SecureWorld News

JULY 7, 2022

United States government agencies recently released a joint Cybersecurity Advisory (CSA) providing information on how North Korean state-sponsored threat actors are actively using Maui ransomware to attack healthcare organizations. What is Maui ransomware? The advisory reminds organizations that the U.S.

Healthcare 73

Healthcare Ransomware Encryption Government 73

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare 114

Healthcare Ransomware Encryption Passwords 114

Security Affairs

APRIL 14, 2020

Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e. AgentTesla ). Attackers used a spoofed address mimicking the World Health Organization (noreply@who[.]int)

Healthcare 115

Healthcare Ransomware Phishing Government 115

Malwarebytes

JANUARY 11, 2024

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.

Ransomware 97

Ransomware Healthcare Encryption Technology 97

Security Affairs

JANUARY 9, 2024

The LockBit ransomware gang claimed responsibility for the cyber attack on the Capital Health hospital network. The LockBit ransomware operation has claimed responsibility for the cyberattack that hit the Capital Health hospital network in November 2023. Unfortunately, Lockbit affiliates continue to target healthcare organizations.

Ransomware 104

Ransomware Healthcare Encryption Cyber Attacks 104

SecureWorld News

FEBRUARY 29, 2024

Change Healthcare, a major provider of IT services to hospitals, continues to battle the BlackCat ransomware syndicate. The FBI and CISA have labeled BlackCat one of the most prolific and damaging ransomware groups currently active. By attacking key healthcare IT infrastructure, the ripple effects spread widely.

Healthcare 93

Healthcare Ransomware Cyber threats Encryption 93

Security Boulevard

JUNE 8, 2022

Ransomware Trends Show Lockbit Most Active, New Tactics, Healthcare Hit Hard. LockBit replaced Conti as the most active ransomware gang and continued to evolve its operations in the first quarter, according to a report (PDF) from KELA Cybercrime Intelligence. Another notable Ransomware trend: new methods of intimidation.

Healthcare 52

Healthcare Ransomware Encryption Cybercrime 52

CyberSecurity Insiders

NOVEMBER 29, 2022

First is the news related to Southampton County of Virginia, as information is out that personal information of many county populaces was stolen in a ransomware attack that occurred in September 2022. Lorenz Ransomware spreading gang focused more on public sector companies from February 2021 to October 2022.

Ransomware 109

Ransomware Healthcare Encryption Cybercrime 109

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. The threat actors demand the payment of 3.5

Ransomware 113

Ransomware Backups Encryption Healthcare 113

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.

Antivirus 108

Antivirus Insurance Ransomware Healthcare 108

Security Affairs

JULY 29, 2021

The cyber threat landscape change continuously, recently two new ransomware-as-service (RaaS) operations named BlackMatter and Haron made the headlines. Recently, two new ransomware gangs, named BlackMatter and Haron, announced the beginning of the operations. “Haron ransomware was first discovered in July 2021. .

Ransomware 137

Ransomware Cybercrime Encryption Architecture 137

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Extension: blacksuit.

Ransomware 95

Ransomware Healthcare Encryption Manufacturing 95

Security Affairs

OCTOBER 15, 2023

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. The group is known to have a role for its affiliated that prohibits attacking healthcare organizations.

Ransomware 124

Ransomware Healthcare Data breaches Cyber Attacks 124

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.”

Healthcare 257

Healthcare Backups Ransomware Insurance 257

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 289

Ransomware Backups Encryption Internet 289

SecureWorld News

NOVEMBER 2, 2023

The global rise of ransomware attacks over the last several years has become an urgent concern, as cybercriminals relentlessly target organizations and individuals, demanding exorbitant ransoms for the release of vital encrypted data. By refusing to pay ransoms, the coalition aims to degrade the lucrative ransomware ecosystem.

Ransomware 87

Ransomware Financial Services Healthcare Cyber threats 87

SecureWorld News

OCTOBER 24, 2022

Cybersecurity Infrastructure Security Agency (CISA) have issued a joint cybersecurity advisory with information about "Daixin Team," a cybercrime group actively targeting U.S. businesses with ransomware and data extortion operations. The biggest target is the Healthcare and Public Health (HPH) sector, according to the advisory. "As

Ransomware 69

Ransomware VPN Healthcare Cybercrime 69

Krebs on Security

DECEMBER 16, 2019

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. The message displayed at the top of the Maze Ransomware public shaming site. Follow the news!”

