Chetan Raghuprasad writes: Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP)…
Category: Malware
City of Oakland declares state of emergency after ransomware attack
Sergiu Gatlan reports: Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th. Interim City Administrator G. Harold Duffey declared a state of emergency to allow the City of Oakland to expedite orders, materials and equipment procurement,…
Royal Mail refused to pay ‘absurd’ LockBit ransom, chat logs say
Carly Page reports: The LockBit ransomware gang has published what it claims is the full transcript of its negotiations with Royal Mail, which continues to experience disruption due to last month’s cyberattack. The chat logs negotiating the ransom is the first data that LockBit has published following the cyberattack on Royal Mail, which left the British postal service…
Arizona Priority Care and AZPC Clinics notify 10,978 patients of malware attack
Arizona Health Advantage, Inc. d/b/a Arizona Priority Care and AZPC Clinics, LLC (“APC”) are healthcare providers and business associates. On February 1, they notified HHS of an incident that affected 10,978 patients. As a business associate, their report to HHS was filed on behalf of Alignment Health Plan of Arizona, Inc. and Alignment Health Insurance…
New Picus Red Report warns of “Swiss Army knife” malware
The versatility of the latest malware is demonstrated by the fact that a third of the total sample analyzed by Picus Labs is capable of exhibiting more than 20 individual Tactics, Techniques, and Procedures (TTPs). San Francisco, US, 14th February 2023– Picus Security, the pioneer of Breach and Attack Simulation (BAS), has released The Red Report 2023, an in-depth analysis…
Pepsi Bottling Ventures suffers data breach after malware attack
Bill Toulas reports: Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems. […] “Based on our preliminary investigation, an unknown party accessed [our internal IT systems] on or around December 23, 2022, installed malware,…