Bill Toulas reports: Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. Though the organization did not name the attackers, the RansomHub gang claimed responsibility on August 15, 2024, when they published all of the stolen data on their extortion portal….
Category: Malware
Reward for Information: Belarusian National Volodymyr Kadariya
REWARD FOR INFORMATION: BELARUSIAN NATIONAL VOLODYMYR KADARIYA REWARD OF UP TO $2.5 MILLION [Wanted poster in English-508 compliant] [200 KB] [Wanted poster in Belarusian] [240 KB] [Wanted poster in Russian] [240 KB] [Wanted poster in Spanish] [244 KB] NAME: Volodymyr Kadariya ALIASES: Vladimir Kadaria, Volodymyr Kadariya, Владимир Кадария, Andrii Kovalov DOB: 2 March 1986 POB: Belarus NATIONALITY: Belarusian CITIZENSHIP: Belarusian HEIGHT: 5’8” WEIGHT: 200 lbs HAIR…
Alleged member of Karakurt extradited and charged in Ohio
Let’s start with the press release from the U.S. Attorney’s Office in the Southern District of Ohio: CINCINNATI – A member of a Russian cybercrime group has been charged federally and appeared in U.S. District Court in Cincinnati today. A federal grand jury indicted Deniss Zolotarjovs, 33, of Moscow, Russia, charging him with conspiring to…
Top US oilfield firm Halliburton hit by cyberattack, source says
Liz Hampton reports: U.S. oilfield services firm Halliburton (HAL.N) on Wednesday was hit by a cyberattack, according to a person familiar with the matter. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. The company was also working with “leading…
How many times has Carespring Health Management been attacked since last year? (1)
In October 2023, Carespring Health Care Management was the victim of a ransomware attack. It was not announced on its website, but in November, Carespring was listed on the NoEscape ransomware gang’s site. At the time, the threat actors claimed they had encrypted Carespring’s files and exfiltrated 364 GB of files. The incident never appeared…
Ransomware gang deploys new malware to kill security software
Sergiu Gatlan reports: RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks. Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate…