Sergiu Gatlan reports: The Lorenz ransomware gang now uses a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises, using their phone systems for initial access to their corporate networks. Arctic Wolf Labs security researchers spotted this new tactic after observing a significant overlap with Tactics, Techniques, and Procedures (TTPs) tied to ransomware attacks…
Category: Malware
LockBit updates leak site with post about Sud-Francilien hospital
After weeks of information and misinformation leaking out, and after some outstanding reporting by Valéry Rieß-Marchive on LeMagIT, LockBit 3.0 has publicly confirmed that they are responsible for the attack on South Francilien Hospital Center (CHSF). Consistent with the usual rhetoric we see from threat actors in such circumstances, LockBit tries to put responsibility on…
Ransomware gangs switching to new intermittent encryption tactic
Bill Toulas reports: … SentinelLabs has posted a report examining a trend started by LockFile in mid-2021 and now adopted by the likes of Black Basta, ALPHV (BlackCat), PLAY, Agenda, and Qyick. These groups actively promote the presence of intermittent encryption features in their ransomware family to entice affiliates to join the RaaS operation. Read more at…
OakBend Medical Center hit by ransomware; Daixin Team claims responsibility
While many were looking forward to the Labor Day holiday weekend, the IT department at OakBend Medical Center learned they had been hit with a ransomware attack. The center is still trying to recover. In a notice on its website, the Texas medical center disclosed that after being hit by ransomware on September 1, it…
What’s the impact of ransomware attacks on healthcare entities? Did you ask the people who really know?
Expect some buzz next week about a new report with significant findings about the impact of cyberattacks on patient care and mortality. The study was funded by Proofpoint and conducted independently by Ponemon Institute. The survey addresses important questions about the impact of various types of cyberattacks on patient safety and care. While DataBreaches appreciates…
KY: Bardstown confirms ransomware hack last weekend
Nacogdoches Miller reports: The City of Bardstown released an official statement confirming rumors of a cyberattack involving ransomware ahead of the Labor Day weekend which leveled internet services for businesses and residents. While some services have been fully restored, others continue to be worked on. Read more at The Kentucky Standard.