Police Push Free Decryptor for GandCrab Ransomware

Data Breach Today

But the ransomware gang appears to already be prepping a new version

Ransomware Claims to Fund Child Cancer Treatments

Data Breach Today

Separately, Texas City's Operations Disrupted by Crypto-Locking Ransomware Ransomware attacks continue, with the city of Del Rio, Texas, saying its operations have been disrupted by crypto-locking malware.

Texas Hospital Hit With Dharma Ransomware Attack

Data Breach Today

Altus Baytown Hospital Among Latest Healthcare Cyberattack Victims An attack on Altus Baytown Hospital in Texas is the latest ransomware incident reported to federal regulators as a health data breach. What other major ransomware incidents are impacting the healthcare sector

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Krebs on Security

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned.

Dharma Gang Pushes Phobos Crypto-Locking Ransomware

Data Breach Today

Crypto-Locking Kraken Ransomware Looms Larger

Data Breach Today

Ransomware-as-a-Service Operation Joins Forces With Fallout Exploit Kit A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn.

Two Iranians Charged in SamSam Ransomware Attacks

Data Breach Today

US Prosecutors Allege Pair Targeted More Than 200 Victims, Including Cities, Hospitals A federal grand jury has indicted two Iranians for allegedly waging SamSam ransomware attacks on more than 200 entities, including Atlanta and other municipalities and six healthcare organizations.

Ransomware Attacks: The Data Integrity Issues

Data Breach Today

Healthcare Incident Points to Possible 'Altered' Patient Data Data integrity issues can arise in the wake of a ransomware attack. Case in point: A California podiatrist practice hit by ransomware reports that patient files were possibly "altered" or "corrupted."

Texas Hospital Catches Dharma Ransomware Infection

Data Breach Today

Altus Baytown Hospital Among Latest Healthcare Cyberattack Victims An attack on Altus Baytown Hospital in Texas is the latest ransomware incident reported to federal regulators as a health data breach. What other major ransomware incidents are impacting the healthcare sector

GandCrab Ransomware: Cat-and-Mouse Game Continues

Data Breach Today

Free Decryptor Combats 'Aggressive' Ransomware-as-a-Service Provider A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month

GandCrab Ransomware Partners With Crypter Service

Data Breach Today

Gang's Cult Status and Marketing Savvy Belies Shoddy Attack Code, McAfee Says The notorious GandCrab ransomware-as-a-service gang has released the latest version of its crypto-locking malware, backed by crypter service and exploit toolkit partnerships.

GandCrab ransomware campaign targets Italy using steganography

Security Affairs

A newly discovered malware campaign leverages steganography to hide GandCrab ransomware in an apparently innocent Mario image. Security experts at Bromium have discovered a malware campaign using steganography to hide the GandCrab ransomware in a Mario graphic package.

SamSam ransomware continues to make damages. Call it targeted Ransomware

Security Affairs

According to the Symantec experts, the group behind the SamSam ransomware has continued to launch attacks against organizations during 2018. The SamSam ransomware is an old threat, attacks were observed in 2015 and the list of victims is long, many of them belong to the healthcare industry.

Ransomware Keeps Ringing in Profits for Cybercrime Rings

Data Breach Today

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack.

Fighting Ransomware

Schneier on Security

No More Ransom is a central repository of keys and applications for ransomware, so people can recover their data without paying. It's not complete, of course, but is pretty good against older strains of ransomware. encryption keys ransomware

The Long Run of Shade Ransomware

Security Affairs

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. Table 1: shade ransomware informations.

Suspected Ransomware Outbreak Disrupts US Newspapers

Data Breach Today

Tribune Media Suspects Ryuk Ransomware Hit Publishing and Production Systems Production of newspapers owned by Chicago-based Tribune Publishing have been disrupted after malware began infecting the company's publishing and printing systems. Tribune newspapers report that they appear to have been hit by crypto-locking Ryuk ransomware

Cryptojacking Displaces Ransomware as Top Malware Threat

Data Breach Today

Criminals' Quest for Cryptocurrency Continues If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. But while ransomware campaigns may be down, they're far from out

Obama-Themed Ransomware Also Mines for Monero

Data Breach Today

More Proof Cryptojacking Is Thriving: Crypto-Locking Malware Doubles as Miner Ransomware creators, having already created "themes" for their crypto-locking malware ranging from Pokemon and horror movies to princesses and Donald Trump, have now debuted "Barack Obama" ransomware.

Mining 164

Phishing, Ransomware Attacks Continue to Menace Healthcare

Data Breach Today

Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports.

Ransomware: A Pervasive, Evolving Threat

Data Breach Today

Leading the latest edition of the ISMG Security Report is an in-depth look at why ransomware remains a pervasive threat and how it's evolving. Also featured: updates on venture capital investments in cybersecurity and a study of vulnerabilities in industrial remotes

Anatova ransomware – Expert believe it will be a dangerous threat

Security Affairs

Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide. “During our continuous hunt for new threats, we discovered a new ransomware family we call Anatova (based on the name of the ransom note).

