Seen on the AlphV/BlackCat leak site today: ResultsCX | The result of many unknown breaches? 5/11/2023, 9:03:10 PM We have numerous accounts to share about how our organization was able to gain initial access to various fortune 100 companies using the ResultsCX network and credentials. Interestingly, these companies are completely unaware that we have accessed…
Category: Malware
#StopRansomware: Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Jen Easterly, Director of CISA, tweeted: In early May 2023, a group self-identifying as the Bl00dy Ransomware Gang was observed attempting to exploit vulnerable PaperCut servers at educational institutions. Read our joint advisory with @FBI and apply patches or workarounds today: http://go.dhs.gov/4sz The advisory is embedded below:
Methodist Family Health discloses breach potentially involving sensitive info on children
On May 3, Methodist Family Health (MFH) in Arkansas notified HHS that 5,259 patients were affected by a breach. On their website, MFH posted a notice on the same day. It begins: Methodist Family Health (“MFH”) experienced a data breach on March 4, 2023, that was first detected on March 6, 2023. After a thorough…
Ransomware Encryption Rates Reach New Heights
Weren’t we reading something a while back about how some ransomware groups were no longer locking files and were just exfiltrating? Phil Muncaster reports a recent study says the rate of locking is higher than ever. The share of ransomware victims whose data was encrypted by their extorters grew to 76% over the past year,…
More breach news from the U.S. healthcare sector
A small roundup of incidents from the past 24 hours, including some dark web disclosures Uintah Basin Healthcare notifies patients of data breach discovered in November Uintah Basin Healthcare (“UBH”) in Utah became aware of unusual activity in their network on November 7, 2022. They are first notifying patients who received care at UBH between…
NC: Gaston College still investigating February cyberattack; personal information stolen still being determined
Taylor Young reports: Gaston College is a victim of a ransomware attack that prompted the school to take critical systems offline for caution. A college spokesperson said the it discovered the security issue Feb. 22. The school provided alternative links for students and staff, so campus operations and classes could continue. […] Two weeks ago, those…