Ionut Ilascu reports: For more than a year, North Korean hackers have been running a ransomware operation called HolyGhost, attacking small businesses in various countries. The group has been active for quite a while but it failed to gain the notoriety and financial success of other gangs even if the operation followed the same recipe:…
Category: Malware
Hilton Garden Inn Cleveland Downtown warns of credit card data breach
Today’s reminder that malware on point-of-sale systems is still a thing. Danielle Cotterman reports: If you used a credit or debit card at Hilton Garden Inn Cleveland Downtown, you may want to double-check your bank statements. The hotel, located at 1100 Carnegie Avenue, is notifying customers that payment information may have been stolen from cards used…
BR-Prefeitura Municipal de Itapemirim suffered a cyber attack
In a statement on its Facebook page, the Prefeitura Municipal de Itapermirim in Brazil alerted people that it had been the victim of a cyberattack on July 10 and ransom has been demanded: The following is a machine translation of their Facebook statement: The Municipal Prefecture of Itapemirim goes public to inform that the Municipality’s…
BlackCat (Aka ALPHV) Ransomware Is Increasing Stakes Up To $2.5M In Demands
A new blog post by Resecurity indicates that BlackCat’s average ransom demand is now over $2 million. They write: Based on the recently compromised victims in Nordics region, which haven’t been disclosed by the group yet, the amount to be paid exceeds $2 million. […] According to experts from Resecurity, BlackCat ransomware actors began defining…
US govt warns of Maui ransomware attacks against healthcare orgs
Sergiu Gatlan reports: The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S….
Updating: Napa Valley College Recovering After June Ransomware Attack
There’s an update to the incident first disclosed by Napa Valley College on June 10 and reported in the media on June 25. On July 5, Edward Booth reported: The Napa Valley College website and network systems have been coming back online this week after being shut down by a ransomware attack in early June….