Ransomware Bites 400 Veterinary Hospitals

Krebs on Security

NVA said it discovered the ransomware outbreak on the morning of Sunday, Oct. 27, and soon after hired two outside security firms to investigate and remediate the attack. 27, the day some 400 veterinary hospitals were hit with the Ryuk ransomware.

Security Firm Prosegur Hit By Ryuk Ransomware

Data Breach Today

Incident May Have Disrupted Networked Security Cameras Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. VCPI) was hit by the Ryuk ransomware strain.

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. Ransomware rEvil Sodinokibi Synoptek

Election Security Program Aims to Mitigate Ransomware Risks

Data Breach Today

Department of Homeland Security to Help With Database Protections Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election.

Risk 254

Who’s Behind the GandCrab Ransomware?

Krebs on Security

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims.

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Krebs on Security

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned.

Ransomware Analysis: 'Shade' Surges; Other Trends Emerge

Data Breach Today

Researchers Explain Resurgence in Ransomware, Persistence of Exploit Kits Attacks tied to Shade ransomware continue to surge as part of an overall resurgence in ransomware, security researchers warn.

Analysis: The Latest Ransomware Trends

Data Breach Today

This edition of the ISMG Security Report features an analysis of the very latest ransomware trends. Also featured: Discussions of Microsoft's move to DNS over HTTPS and strategies for tackling IoT security challenges

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Krebs on Security

have been held hostage by a ransomware strain known as “ Robbinhood.” National Security Agency (NSA) and leaked online in 2017. “We took a look at it and found a pretty vanilla ransomware binary,” Stewart said.

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

Krebs on Security

A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. ” Ransomware The Coming Storm alex holden Hold Security Karen Christianson VCPI

Ransomware Hits B2B Payments Firm Billtrust

Krebs on Security

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. In an email sent to customers today, Billtrust said it was consulting with law enforcement officials and with an outside security firm to determine the extent of the breach.

B2B 194

Ransomware Attack Hit US Natural Gas Facility

Data Breach Today

CISA Alert: Incident Led to Two-Day Shutdown A ransomware attack on a U.S. natural gas compression facility led to a two-day shutdown of operations, according to an alert from the Cybersecurity and Infrastructure Security Agency

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

Krebs on Security

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. The message displayed at the top of the Maze Ransomware public shaming site.

Experts Warn: Targeted Ransomware Attacks to Surge

Data Breach Today

McAfee and Microsoft Analysts Review 'Ransomware as a Service' Trends Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

Krebs on Security

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Data Breaches iNSYNQ ransomware attack

Lawsuit Filed in Wake of Ransomware Attack

Data Breach Today

Patients Seek Damages, Citing Impact of Security Incident in New Jersey A lawsuit seeking class action status has been filed against a New Jersey healthcare organization in the wake of a ransomware attack last December in which the entity paid attackers an unspecified ransom to unlock its systems.

Most ransomware attacks take place outside the working hours

Security Affairs

Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. FireEye compiled the report using data from dozens of ransomware infections that it has investigated from 2017 to 2019.

Ransomware Bites Dental Data Backup Firm

Krebs on Security

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack.

Texas Pummeled by Coordinated Ransomware Attack

Data Breach Today

Cybercrime Campaign Counts 23 Victims - Mostly Local Government Entities State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning.

Operators behind Nefilim Ransomware threaten to release stolen data

Security Affairs

Operators behind a new piece of ransomware dubbed Nefilim have started threatening victims to release stolen data like other cybercrime gangs. A new ransomware dubbed Nefilim appeared in the threat landscape at the end of February, it borrows its code from other malware, the Nemty ransomware.

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Krebs on Security

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned.

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption.

Nemty ransomware “LOVE_YOU” malspam campaign

Security Affairs

Security experts uncovered an ongoing campaign delivering Nemty Ransomware via emails disguised as messages from secret lovers. Secret lover malspam delivers #Nemty #ransomware Nemty: 92.63.197[.]190/nnn.exe

Fingerpointing Over Baltimore's Ransomware Attack

Data Breach Today

The latest edition of the ISMG Security Report analyzes the "blame game" in the wake of a ransomware attack against the city of Baltimore. Also featured: Discussions of cyberthreats in the financial services sector and open source security concerns

EVRAZ operations in North America disrupted by Ryuk ransomware

Security Affairs

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. According to ZDnet, the systems at the company have been infected with a strain of the Ryuk ransomware.

Did GandCrab Gang Fake Its Ransomware Retirement?

Data Breach Today

Evidence Mounts That Sodinokibi Ransomware Is GandCrab Gang's 'Retirement' Plan Did the gang behind GandCrab fake its retirement?

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend.

SNAKE Ransomware is targeting business networks

Security Affairs

A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks. Snake Ransomware was first detected by researchers from MalwareHunterTeam last week and analyzed it with the support of the popular malware analysts Vitali Kremez.

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns

Threatpost

Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns. Malware Bitcoin DoppelPaymer Dridex malware Microsoft microsoft security Parinacota ransom ransomware Ransomware Attack ryuk

CERT France – Pysa ransomware is targeting local governments

Security Affairs

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities.

Is ‘REvil’ the New GandCrab Ransomware?

Krebs on Security

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims.

Norsk Hydro's Ransomware Headache

Data Breach Today

The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and Anonymous hacktivist, and the growing problem of cyber extortion

Security Breach Disrupts Fintech Firm Finastra

Krebs on Security

Finastra , a company that provides a range of technology solutions to banks worldwide, said it was shutting down key systems in response to a security breach discovered Friday morning. “We wish to inform our valued customers that we are investigating a potential security breach.

New Ransomware Targets Industrial Controls: Report

Data Breach Today

Dragos Researchers Describe Potential Threat Posed by Ekans Ransomware Ekans, a recently discovered ransomware variant that's designed to target industrial control systems, appears to have some of the same characteristics found in Megacortex, malware that struck several high-profile targets in 2019, according to the security firm Dragos.

Managing the Human Security Factor in the Age of Ransomware

Threatpost

Convincing employees to take security seriously takes more than awareness campaigns. InfoSec Insider Malware Web Security derek manky employee training Fortinet gamification human factor infosec insider Phishing ransomware security hygiene social engineering

Microsoft warns of growing DoppelPaymer Ransomware threat

Security Affairs

The Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware and provided useful information on the threat. “Microsoft has been investigating recent attack s by malicious actors using the Dopplepaymer ransomware.

Mexican state-owned oil company Pemex hit by ransomware

Security Affairs

On S unday , the Mexican state-owned oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware. On Sunday, a piece of the DoppelPaymer ransomware infected systems of the Mexican state-owned oil company Petróleos Mexicanos (Pemex) taking down part of its network.

Mental Healthcare Providers Respond to Ransomware Attacks

Data Breach Today

Two Entities Hit - One Pays Ransom; the Other Doesn't Two recent ransomware attacks on mental healthcare providers serve as reminders of the security incident response and risk mitigation pressure faced by entities handling especially sensitive patient information

Researchers released a free decryptor for the Nemty Ransomware

Security Affairs

Good news for the victims of the Nemty Ransomware , security researchers have released a free decryptor that could be used to recover files. Below the ransom note dropped by the Nemty ransomware after the encryption process is completed.