Release Date: March 16, 2023 Alert Code: AA23-075A SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to…
Category: Malware
Conti-based ransomware ‘MeowCorp’ gets free decryptor
Ionut Ilascu reports: A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for free. The utility works with data encrypted with a strain of the ransomware that emerged after the source code for Conti was leaked last year in March [1, 2]. Researchers at cybersecurity company Kaspersky…
BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion
Elizabeth Montalbano reports: The BianLian ransomware group is ramping up its operations and maturing as a business, moving more swiftly than ever to compromise systems. It’s also moving away from encryption to pure data-theft extortion tactics, in cyberattacks that have so far bagged at least 116 victims, researchers have found. BianLian, first discovered last July, hasn’t deviated much…
Independent Living Systems updates its breach disclosure; notifying more than 4.2 million patients
In September 2022, Independent Living Systems LLC (ILS), a business associate in Florida, notified HHS and regulators of a network incident that affected 501 patients. They also provided public notice, but were unable to identify and notify all individuals who had been affected. The “501” was simply a marker to indicate “more than 500.” The…
N.L. says Hive ransomware group was behind 2021 cyberattack on health systems
Rob Antle reports: The Newfoundland and Labrador government says the Hive ransomware group was behind a cyberattack that paralyzed the province’s health-care system a year and a half ago. But top government officials still won’t say whether they paid a ransom. “We can’t disclose anything about a request for a ransom, for security purposes,” Justice…
Lawsuit filed against Lehigh Valley Health Network after ransomware gang leaks sensitive patient data online
The following lawsuit and press release were predictable. Could LVHN have protected sensitive patient information better? If so, is less than perfect security somehow “negligent?” And if they are found to be negligent, how will LVHN be held accountable, and how on earth will patients ever come close to being made whole from a breach…