Vice Society: A tale of victim data exfiltration via PowerShell, aka stealing off the land

Threat actors (TAs) using built-in data exfiltration methods like LOLBAS negate the need to bring in external tools that might be flagged by security software and/or human-based security detection mechanisms. These methods can also hide within the general operating environment, Read More …

Vice Society Ransomware Group Targets Manufacturing Companies

The Vice Society ransomware group made headlines in late 2022 and early 2023 during a spate of attacks against several targets, such as the one that affected the rapid transit system in San Francisco. Most reports have the threat actor Read More …

LAUSD says Vice Society ransomware gang stole contractors’ SSNs

Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors’ personal information, including Social Security Numbers (SSNs). LAUSD also revealed that the threat actors were Read More …

Vice Society ransomware gang switches to new custom encryptor

The Vice Society ransomware operation has switched to using a custom ransomware encrypt that implements a strong, hybrid encryption scheme based on NTRUEncrypt and ChaCha20-Poly1305. According to cybersecurity firm SentinelOne, which discovered the new strain and named it “PolyVice,” it’s Read More …

Vice Society ransomware claims attack on Cincinnati State college

The Vice Society ransomware operation has claimed responsibility for a cyberattack on Cincinnati State Technical and Community College, with the threat actors now leaking data allegedly stolen during the attack. The hackers posted a long list of documents on their Read More …

Ransomware gang leaks data stolen from LAUSD school system

Thousands of files apparently stolen last month in a ransomware attack on the Los Angeles Unified School District were released on the dark web over the weekend. The threat has been a major concern for the nation’s second-largest school district Read More …

Vice Society ransomware claims attack on Italian city of Palermo

The Vice Society ransomware group has claimed responsibility for the recent cyber attack on the city of Palermo in Italy, which has caused a large-scale service outage. The attack occurred last Friday, and all internet-relying services remain unavailable, impacting 1.3 Read More …