Payroll/HR Giant PrismHR Hit by Ransomware?

Krebs on Security

PrismHR , a company that sells technology used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack that is disrupting many of its services.

Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Data Breach Today

Prolific Ransomware Can 'Spread Automatically' Inside Networks, CERT-FR Warns Prolific Ryuk ransomware has a new trick up its sleeve. "A

Arrest, Seizures Tied to Netwalker Ransomware

Krebs on Security

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The victim shaming site maintained by the NetWalker ransomware group, after being seized by authorities this week.

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

How Conti Ransomware Works

Data Breach Today

Researchers Analyze the Severe Threat the Malware Poses Conti ransomware, which emerged eight months ago, poses a severe threat, according to Cybereason's Nocturnus Team, which offers an in-depth analysis of how the malware works

Lazarus Group Tied to TFlower Ransomware

Data Breach Today

Sygnia Researchers Say Hackers Using Their MATA Framework to Deliver Malware The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware using its MATA malware framework, security firm Sygnia reports

Whirlpool Hit With Ransomware Attack

Data Breach Today

Nefilim Ransomware Gang Takes Responsibility, Posts Allegedly Stolen Data The major appliances giant Whirlpool acknowledges it was hit with a ransomware attack in November, with the cyber gang Nefilim taking responsibility for the cyber incident and claiming to have stolen company data

Ransomware Attack's Economic Impact: $67 Million

Data Breach Today

Universal Health Services' Financial Statement Spells Out the Effects In an eye-opening look at the cost burden of a ransomware attack, Universal Health Services reports that an incident last September had a $67 million economic impact - citing, for example, the need to divert patients to competing facilities for urgent care.

Ransomware Profitability

Schneier on Security

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Ransomware is now an established worldwide business. Uncategorized crime cryptocurrency ransomware

Fonix Ransomware Gang Shuts Down Operations

Data Breach Today

Hackers Release Master Decryptor Key The Fonix ransomware gang has closed down its operations and has released a decryptor key, according to Malwarebytes and Kaspersky.

New Ryuk ransomware implements self-spreading capabilities

Security Affairs

French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks. The ransomware generates every possible IP address on local networks and sends them an ICMP ping.

Ryuk Ransomware Profits: $150 Million

Data Breach Today

Researchers Track Funds in 61 Cryptocurrency Wallets Researchers say cryptocurrency wallets used by the operators behind the Ryuk ransomware strain and the gang's affiliates hold more than $150 million

Blackbaud Ransomware Victim Count Climbing

Data Breach Today

Health Data Breach Tally Shows Impact of Vendor Breach The May ransomware attack on cloud-based fundraising database management vendor Blackbaud continues to rack up victims in the healthcare sector.

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Ransomware ransomware Tyler Technologies tylertech.com

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

Payment card processing giant TSYS suffered a ransomware attack earlier this month. The gang claims the data published so far represents just 15 percent of the information it offloaded from TSYS before detonating its ransomware inside the company.

Ransomware Attack Delays EHR Rollout

Data Breach Today

Vermont Health Network Postpones Next Phases The lingering aftershocks of an October ransomware attack and ongoing COVID-19 response challenges are forcing the University of Vermont Health Network to delay the next phases of an enterprisewide electronic health record rollout

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Suspecting a ransomware attack, Diebold said it immediately began disconnecting systems on that network to contain the spread of the malware. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware

Ransomware: Should Governments Hack Cybercrime Cartels?

Data Breach Today

Banning Ransom Payments and Unleashing Offensive Hacking Teams Being Mooted With ransomware continuing to fuel a massive surge in illicit profits, some experts have been calling on governments to launch offensive hacking teams to target cybercrime cartels.

Ransomware: Average Ransom Payment Declines to $154,108

Data Breach Today

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. ” Ransomware Cryptolocker Eversheds Sutherland Evgeniy Mikhailovich Bogachev Evil Corp.

Ransomware Knocks Out Voter Database in Georgia

Data Breach Today

7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. Report: Hall County Continuing to Restore Systems An Oct.

Ransomware Protection in 2021

eSecurity Planet

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Ransomware types.

Russian Hackers Deploy New Ransomware Variant

Data Breach Today

Kaspersky Says RTM Group Attempts Extortion The Russian hacker group RTM is deploying a new ransomware variant dubbed "Quoter" along with a banking Trojan as part of an extortion campaign, according to the security firm Kaspersky

Ransomware Bites 400 Veterinary Hospitals

Krebs on Security

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA said it discovered the ransomware outbreak on the morning of Sunday, Oct.

Pay2Key Ransomware Hits Israeli Targets

Data Breach Today

Check Point Researchers Uncovered New Malware Strain Security analysts at Check Point Research are warning about a recently uncovered ransomware strain called Pay2Key that is primarily targeting Israeli firms

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Currently, more than a dozen ransomware crime gangs have erected their own blogs to publish sensitive data from victims. Ransomware ransomware

Bitdefender releases free decrypter for Darkside ransomware

Security Affairs

Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. The decrypter seems to work for all recent versions of the Darkside ransomware. SecurityAffairs – hacking, ransomware).

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Security Affairs

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. The research dives deep into the global ransomware outbreak in 2020 and analyzes major players’ TTPs (tactics, techniques, and procedures).

Ransomware Reportedly Hits Ventilator Maker

Data Breach Today

Incident Reflects Threats Facing Those Involved in COVID-19 Response A manufacturer of transit communication systems that pivoted to build ventilators during the COVID-19 pandemic is reportedly the latest victim of the DoppelPaymer ransomware gang

Ransomware Attack Cripples Finnish IT Provider TietoEVRY

Data Breach Today

Incident Disrupted Service to 25 Customers Finnish IT giant TietoEVRY announced Tuesday that ransomware crippled its infrastructure, forcing it to take down affected systems to contain the spread of the malware

RansomEXX Ransomware Can Now Target Linux Systems

Data Breach Today

Kaspersky: Malware Goes Beyond Windows Devices Researchers at Kaspersky have uncovered a Linux version of the RansomEXX ransomware that until now had targeted only Windows devices. The ransomware has been tied to several high-profile attacks over the last several months

Fueled by Record Profits, Ransomware Persists in New Year

Data Breach Today

Increasing Ransomware Varieties and Attack Volume Look Set to Continue, Experts Warn Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay.

Darkside Ransomware Gang Launches Affiliate Program

Data Breach Today

Using Affiliates Enables Crowdsourced Profits, But Leaves Operators More Exposed Darkside is the latest ransomware operation to announce an affiliate program, in which a ransomware operator maintains crypto-locking malware and a ransom-payment infrastructure, while crowdsourced and vetted affiliates find and infect targets.

Ransomware Disrupts Scottish Environment Protection Agency

Data Breach Today

Conti Gang Claims Credit for Christmas Eve Attack and Data Exfiltration The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages, and warns that ransom-demanding attackers also stole some data.

Fueled by Profits, Ransomware Persists in New Year

Data Breach Today

Increasing Ransomware Varieties and Attack Volume Look Set to Continue, Experts Warn Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay.

Canon: Ransomware Attack Exposed Employee Data

Data Breach Today

Company Finally Acknowledges Earlier Incident Exposed Corporate Information Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including employee information, such as Social Security numbers and financial account numbers

CISOs on Ransomware and Malicious Insiders

Data Breach Today

Learn What To Do About These Threats In Your Organization View this webinar OnDemand to learn about the rise of targeted ransomware attacks and the difficulties in stopping them

Ransomware: Call Centers Cold-Call Victims to Demand Ransom

Data Breach Today

Such Specialization Highlights Ransomware Operators' Increasing Business Savvy Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable.