Sergiu Gatlan reports: Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. DEV-0950 malicious activity overlaps with financially motivated cybercrime groups tracked as FIN11 and TA505, known for deploying Clop payloads ransomware on targets’ systems. Read more at BleepingComputer
Category: Malware
Australian Clinical Labs says data of 223,000 people hacked
Australian Clinical Labs said on Thursday its Medlab Pathology business suffered a data breach that affected health records and credit card information of about 223,000 patients and staff. This is the latest in a series of hacks to rock corporate Australia, after the country’s biggest health insurer Medibank and No. 2 telco Optus were also…
Davenport Community Schools’ “server issues” were Karakurt issues
Months after CISA issued an alert about Karakurt, Davenport Community Schools in Iowa reported some “server issues.” On September 13, Schools Superintendent TJ Schneckloth issued a statement regarding what had been described as “server repairs” after the district went without internet for roughly a week back in September. That statement, updated on October 4, acknowledged…
Newly Unsealed Indictment Charges Ukrainian National with International Cybercrime Operation
Dedicated Website (Raccoon.IC3.gov) Announced to Assist in Identifying Malware Victims AUSTIN – A newly unsealed federal grand jury indictment charges Mark Sokolovsky, 26, a Ukrainian national, for his alleged role in an international cybercrime operation known as Raccoon Infostealer, which infected millions of computers around the world with malware. According to court documents, Sokolovsky, who…
Paying off hackers is common, says top Australian govt cybersecurity firm
Byron Kaye reports: Corporate insurers routinely pay hackers a ransom for the return of stolen customer data, a top Australian government cybersecurity provider said on Tuesday (Oct 25), as the country’s biggest health insurer revealed the growing scale of a recent breach. The claim from Macquarie Telecom Group, which runs cybersecurity for 42 per cent…
Hive claims ransomware attack on Tata Power, begins leaking data
Ax Sharma reports: Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. A subsidiary of the multinational conglomerate Tata Group, Tata Power is India’s largest integrated power company based in Mumbai. Read more at Bleeping Computer.