Incidents involving malware or ransomware. In some cases, incidents called “ransomware” do not involve any locking but merely hack, exfiltrate, and attempt to extort.
How many times have the government and intel firms warned us that decryptors provided by ransomware gangs do not always work and a significant percentage of victims wind up not recovering all their files even though they paid the ransom? Here’s another example from The Register, where an unnamed victim company paid the Hazard ransomware […]
From the Cleveland FBI: On August 12, FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Since its inception in August 2023, Radar/Dispossessor has quickly developed […]
When Henry Schein was hit by AlphV/BlackCat last year and didn’t pay, the threat actors hit them again. The Cyber Express reports: Prominent dental and medical equipment provider Henry Schein has lowered its annual profit and growth forecast, owing to a series of cyberattacks last year. Reuters reported that the company’s shares (HSIC) were down 7.3% to […]
Following up on recent reports that threat actors were capitalizing on the CrowdStrike glitch by using phishing attacks to obtain credentials or spread malware, CrowdStrike reported yesterday: On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis […]
Another ransomware attack on a government agency shuts down services. The Los Angeles Times reports: The Los Angeles County Superior Court, the biggest trial court in the country, remained closed Monday as it sought to recover from a ransomware attack on its systems, officials said. The attack was detected Friday and doesn’t appear to be […]
More than 6,000 operations and appointments have been postponed at London hospitals affected by the Synnovis cyber attack, NHS England has confirmed. Digital Health reports that on 4 July 2024, NHSE published an update on the ransomware attack. The update indicated that 4,913 acute outpatient appointments and 1,391 elective procedures have been postponed at King’s […]
Alleged LockBit Developer Created and Operated Most Prolific Ransomware Variant Under Aliases “LockBit” and “LockBitSupp”; U.S State Department Offers Reward Up to $10M; U.S. Department of Treasury Designates LockBit Administrator for Sanctions The U.S. Justice Department unsealed charges today against a Russian national for his alleged role as the creator, developer, and administrator of the […]
Marco A. De Felice reports: Another significant data breach looms for United Healthcare (UHC), involving patient documents belonging to its Optum financial assistance program and its subsidiary Change Healthcare. In recent hours, the ransomware group Medusa has claimed on its website, within Tor networks, the cyberattack on the servers of Northeast Ohio Neighborhood Health (NEON), a company providing healthcare services headquartered in Cleveland, […]
Data Breach Today reports: A Midwest operator of nursing homes has filed for bankruptcy, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. See Also: Take Inventory of Your Medical Device Security Risks SC Healthcare Holdings LLC, which operates as […]
‘I don’t see it happening’: CISA chief dismisses ban on ransomware payments
Despite some calls to ban ransomware payments in hopes that criminals will abandon financially motivated ransomware attacks, finding a way to get everyone to comply with any such ban has seemed challenging, to say the least, and there has been a lot of pushback. Now, one more expert with clout has suggested that the idea […]