Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Hot Cybercrime Trend: Enterprise-Scale Ransomware Hits

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of how cybercriminals are ditching banking Trojans in favour of ransomware attacks.

Pay2Key Ransomware Hits Israeli Targets

Data Breach Today

Check Point Researchers Uncovered New Malware Strain Security analysts at Check Point Research are warning about a recently uncovered ransomware strain called Pay2Key that is primarily targeting Israeli firms

Blackbaud Ransomware Victim Count Climbing

Data Breach Today

Health Data Breach Tally Shows Impact of Vendor Breach The May ransomware attack on cloud-based fundraising database management vendor Blackbaud continues to rack up victims in the healthcare sector.

Ransomware Knocks Out Voter Database in Georgia

Data Breach Today

7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. Report: Hall County Continuing to Restore Systems An Oct.

RansomEXX Ransomware Can Now Target Linux Systems

Data Breach Today

Kaspersky: Malware Goes Beyond Windows Devices Researchers at Kaspersky have uncovered a Linux version of the RansomEXX ransomware that until now had targeted only Windows devices. The ransomware has been tied to several high-profile attacks over the last several months

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Ransomware ransomware Tyler Technologies tylertech.com

Qbot Banking Trojan Now Deploying Egregor Ransomware

Data Breach Today

Researchers: Attacks Linked to Egregor Have Increased Since September The operators behind the Qbot banking Trojan are now deploying a recently uncovered ransomware variant called Egregor to target organizations across the world, according to researchers with Group-IB

Ransomware Reportedly Hits Ventilator Maker

Data Breach Today

Incident Reflects Threats Facing Those Involved in COVID-19 Response A manufacturer of transit communication systems that pivoted to build ventilators during the COVID-19 pandemic is reportedly the latest victim of the DoppelPaymer ransomware gang

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. ” Ransomware Cryptolocker Eversheds Sutherland Evgeniy Mikhailovich Bogachev Evil Corp.

Gaming Company Confirms Ragnar Locker Ransomware Attack

Data Breach Today

Capcom Says Over 350,000 Customer, Business Records Possibly Compromised Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records potentially compromised, including sales and shareholder data.

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Suspecting a ransomware attack, Diebold said it immediately began disconnecting systems on that network to contain the spread of the malware. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware

Ransomware Gang Devises Innovative Extortion Tactic

Data Breach Today

Ragnar Locker's Facebook Ad Stunt a Harbinger of New Approaches The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom.

Latest Ransomware Trends: Lessons to Learn

Data Breach Today

Learning From Difficult Recoveries and Advice in Government Alerts As ransomware attacks on the healthcare sector continue to surge, entities should heed the lessons emerging from these incidents as well as the advice provided in alerts from government agencies, security experts say

Botnet Operators Drop Banking Trojans for Ransomware

Data Breach Today

From St. Louis to France, Ransomware Victim List Expands

Data Breach Today

Among the Causes: Hit Against Managed.com Website Hosting Giant Ransomware continues to pummel many types of organizations, recently including South Korea's E-Land retail group, French newspaper Paris-Normandie and a Georgia county school system.

Retail 192

FBI Warns of Uptick in Ragnar Locker Ransomware Activity

Data Breach Today

Bureau Says the Attacks Are Hitting Many Sectors The FBI has sent out a private industry alert warning about increasing attacks using Ragnar Locker ransomware.

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. “Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline,” Carmakal said. On Monday, Oct.

Ransomware Payday: Average Payments Jump to $178,000

Data Breach Today

Coveware: Average Ransom Paid Jumps 60%; Sodinokibi, Maze, Phobos Dominate Ransomware gangs continue to see bigger payoffs from their ransom-paying victims, driven by "big-game hunting," data exfiltration and smaller players seeking larger returns, according to ransomware incident response firm Coveware.

Negotiating with Ransomware Gangs

Schneier on Security

Thus, the decision whether to pay or ignore a ransomware demand, seems less of a legal, and more of a practical, determination ­ almost like a cost-benefit analysis. When confronted with a ransomware attack, the options all seem bleak. Uncategorized ransomware risk assessment

Ransomware: IT Services Firm Faces $60 Million Recovery

Data Breach Today

France's Sopra Steria Was Hit By Previously Unseen Version of Ryuk Ransomware French IT services firm Sopra Steria, which was hit with Ryuk ransomware in October, now estimates that the attack could cost the company up to $60 million in recovery costs.

Ransomware Attack Targets Baltimore County Public Schools

Data Breach Today

Security Incident Affecting School District's Virtual Classes Officials with the Baltimore County Public Schools are investigating a ransomware attack that distributed virtual learning for students this week.

More Ransomware Gangs Threaten Victims With Data Leaking

Data Breach Today

22% of Ransomware Incidents Now Involve Data Exfiltration, Investigators Find Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through.

Avaddon Ransomware Joins Data-Leaking Club

Data Breach Today

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Currently, more than a dozen ransomware crime gangs have erected their own blogs to publish sensitive data from victims. Ransomware ransomware

Ransomware Attack Will Costs French IT Services $60 Million

Data Breach Today

Sopra Steria Was Hit By Previously Unknown Version of Ryuk Ransomware French IT services firm Sopra Steria, which was hit with Ryuk ransomware in October, is estimating that the attack will cost the company around $60 million in recovery costs

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Another Threat Group Joins Ransomware Extortion Racket

Data Breach Today

FireEye: 'FIN11' Deploys Clop Ransomware A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant

5 Key Features of Ransomware Mitigation

Data Breach Today

Ransomware attacks are on the rise, and they are increasingly destructive. What, then, should enterprises look for in a ransomware mitigation solution? Nasuni's John Bilotti and Barrie Kuza detail five key qualities to seek

REvil ransomware operators are recruiting new affiliates

Security Affairs

REvil Ransomware (Sodinokibi) operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to demonstrate their willingness to involve new affiliates. SecurityAffairs – hacking, REvil ransomware).

Ransomware Bites 400 Veterinary Hospitals

Krebs on Security

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA said it discovered the ransomware outbreak on the morning of Sunday, Oct.

Ransomware + Exfiltration + Leaks = Data Breach

Data Breach Today

Data-Leaking Extortionists' Revised Playbook Goes Way Beyond Ransomware Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches

99 Ransomware Problems - and a Decryptor Ain't One

Data Breach Today

Criminals Keep Finding New Ways to Make Ransomware Victims Pay With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one.

How WastedLocker Evades Anti-Ransomware Tools

Data Breach Today

Sophos Says Malware Designed to Avoid Security Measures WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos

Iranian Hacking Group Suspected of Deploying Ransomware

Data Breach Today

ClearSky: 'MuddyWater' APT Linked to Attacks Targeting Israel, Others A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports

Ransomware: Cybercrime Public Enemy No. 1

Data Breach Today

Criminal Innovation and Underreporting by Victims Hampering Response Ransomware has emerged as the No. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." 1 online threat targeting public and private organizations this year. Meanwhile, many victims fail to report such crimes to police

Ransomware: Would Banning Ransom Payments Mitigate Threat?

Data Breach Today

Here's Why Stopping the Extortion Epidemic Isn't Easy As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases.

Ransomware Danger: Russian-Speaking Gang Targets Russians

Data Breach Today

So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list

Lazarus Group Reportedly Now Wielding Ransomware

Data Breach Today

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky