Connect with us

Press Release

After discontinuing support for ransom payments, insurer AXA was attacked by ransomware.

Published

on

After discontinuing support for ransom payments, insurer AXA was attacked by ransomware.

A ransomware cyber assault has targeted the Thai, Malaysian, Hong Kong, and Philippine branches of the world’s largest insurance company, AXA.

The Avaddon ransomware organisation claimed yesterday, as reported by BleepingComputer, that it had stolen 3 TB of private data from AXA’s Asian operations.

Additionally, AXA’s international websites were down yesterday for a while due to a Distributed Denial of Service (DDoS) attack, according to BleepingComputer.

The group claims that the compromised data collected by Avaddon includes copies of ID cards, bank account statements, claim forms, payment records, contracts, claim forms for customers that reveal their sexual health diagnosis, and more.

The group’s statement follows AXA’s revelation that it would no longer cover ransomware extortion payments when underwriting cyber-insurance plans in France.

Asian AXA offices are targeted by a ransomware organisation.
The ransomware organisation Avaddon took responsibility for the attack on AXA’s offices in Asia yesterday.

The group also asserted that there was a DDoS attack ongoing against AXA’s websites hosted in Thailand, Malaysia, Hong Kong, and the Philippines:

The Avaddon ransomware gang initially made the threat to launch DDoS assaults to take down victims’ websites or networks until they get in touch and start negotiating to pay the ransom in February 2021.

When ransomware gangs started deploying DDoS assaults against their victims as an extra point of leverage in October 2020, BleepingComputer became the first publication to report on this new development.

About a week after AXA announced that payment for ransomware extortion settlements would no longer be included in their cyber-insurance policies sold in France, Avaddon announced the attack on AXA’s infrastructure.

Avaddon started dumping part of the stolen data on their leak site yesterday, as seen by BleepingComputer, even if the exact date of the incident remains unknown.

Avaddon also threatened to expose AXA’s priceless records if the insurance firm didn’t get in touch with them and work with them within 10 days.

The gang asserts to have obtained 3 TB of AXA data, which includes:

client medical records (including those containing sexual health diagnosis)
customer claims payments to consumers’ bank accounts scanned records content only available to hospitals and physicians (private fraud investigations, agreements, denied reimbursements, contracts)
Identity cards, passports, and other forms of identification

AXA: Access to data by a Thai partner only, “No Evidence”
AXA responded when approached by BleepingComputer as follows:

A recent targeted ransomware assault on Asia Assistance affected its IT operations in Thailand, Malaysia, Hong Kong, and the Philippines.

As a result, someone was able to access some data handled by Inter Partners Assistance (IPA) in Thailand.

“At this time, there is no proof that any additional data was accessed in Thailand beyond IPA.”

“The incident is being investigated by a dedicated taskforce that includes outside forensic experts. Partners in business and regulators have been informed.”

According to an AXA spokesman, “AXA takes data privacy very seriously and will take the appropriate procedures to notify and help all corporate clients and people impacted” if IPA’s investigations reveal that sensitive data of any persons have been affected.

The incident’s timing is interesting in light of this week’s FBI and Australian Cyber Security Centre (ACSC) alerts on ongoing Avaddon ransomware assaults aimed at enterprises from a wide range of industries in the US and around the world.

Attackers who use ransomware on enterprises continue to expand and interrupt many operations while demanding extortionate ransom payments.

The DarkSide cyberterrorist organisation recently requested $5 million to reactivate the Colonial Pipeline infrastructure.

Additionally, just this week, BleepingComputer reported that a $20 million ransomware demand was made on Ireland’s Health Services.

Press Release

Rajshree Game Play Result

Published

on

Rajshree Game Play Result

If you are searching to find Play Rajshree Video Game Outcome? After that, you can find several sites here that provide in-depth information.

Results Chart for the Playrajshree Lottery game online
RAJSHREE-J. 09:00 AM: 9033: 9123: 9272: 9389: 9452: 9503: 9671: 9722: 9827: 9948: It is completely forbidden to buy lottery tickets using this website in jurisdictions where lotteries are outlawed. To play the online lottery, you must be at least 18 years old.

http://www.playrajshree.com/QuickLink/ResultChart.aspx
DSDIR, Rajshri Play Game Result
Rajshree Lottery is a fun online game where you can view the results every 15 and 20 minutes as of Mar. 13, 2022. The age requirement to play this game is 18. Good luck today. Any adult can play the online game Rajshree Lottery.

Rajshri Play Game Result


Game Rajashri to play
Welcome to play the Rajashri Lottery at Draw Time: 10:00 AM on Draw Date: 10-03-2022: Golden (GA 60-69) ShubhLaxmi (SA 20-29). The current time is: 07:06:34 PM on 10-03-2022.

https://playrajashrilott.com/
Rajshree Result – DSDIR to play
Results Chart – PLAY ONLINE PLAYRAJSHREE LOTTERY GAME. RAJSHREE-J. Mar. 12, 2022. 09:00 AM: 9033: 9123: 9272: 9389: 9452: 9503: 9671: 9722: 9827: 9948: It is completely forbidden to buy lottery tickets using this website in jurisdictions where lotteries are outlawed.

