Yandex’s security and generated several fake requests that directed drivers to simultaneously drive to the same location.

The Twitter page of Anonymous TV claimed that the hacking group Anonymous was behind the data breach. The Anonymous collective is part of a large-scale hacking campaign against Russia, called ‘OpRussia’.

Cyberattack takes DNV’s Maritime Vessel and Fleet Management Software Offline.

January 7, 2023

DNV confirms it has taken its ShipManager software product offline after the services’ IT servers had been the victim of a cyberattack. DNV reports that it has advised customers. In response to the incident the company shut down ShipManager’s IT servers.

ShipManager is a software solution used by shipping companies to oversee the technical, operational, and compliance aspects involved in vessel and fleet management.

UPDATE: Approximately 1.000 ships of 70 maritime operators were affected by a ransomware
attack reports the Computer Emergency Response Team for the EU institutions.

Cyberattack attack at Boeing Subsidiary Causes Widespread Flight Disruptions

November 2, 2022

Jeppesen, a wholly-owned Boeing subsidiary that provides navigation and flight planning tools, confirmed on Thursday that it is dealing with a cybersecurity incident that has caused some flight disruptions. Receipt and processing of so-called notice to air missions, which inform pilots and airlines about potential hazards during flights, have also been impacted. Flying with an expired GPS or inaccurate navigation data can be dangerous.

Boeing has declined to comment on what caused the cyberattack or the full scope.

Ransomware Attack Disrupts Tyler Technologies’ Operations.

September 23, 2020

Leading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted its operations.

Bleepingcomputer reports that local government employees were told by MISAC (Municipal Information Systems Ass.) that Tyler Technologies suffered a ransomware attack affecting their phone ticketing system and support systems.

Winnti attack on Valve

January 1, 2018

Consequences not disclosed. ARD, a public broadcaster reported that company had been attacked by a group associated with Chinese government with malware which allows attackers to access victims network remotely.