Since September 8, Suffolk County has been trying to recover from a cyberattack by a ransomware group known as “ALPHV” or “BlackCat.” The attack disabled the county’s 911 system as well as other services. The county reverted to older methods for handling essential county operations, dispatching, and paying bills. State police have also provided support…
Category: Malware
Denver suburb won’t cough up millions in ransomware attack that closed city hall
John Aguilar reports: The demand was big: $5 million to unlock Wheat Ridge’s municipal data and computer systems seized by a shadowy overseas ransomware operation. The response was defiant: We’ll keep our money and fix the mess you made ourselves. Read more at The Denver Post.
LockBit ransomware builder leaked online by “angry developer”
Lawrence Abrams reports: The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang’s newest encryptor. In June, the LockBit ransomware operation released version 3.0 of their encryptor, codenamed LockBit Black, after testing it for two months. […] Regardless of how the private ransomware builder was leaked, this…
ALPHV/BlackCat ransomware family becoming more dangerous
Alex Scroxton reports: The developer or developers behind the ransomware-as-a-service (RaaS) family known variously as ALPHV, BlackCat and Noberus, have been hard at work refining their tactics, techniques and procedures (TTPs) and today are probably more dangerous than ever before, according to intelligence from Symantec. The ALPHV/BlackCat/Noberus operation – which Symantec tracks as Coreid (aka FIN7, Carbon Spider)…
IL: Some residents’ personal information possibly compromised in Quincy ransomware incident
Back in May, DataBreaches reported on a significant ransomware attack of Quincy, Illinois’s systems. Quincy paid ransom at the time to get a decryption key. Now KHQA reports: Some residents of Quincy may have had their personal information compromised when the city was hit by a cybersecurity attack earlier this year. The city said the…
Update: SERV Behavioral Health System Issues Notice of Breach
On August 6, DataBreaches reported that the Hive ransomware team claimed to have attacked SERV Behavioral Health System and encrypted SERV’s files on May 26. The listing was added to Hive’s site on July 14. SERV did not respond to email inquiries from DataBreaches in July. Time passed, but Hive never added any “proof pack”…