Marco A. De Felice aka @amvinfe reports: The RansomHub group made headlines last February when, following a cyberattack on Change Healthcare, they disrupted operations for several weeks. Change Healthcare is the largest U.S. provider of revenue and payment cycle management, connecting payers, providers, and patients within the American healthcare system. A week ago, a RansomHub affiliate successfully…
Category: Malware
Backdoor found in court AV recording software
Catalin Cimpanu reports: Cybersecurity researchers from Rapid7 and S2W have found a backdoor trojan inside a popular app used for recording courtroom and jury meetings. The malware was found in the installer for JAVS Viewer, version 8.3.7, an app from Justice AV Solutions that allows customers to play back older recordings. JAVS customers who downloaded the official installer from the…
United Urology Group appears to be a victim of a ransomware attack; some patient data already leaked
United Urology Group describes itself as a national network of urology specialists with corporate headquarters in Maryland. Their network includes Arizona Urology Specialists Phoenix, Arizona Urology Specialists Tucson, Chesapeake Urology, Colorado Urology, and Tennessee Urology. On May 23, RansomHouse threat actors claimed to have encrypted their system on May 4 and exfiltrated about 300 GB…
Spyware found on US hotel check-in computers
Zack Whittaker reports: A consumer-grade spyware app has been found running on the check-in systems of at least three Wyndham hotels across the United States, TechCrunch has learned. The app, called pcTattletale, stealthily and continually captured screenshots of the hotel booking systems, which contained guest details and customer information. Thanks to a security flaw in…
HHS launches $50M security initiative to thwart hospital ransomware
Chad Van Alstin reports: The U.S. Department of Health and Human Services (HHS) is launching a $50 million incentive program to encourage hospitals to improve their cybersecurity. Dubbed the Universal Patching and Remediation for Autonomous Defense—or UPGRADE—program, the initiative aims to speed up vulnerability detection and patch deployment through the creation of a platform that…
UK NCSC and Insurance Associations Publish Guidance on the Approach to Ransom Payments
Financial and insurance organizations have been under increasing attack by Scattered Spider. Now there is more guidance for entities. Hunton Andrews Kurth notes: On May 14, 2024, the UK National Cyber Security Centre (“NCSC”) and three major UK insurance associations (Association of British Insurers (“ABI”), British Insurance Brokers’ Association (“BIBA”) and International Underwriting Association (“IUA”)),…