Incidents involving malware or ransomware. In some cases, incidents called “ransomware” do not involve any locking but merely hack, exfiltrate, and attempt to extort.
Dark Reading reports: Medusa ransomware attacks are increasingly becoming a core tool for a threat group known as “Spearwing,” which has amassed hundreds of victims since 2023; nearly 400, in fact, have been listed on its leak site. The ransom demands when using Medusa ransomware range from $100,000 to a whopping $15 million, according to […]
CSO Online reports: In late February, healthcare organizations across the US started receiving extortion demands by mail claiming that their organization’s data had been stolen in a ransomware attack and giving them 10 days to respond. According to the letters, printed on paper and delivered in envelopes purporting to be from the BianLian ransomware group, […]
Dark Reading reports: Qilin, a Russian-speaking cybercrime group, has claimed responsibility for the cyberattack that impacted Lee Enterprises’ operations in early February. Lee Enterprises is one of the largest newspaper groups in the US, with publications in 72 markets, including The Buffalo News, Omaha World-Herald, and the Richmond Times-Dispatch. It filed a report last month with the SEC […]
Teiss reports: Harvard Pilgrim Health Care and its parent company, Point32Health, have reached a $16 million settlement to resolve claims arising from a 2023 ransomware attack that compromised the sensitive data of nearly three million individuals. The agreement follows multiple class action lawsuits that were consolidated into a single case in the U.S. District Court […]
Once again, it seems an internal – and perhaps politically driven – conflict in a ransomware gang has resulted in the leak of internal chats and information. TechCrunch reports: A trove of chat logs allegedly belonging to the Black Basta ransomware group has leaked online, exposing key members of the prolific Russia-linked gang. The chat […]
From a joint advisory by CISA and the FBI: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early […]
The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
Bleeping Computer reports: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. The arrested individuals, two men and two women, are Europeans […]
NDM News Network reports that Tata Technologies, a subsidiary of Tata Motors, is responding to a ransomware attack that resulted in the temporary suspension of some services: Tata Technologies is currently working to investigate the situation and reinforce its cybersecurity measures to prevent future disruptions and ensure the protection of its digital infrastructure. The company […]
