Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware. Among the group's known victims are Wolfe Eye Clinic in Iowa and Salud Family Health of Colorado.
As the U.S. celebrates Thanksgiving, let's give thanks for this cybercrime karma: For more than two years, law enforcement and security experts have been exploiting flaws in the crypto-locking malware to help victims decrypt their systems without paying a ransom.
Researchers say Black Basta is dropping QBot malware in a widespread ransomware campaign targeting mostly U.S.-based companies. In the group's latest campaign, attackers are again using the QakBot to install a backdoor and then drop in encryption malware and other malicious code.
The stark consequences of ransomware became painfully clear in Australia this week as attackers began releasing data from health insurer Medibank, one of the country's largest health insurers. Also, leaked chat logs reveal how the attackers accessed Medibank's systems.
Who is attempting to extort Australian health insurer Medibank? Why did Medibank tell its attackers it wouldn't pay a ransom? Will this deter future cyber extortionists? Here are a few thoughts on the high cybercrime drama playing out.
Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
Tributes are being paid to Vitali Kremez, who has died at the age of 34 in a suspected scuba-diving accident. The renowned threat intelligence expert, born in Belarus, had long tracked Russian cybercrime syndicates and was part of an ad hoc group established to counter ransomware and help victims.
Many ransomware-wielding attackers - including big-name groups - have been collectively shooting themselves in the foot by resorting to "amateur" tactics, including decryptors that fail to decrypt as well as gangs re-extorting the same victims. Cue fewer victims opting to pay a ransom.
Threat actors are using Internet Information Services - Microsoft's extensible web server software - to deliver a previously undocumented dropper that is being used to install a new backdoor and other tools. The group dubbed Cranefly uses a new backdoor called Danfuan, researchers say.
Elon Musk lugged a sink into Twitter headquarters to announce his takeover of the social network. But it will take more than a porcelain prop for the richest person in the world to successfully surmount the cybersecurity, legal, disinformation, regulatory and other challenges facing Twitter.
One of Australia's largest private testing laboratories announced a data breach affecting 223,000 Australians. Ransomware-as-a-service group Quantum took credit for the incident, posting an 86-gigabyte file in June. "There is no evidence of misuse of any of the information," says Medlab Pathology.
Healthcare entities need to rehearse breach response playbooks to avoid paying fines to the Department of Health and Human Services for poor incident response after a severe breach. Well-tested security incident response plans ensure the security of patient data, says the HHS Office of Civil Rights.
Health insurer EyeMed Vision Care will pay New York regulators $4.5 million to settle an investigation into its 2020 data breach incident. States are becoming more aggressive in applying enforcement actions against data breaches, say regulatory attorneys.
Cybereason has abandoned its IPO plans altogether and hired JPMorgan Chase to find a buyer, The Information reported Friday. Why is Cybereason no longer poised to make it to the IPO Promised Land? An unfavorable competitive environment and a muddled go-to-market strategy provide some clues.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.