There was an update on December 1 to the CommonSpirit ransomware attack that DataBreaches has reported on multiple times already. Press release: On October 2, 2022, CommonSpirit detected activity on its IT network that was later determined to be ransomware. CommonSpirit immediately took steps to secure the network, which included proactively taking certain systems offline, and…
Category: Malware
Fr: Versailles hospital targeted by cyberattack
California 18 reports: The Versailles hospital center, located in Chesnay-Rocquencourt (Yvelines), has been targeted since Saturday evening by a cyberattack which is disrupting its activity, the establishment’s management said on Sunday. confirming information from franceinfo. The reception of patients is therefore ” limit “explained the hospital, adding that the computer system had been cut and a crisis…
‘We weren’t ready’ — Inside St. Michael Medical Center during October cyberattack outages
Nathan Pilling reports: In early October, a fresh batch of troubles arrived at St. Michael Medical Center. They would first be linked to an “IT security incident.” It would eventually be acknowledged by the hospital’s parent organization, CommonSpirit Health – one of the largest nonprofit health care systems in the country – that the group…
Bits ‘n Pieces (Trozos y Piezas)
UY: Ministry of Transport and Public Works victim of ransomware attack Uruguay’s Ministry of Transport and Public Works (MTOP) was hit by a ransomware attack on October 17. On November 9, MTOP reported that it was back to normal after the ransomware attack, adding that it had recovered critical information and restored the affected services….
#StopRansomware: Cuba Ransomware
Joint Cybersecurity Advisory Product ID: AA22-335A December 1, 2022 TLP:CLEAR The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Cuba ransomware IOCs and TTPs associated with Cuba ransomware actors identified through FBI investigations, third-party reporting, and open-source reporting. This advisory updates the…
Brazilian debt collection firm pays Hive $500k ransom while SuspectFile spectates it all
Marco A. De Felice (aka @amvinfe) had a bird’s eye view of negotiations between a Brazilian credit recovery and financial solutions firm and the Hive ransomware team. He also got to track the victim’s payment over wallets. Reading his partial transcript from the negotiations, the victim quickly went from an offer of $50k — an…