Ransomware Crypto-Locks Port of San Diego IT Systems

Data Breach Today

Port Remains Open and Accessible to Ships, Officials Say Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline.

Hospital Diverts Ambulances Due to Ransomware Attack

Data Breach Today

Latest Cyber Incident Spotlights Impact on Patient Care A ransomware attack that forced a Missouri medical center to divert ambulances carrying trauma and stroke patients to other facilities serves as reminder of the impact cyberattacks can have on healthcare delivery.

Ransomware Outlook: 542 Crypto-Lockers and Counting

Data Breach Today

Crypto-Lockers Remain Serious Threat Despite Recent Attack Volume Decline After spiking in 2017, the volume of attacks involving ransomware has since declined, but the malware still remains a potent threat.

Crabby Ransomware Nests In Compromised Websites

Data Breach Today

Cisco Warns of Dangers of Running Vulnerable Web Applications The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs.

Shipping Giant Cosco Hit by Ransomware Attack

Data Breach Today

Networks in 8 North and South America Countries Remain Offline A "local network breakdown" - reportedly caused by a ransomware infection - has led shipping giant Cosco to shut down networks for its offices in eight North America and South America countries while it scrubs and restores systems.

Stop the Presses: Don't Rush Tribune Ransomware Attribution

Data Breach Today

And even if it does prove to be a Ryuk ransomware attack, there's no proof yet that any particular nation state is behind the campaign, experts warn Nation States and Cybercrime Gangs Keep Blurring; Tools Alone Don't Equal Actors Don't rush to blame the printing outage at newspapers owned by Tribune Publishing on anything more than an organization failing to block a malware outbreak.

Scotland's Arran Brewery Slammed by Dharma Bip Ransomware

Data Breach Today

Ransomware Crypto-Locked via Domain Controller, Complicating Restoration Scotland's Arran Brewery fell victim to a Dharma Bip ransomware attack that infected its Windows domain controller and crypto-locked files and local backups, leading to the loss of three months' worth of sales data.

Atlanta's Ransomware Cleanup Costs Hit $2.6 Million

Data Breach Today

Money Would Have Been Better Spent on Prevention, Experts Say The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million, after a March attack froze corporate servers, employees' PCs and resident-facing portals.

Ransomware attack disrupted emergency rooms at Ohio Hospital System

Security Affairs

Ransomware attacks continue to threaten the healthcare industry, the last incident in order of time impacted the Ohio Hospital System. The good news is that no data was exposed due to the ransomware attack. Security Affairs – ransomware, Ohio Hospital System).

Responding to Ransomware Attacks: Critical Elements

Data Breach Today

Experts Provide Tips for Smoother Recoveries A Canadian home healthcare provider says it was able to recover from a recent ransomware attack without paying a ransom, but it had to revert to manual processes for several days.

Cloud Hosting Provider DataResolution.net hit by the Ryuk ransomware?

Security Affairs

The Cloud hosting provider Dataresolution.net was hit by a ransomware-based attack on Christmas Eve that took down its systems. The Ryuk ransomware recently crippled printing and delivery operations for major U.S.

New strain of Ransomware infected over 100,000 PCs in China

Security Affairs

It is interesting to note that this ransomware requests victims to pay 110 yuan (nearly Euro 14) in ransom through WeChat Pay. “On December 1, the first ransomware that demanded the “WeChat payment” ransom broke out in the country.

Alert: 'Ryuk' Ransomware Attacks the Latest Threat

Data Breach Today

Variant of Hermes Poses Major Risks, HHS Warns Organizations should be on guard for an attacks involving apparent variant of Hermes ransomware - dubbed Ryuk - that attempts to encrypt network resources.

LabCorp Still Recovering From Ransomware Attack

Data Breach Today

SamSam, Other Ransomware Still Menacing Healthcare Sector Medical testing laboratory firm LabCorp is still working to fully recover systems functionality nearly a week after a cyberattack that the company now claims involved "a new variant" of ransomware.

Recent Ransomware Incidents Serve Up Lessons

Data Breach Today

Experts Say Breaches Spotlight Business Associate Risks Two recent security incidents involving ransomware attacks on vendors serve as the latest reminders of the risks business associates pose to healthcare organizations.

Kraken ransomware 2.0 is available through the RaaS model

Security Affairs

The author of the infamous Kraken ransomware has released a new version of the malicious code and launched a RaaS distribution program on the Dark Web. version is being advertised on an underground forum and is available through a ransomware-as-a-service (RaaS) model.

Ransomware Recovery: Don't Make Matters Worse

Data Breach Today

The Impact of Missteps Can Be Substantial A recent incident involving a chronic care management company spotlights how paying a ransom to recover decryption keys from ransomware attackers can put sensitive data at additional risk.

Experts released a free Decryption Tool for GandCrab ransomware

Security Affairs

Good news for the victims of the infamous GandCrab ransomware, security experts have created a decryption tool that allows them to decrypts files without paying the ransom. “This tool recovers files encrypted by GandCrab ransomware versions 1, 4 and 5.”

Tools 109