The Kronos ransomware incident can’t seem to stay out of the news cycle. Not only has it disrupted payroll operations for numerous clients, leaving many employees without their correct weekly paychecks, but employee data has also been stolen. Sergiu Gatlan reports: Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit…
Category: Malware
NetWalker ransomware affiliate sentenced to 80 months in prison
Sergiu Gatlan reports an update to the prosecution of a Canadian NetWalker affiliate. The NetWalker site was seized in January, 2021, and at the same time, the U.S. announced the indictment of Vachon-Desjardins. Although they sought his extradition to the U.S., it appears that he pleaded guilty in Canada to charges stemming from crimes involving…
Cyberattack brings down Vodafone Portugal mobile, voice, and TV services
Catalin Cimpanu reports: Vodafone Portugal said today that a large chunk of its customer data services went offline overnight following “a deliberate and malicious cyberattack intended to cause damage and disruption.” The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS, and voice/digital answering services are still offline following the attack. Read…
Microsoft Details Malware Attacks on Ukrainian Organizations
Lindsey O’Donnell-Welch reports: A known Russia-linked threat group has been targeting an array of organizations in Ukraine – including government, military, law enforcment, non-profit and judiciary entities – in an attempt to steal sensitive data. Microsoft detailed several malware campaigns over the past six months by the Actinium threat group (also known as Gamaredon or…
Microsoft plans to kill malware delivery via Office macros
If you use Word and always feel concerned when you “enable macros” because of the risk of malware, here’s some good news. Sergiu Gatlan reports: Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular…
Indicators of Compromise Associated with LockBit 2.0 Ransomware and Additional Mitigations
On February 4, the FBI issued a Flash Alert: Indicators of Compromise Associated with LockBit 2.0 Ransomware Today, HHS’s Cybersecurity Program issued its companion HC3 alert. It says, in part: Impact to HPH Sector Although the LockBit 2.0 cybercrime gang claims to not attack healthcare organizations, all ransomware continues to act as a major cyber…