Since March, 2021, data exfiltrated from Butler County Sheriff’s Office has been dumped on the dark web and clear net, but those affected may never have known that because the threat actors named the wrong victim. Relying too much on the word of criminals, researchers and compilations also misidentified the victim. Researchers and journalists should…
Category: Malware
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Amitai Ben Shushan Ehrlick reports: SentinelLabs has been tracking the activity of Agrius, a suspected Iranian threat actor operating in the Middle East, throughout 2020 and 2021 following a set of destructive attacks starting December 2020. Since we last reported on this threat actor in May 2020, Agrius lowered its profile and was not observed conducting destructive…
When the charm offensive didn’t work, threat actors just opted to be offensive
In 2020, those of us who report on ransomware attacks witnessed what some described as a “charm offensive” — spokespeople for ransomware groups granting interviews to journalists in which the threat actors tried to make themselves sound like professionals who have an ethics code and who are just trying to provide for their families. Those…
Here are four ransomware groups that businesses need to watch out for
AMEinfo points readers to a new report by Unit 42 that covers AvosLocker, Hive, HelloKitty, and LockBit2.0 ransomware groups. You can read their summary here and access the full report here.
Biden administration to convene 30 countries to crack down on ransomware threat
Sean Lyngaas reports: The White House will convene a 30-country meeting this month to try to ramp up global efforts to address the threat of ransomware to economic and national security, President Joe Biden said in a statement shared exclusively with CNN. “Cyber threats affect the lives and livelihoods of American families and businesses,” national security adviser…
Eskenazi Health now says some patient, employee information stolen in cyber attack
Shari Rudavsky reports that, as first reported by this site in August, Eskenazi Health officials have announced that information from patients and employees was stolen and released on the dark web. The hospital will send a letter to all individuals impacted, detailing what types of information the cybercriminals obtained. Read more on IndyStar.