Written by Jon DiMaggio. Conducting a behavioral profile of ransomware attackers will give you a better understanding of who is behind the attacks threatening your organization. Behavioral profiling adds value to defenders who can use it to identify an attacker and negotiators who will know the motivations and beliefs of the human being they are…
Category: Malware
Interview with Mallox ransomware group
Over on SuspectFile, Marco A. De Felice has a write-up of an interview with Mallox. Unlike some interviews where spokespeople brag or make claims or pose a bit, Mallox’s spokesperson comes across as a serious individual who is part of a closed group that has worked together for the past few years without the drama…
Avast releases free BianLian ransomware decryptor
Bill Toulas reports: Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers. The availability of a decryptor comes only about half a year after increased activity from BianLian ransomware over the summer of 2022, when the threat group breached multiple high-profile…
NY lawmakers vow to tackle cyber hack attacks against hospitals, schools
Carl Campanile reports: New York state lawmakers have promised to make helping local governments, schools and hospitals protect against cyber ransomware attacks a top priority during the 2023 legislative session. It comes after a wave of such attacks hit institutions across the Empire State, with the computer systems of a major Brooklyn hospital network and those of the Suffolk County…
After denying responsibility for the Royal Mail attack, LockBit discovers that one of their affiliates was responsible.
The U.K.’s Royal Mail was the victim of a cyberattack that significantly impacted international delivery services. But was this attack the work of LockBit 3.0 or not? Those who saw the ransom note said the links in the note pointed to LockBit’s leak site and their chat negotiation site. But as Bleeping Computer reported, the…
Home Care Providers of Texas discloses ransomware incident affecting more than 124,000
Home Care Providers of Texas (DPP II, LLC), has disclosed a ransomware incident to the Texas Attorney General’s Office. According to their notification, unnamed threat actors accessed patient information between June 25 and June 29. The breach was detected on June 29 when files were encrypted. In addition to encrypting some files, the threat actors…