16 August 2022

Argentina's Judiciary of Cordoba targeted with ransomware


Argentina's Judiciary of Cordoba targeted with ransomware

Argentina's Judiciary of Córdoba was forced to take down its IT systems following a ransomware attack allegedly conducted by operators behind the Play ransomware operation.

According to local media, the incident, which occurred on August 13, 2022, impacted the agency’s website, digital services and databases, making it “worst attack on public institutions in history.”

The Judiciary has confirmed that it has been targeted with ransomware and is now conducting an investigation together with cyber security experts and local authorities.

Although the Judiciary did not share the details of the intrusion, some news media reported that the attack involved a variant of the Play ransomware, first spotted in June 2022.

Like any other ransomware operation, the Play ransomware operators breach target networks and encrypt files appending the .PLAY extension.

It’s not clear at this point how the intruders managed to breach the Judiciary’s systems. One possible explanation could be that they obtained login credentials by phishing the agency’s employees using a list of employee email addresses, which was leaked as part of the Lapsus$ breach of Globant in March.


Back to the list

Latest Posts

Cyber security week in review: September 23, 2022

Cyber security week in review: September 23, 2022

The world in brief: Cryptomarket maker Wintermute robbed of $160M in a hack, old Python bug potentially affects 350,000 open-source projects, and more.
23 September 2022
Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

The vulnerable Python tarfile module is found extensively in frameworks created by Netflix, AWS, Intel, Facebook, Google and other software.
22 September 2022
Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

The researchers said they discovered three variants of malicious scripts hidden within GTM containers that function either as e-skimmers or as downloaders for installing e-skimmers.
21 September 2022