On July 8, DataBreaches reported that Gateway Rehab in Pennsylvania had apparently become the victim of a ransomware attack by Blackbyte. DataBreaches’s report included redacted screenshots of files sensitive protected health information that had been leaked on the threat actors’ leak site. Gateway had not responded to inquiries from this site nor posted any notice on…
Category: Malware
San Gorgonio Memorial Hospital Back Online After Malware Attack
Toni McAllister reports: A six-day shutdown of electronic health records at San Gorgonio Memorial Hospital was due to a malware attack that remains under investigation by a team of forensics professionals, according to SGMH CEO Steve Barron. The attack occurred Nov. 10 and all systems at the 600 N. Highland Springs Avenue campus were back…
Have ransomware-type cyberattacks really decreased in 2022?
Marco A. De Felice writes: According to various reports drawn up by analysts and journalists in the information security sector, ransomware-type attacks would be in sharp decline in 2022. A statement that we find in total disagreement. For SuspectFile, the number of victims in all sectors is instead comparable to those experienced in the previous…
Researchers Quietly Cracked Zeppelin Ransomware Keys
Brian Krebs reports: Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks…
Vanuatu island hit by ransom attack, cripples government
WION reports: The small archipelago of the South Pacific Ocean, Vanuatu, was attacked by ransomware on 4 November, Friday and stranded the country for over a week. According to civil servants in the government, they noticed that their official emails started bouncing back from government addresses, this was the first sign when they found that…
Alert (AA22-321A) #StopRansomware: Hive Ransomware
CISA has issued an alert about the Hive ransomware group. Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of…