Play Rajshree Result


Goa Lottery Rajshree Results – Lottery Results
Mar. 11, 2022 The Rajshree Lottery is held daily in Goa, and the results are reported below in the table. The top prize-winning ticket and the sum earned are displayed. You can check your tickets here to see if you won the top prize in the Rajshree lottery or any of the other levels. You can also check the top reward for previous drawings.

https://www.lotto.in/goa/rajshree-results
Findings – GOA Star
Summary of the results: Golden A Game, Subhlaxmi A Game, and Rajshree A Game.

https://playrajshreegoa.com/
Results Sheet for Rajshri’s Victory
In the states where lotteries are illegal, buying lottery tickets through our website is strictly forbidden. To play the online lottery, you must be at least 18 years old.

http://playrajshriwin.com/result.php
Results from the Rajshree Lottery
Rajshree Lottery is an online game that you can play for entertainment purposes; the results are updated every 15 and 20 minutes. The age requirement to play this game is 18. Good luck today. Rajshree Lottery is an internet game that any adult can play for free. No upfront payment is necessary.

https://www.rajshreelottery.co.in/
Application Rajshree Lottery Results – Google Play
This Rajshree Lottery Sambad is unofficial and has no affiliation with any State Lottery Result Board as of October 29, 2021. We simply gathered these findings from open-source third-party websites, and we urge you to double-check them against officially released data.

https://play.google.com/store/apps/details?

id=loteryresulraj
Rajshree Outcome
Play the Rajshree lottery, Rajshree lottery, best lottery, lottery, play the Rajshree lottery result, and Rajshree lottery result. Draw time for the Rajshree Sikkim Lottery is today at 3:00 AM.

https://www.rajshree10.com/current-draw.php
The sources mentioned above should be able to provide you with information on the Play Rajshree Game Result. If not, you can contact me through the comments.

Continue Reading

Press Release

You become infected with RedLine malware through fake Windows 11 upgrade installers.

Published

on

You become infected with RedLine malware through fake Windows 11 upgrade installers.

Users of Windows 10 have begun to get phoney Windows 11 upgrade installers, tricking them into downloading and running RedLine stealer software.

The attacks took place at the same time that Microsoft announced the broad deployment phase for Windows 11. As a result, the attackers were well-prepared for this move and waited for the ideal time to maximise the effectiveness of their operation.

As the most extensively used password, browser cookie, credit card, and cryptocurrency wallet information thief at the moment, RedLine stealer infections can have serious negative effects on the victims.

The initiative

The attackers exploited the “windows-upgraded.com” domain for the malware distribution portion of their campaign, according to HP experts who have detected this effort.

When a visitor selected the “Download Now” button on the website, a 1.5 MB ZIP archive with the name “Windows11InstallationAssistant.zip” was downloaded directly from a Discord CDN. The website looks to be an official Microsoft website.

Decompressing the file yields a folder with a size of 753MB and a remarkable compression ratio of 99.8%, which was made possible by the executable’s inclusion of padding.

An encoded parameter starts a PowerShell process when the victim runs the programme in the folder.

A.jpg file is then retrieved from a distant web server when a cmd.exe process with a 21-second timeout has finished running.

The DLL in this file is organised in reverse, maybe to avoid detection and analysis.

The first process then loads the DLL and swaps it out for the current thread context. That DLL is a RedLine stealer payload that uses a TCP connection to communicate with the command-and-control server to receive instructions on what malicious operations should be performed next on the recently compromised system.

Outlook
Nothing prevents the actors from registering a new domain and continuing their campaign even though the distribution site is currently unavailable. In fact, it’s quite likely that this is already taking place in nature.

Due to hardware compatibility issues, many Windows 10 customers are unable to download Windows 11 via the official distribution channels. Malware operators see this as a great opportunity to recruit new victims.

The strategies disclosed by HP are not surprising at this time, as threat actors are also use Windows’ legitimate update clients to execute malicious code on compromised Windows systems, as BleepingComputer discovered in January.

Remember that these risky websites are advertised through forum postings, posts on social media, and instant messages, so only rely on the official Windows upgrade system alerts.

Continue Reading

Press Release

THE ANALYSIS RESULTS THAT THE OPENCV-BASED FACIAL RECOGNITION MODEL AS USED BY EXAM MONITORIO FAILS TO RECOGNIZE BLACK FACES MOST OF THE TIME (TODD FEATHERS/VICE).

Published

on

THE OPENCV-BASED FACIAL RECOGNITION MODEL

Analysis finds that an OpenCV-based facial recognition model used by exam monitoring software Proctorio fails to recognize Black faces more than 50% of the time — A student researcher has reverse-engineered the controversial exam software—and discovered a tool infamous for failing to recognize non-white faces.

Continue Reading

Trending