AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/28/2023

Ukraine claims cyber operation against Russian aviation agency 

Ukraine’s defense intelligence directorate has claimed it carried out a successful cyber operation against Russian government’s civil aviation agency, also known as Rosaviatsia. The agency reported November 23 that as a result of the hack, it obtained “a large volume of confidential documents,” including a list of daily reports from Rosaviatsia spanning more than a year and a half. The agency didn’t reveal any technical details of what it called a “complex special operation in cyberspace,” nor when it was conducted. Rosaviatsia hasn’t responded to a request for comment. 


Meta routinely ignored reports of kids under 13 on Instagram, states allege 

It has never been a big secret that underage kids use social networks like Instagram and Facebook despite the Meta-owned platforms’ rule that every user be at least 13 years old. But while the company says publicly that it does what it can to remove kids’ accounts, US states suing Meta say they have evidence that the company routinely ignores reports of underage users. “Within the company, Meta’s actual knowledge that millions of Instagram users are under the age of 13 is an open secret that is routinely documented, rigorously analyzed and confirmed, and zealously protected from disclosure to the public,” said a newly unredacted complaint released last week. 


Ransomware attack on indie game maker wiped all player accounts 

A ransomware attack on the “Ethyrial: Echoes of Yore” MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. Ethyrial: Echoes of Yore is a free-to-play old-school MMORPG developed by indie game publisher ‘Gellyberry Studios.’ The title is available on Steam as an ‘Early Access’ release, meaning it is still in an early development phase and relies on monthly subscriptions and community support to continue its development. 



Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. It is a for-profit health system with a focus on acquiring, managing, and improving hospitals. Ardent Health Services is known for providing a range of healthcare services, including acute care, specialty care, and community health services. Through its subsidiaries, Ardent owns and operates 30 hospitals and 200+ sites of care with more than 1,400 aligned providers in six states. The healthcare provider disclosed that it has suffered a ransomware attack on November 23. In response to the incident, the company took its network offline and suspended all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs. 


Hackers Hijack Industrial Control System at US Water Utility 

The Municipal Water Authority of Aliquippa in Pennsylvania has confirmed that hackers took control of a system associated with a booster station over the weekend, but said there was no risk to the water supply. The company provides water and sewer services to more than 6,600 customers in Aliquippa and portions of Hopewell, Raccoon and Potter Townships. A representative of the water utility told KDKA-TV that the compromised system is associated with a booster station that monitors and regulates water pressure for Raccoon and Potter Townships. 


Police dismantle ransomware group behind attacks in 71 countries 

In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries. The cybercriminals paralyzed major corporations’ operations in attacks using ransomware such as LockerGoga, MegaCortex, HIVE, and Dharma. Roles within this criminal network varied significantly: some members breached IT networks, while others reportedly helped launder the cryptocurrency payments made by victims to decrypt their files. 

Related Posts