Ransomware 211

Ransomware Data breaches Healthcare Cybercrime 211

Malwarebytes

JANUARY 9, 2024

Ransomware groups are liars, yes, but even when these dangerous cybercriminals would ransack organizations and destroy entire companies, a few select groups espoused a sort of “honor among thieves.” But, as can be expected from ransomware groups, these were nothing but lies. How to avoid ransomware Block common forms of entry.

Ransomware 84

Ransomware Passwords Backups Healthcare 84

Security Affairs

JULY 28, 2021

BlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. SecurityAffairs – hacking, ransomware).

Ransomware 124

Ransomware Architecture Healthcare Encryption 124

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. ” reads the alert.

Ransomware 91

Ransomware Healthcare Antivirus Encryption 91

Malwarebytes

JULY 8, 2022

One of the biggest problems in the cybercrime section of the report relates to backups. The most obvious one of those would be ransomware. Assuming the attackers don’t just vanish into the night, the business may decide to pay the ransom and recover the encrypted files. Backups in Brazil: An uphill struggle.

Encryption 116

Encryption Backups Cybercrime Ransomware 116

Security Affairs

AUGUST 5, 2021

The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the other ransomware operations that do the same are REvil , RansomExx/Defray , Mespinoza , HelloKitty , and Babuk.

Ransomware 138

Ransomware Encryption Healthcare Cybercrime 138

Security Affairs

SEPTEMBER 14, 2023

LockBit ransomware group breached two hospitals, the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York. The Lockbit ransomware group claims to have hacked two major hospitals, the Carthage Area Hospital and Claxton-Hepburn Medical Center. Other ransomware attacks recently hit US hospitals. million).

Ransomware 107

Ransomware Healthcare Cyber Attacks Hacking 107

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware 79

Ransomware Cybercrime Cryptocurrency Telecommunications 79

Security Affairs

MARCH 24, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The time-lapse between initial access to a network and the encryption of the systems can last from hours to days. Secret Service.”

Ransomware 88

Ransomware Encryption Healthcare Cyber threats 88

Security Affairs

SEPTEMBER 13, 2021

Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Technology 117

Technology Ransomware Computers and Electronics Cybercrime 117

SecureWorld News

JANUARY 4, 2023

In a surprising turn of events, the ransomware gang responsible for targeting Toronto's SickKids Hospital has apologized for the attack and offered a free decryptor to the hospital. It was then two days after this statement that LockBit decided to reverse course on the ransomware attack. RELATED: Royal Ransomware Targeting U.S.

Ransomware 73

Ransomware Healthcare InfoSec Cybercrime 73

Security Affairs

JANUARY 16, 2023

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. The typical size of the BianLian ransomware executable is around 2 MB.”

Ransomware 93

Ransomware Malware Antivirus Encryption 93

Security Affairs

MAY 10, 2021

FBI confirmed that the attack against the Colonial Pipeline over the weekend was launched by the Darkside ransomware gang. Federal Bureau of Investigation confirmed that the Colonial Pipeline was shut down due to a cyber attack carried out by the Darkside ransomware gang. This is an unprecedented tactic in the cybercrime ecosystem.

Ransomware 138

Ransomware Energy and Utilities Healthcare Cybercrime 138

Security Affairs

MAY 4, 2023

The City of Dallas, Texas, was hit by a ransomware attack that forced it to shut down some of its IT systems. The IT systems at the City of Dallas, Texas, have been targeted by a ransomware attack. However, CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. Source J.D.

Ransomware 94

Ransomware Healthcare Education Encryption 94

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. ” continues the report.

Ransomware 105

Ransomware Surveillance Healthcare Accountability 105

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations.

Ransomware 138

Ransomware Hacking Malware Encryption 138

Security Affairs

MAY 17, 2023

The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks.

Ransomware 77

Ransomware Healthcare Cybercrime Encryption 77

Security Affairs

AUGUST 27, 2022

Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa. Trend Micro researchers recently discovered a new piece of targeted ransomware, tracked as Agenda, that was written in the Go programming language. ” reads the report published by Trend Micro.

Ransomware 97

Ransomware Encryption Accountability Antivirus 97

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware.

Ransomware 110

Ransomware VPN Encryption Cybercrime 110