Reuters reports: Russian hackers attempted to launch a destructive cyberattack on Ukraine’s electricity grid last week, Ukrainian officials and cybersecurity researchers said on Tuesday. The group, dubbed “Sandworm” by security researchers and previously tied to destructive cyberattacks attributed to Russia, deployed destructive and data-wiping malware on computers controlling high voltage substations in Ukraine, the Computer…
Category: Malware
LockBit ransomware gang lurked in a U.S. gov network for months
Bill Toulas reports: A regional U.S. government agency compromised with LockBit ransomware had the threat actor in its network for at least five months before the payload was deployed, security researchers found. Logs retrieved from the compromised machines showed that two threat groups had compromised them and were engaged in reconnaissance and remote access operations….
At small and rural hospitals, ransomware attacks are causing unprecedented crises
Marion Renault reports: At 12:08 p.m. on a Monday, a Sky Lakes Medical Center employee tapped an email link. Within minutes, that click cracked open the Oregon hospital’s digital infrastructure for cybercriminals to infiltrate. By the time IT staff started looking into it, “everything was being encrypted,” said John Gaede, director of information services. On…
AlphaV claims attack on Florida International University (updated)
It’s been a while since DataBreaches.net reported on data security incident involving Florida International University in Miami, but if AlphaV’s claims are true, they have been breached again. AlphaV (“BlackCat”) added FIU to their leak site and claim: In our design the following information: -Personal information of students and teaching staff, including confidential data, SSN,…
War stirs up cybercrime
(Machine translation of German-language article at zdf.de). Peter Wering reports: ….. Russian groups are currently making little ransom from ransomware attacks…. That is why Russian IT criminals have partially relocated their activities to Ukraine. There they are attacking Ukrainian IT infrastructure on behalf of the Kremlin. But they also use the Internet connections there to…
Hackers use Conti’s leaked ransomware to attack Russian companies
Lawrence Abrams reports: A hacking group used the Conti’s leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. […] However, the tables have now turned, with a hacking group known as NB65 now targeting Russian organizations with ransomware attacks. Read more at BleepingComputer.