vicesociety attacks Corferias
Incident Date:
April 28, 2022
Overview
Title
vicesociety attacks Corferias
Victim
Corferias
Attacker
Vicesociety
Location
First Reported
April 28, 2022
Corferias Suffers Ransomware Attack
Corferias, a leading event and fair organization in Colombia, has been targeted by the ransomware group vicesociety. The attack was announced on the group's dark web leak site, and the victim's website is corferias.com. Corferias operates in the Business Services sector and has been in operation for over 66 years, offering a wide range of fairs, events, and services.
Company Profile
Corferias is a significant player in the event and fair industry in Colombia, with a portfolio of over 66 years of experience. They offer a variety of experiences for families, expositors, and businesses, as well as event organization services. The company has a strong presence in Bogotá, Barranquilla, and Medellín, and hosts a significant number of fairs, events, and visitors annually.
Vulnerabilities
The specific vulnerabilities that led to the ransomware attack on Corferias are not publicly disclosed. However, ransomware attacks often exploit unpatched software, weak passwords, or phishing emails to gain access to a system. It is essential for organizations to maintain good cyber hygiene habits, such as regular vulnerability scanning, patching, and updating software, and maintaining offline, encrypted backups of data.
Response and Mitigation
Corferias, like any organization targeted by ransomware, should follow best practices for responding to such attacks. This includes reporting the incident to federal law enforcement via IC3 or a Secret Service Field Office, requesting technical assistance, and providing information to help others. Additionally, they should maintain offline, encrypted backups of data and regularly test their backups.
The ransomware attack on Corferias highlights the need for organizations to remain vigilant against cyber threats and to implement robust security measures to protect their systems and data.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.