As previously reported on this site, in September 2023, Cardiovascular Consultants Ltd. (CVC) in Arizona experienced a ransomware attack. In October 2023, the Qilin ransomware group added CVC to its leak site, claiming to have exfiltrated 520,961 files and 206 GB of data. And in December 2023, CVC announced the breach in a substitute notice…
Category: Malware
Dual Russian And Israeli National Extradited To The United States For His Role In The LockBit Ransomware Conspiracy
From the U.S. Attorney’s Office, District of New Jersey, an update on the case involving an alleged dev for LockBit: NEWARK, N.J. – A dual Russian and Israeli national was extradited to the United States on charges that he was a developer of the LockBit ransomware group, United States Attorney John Giordano announced. In August,…
FMS: YAP Health Services disrupted by ransomware attack
The state of Yap is one of the four states that make up the Federated States of Micronesia, along with the states of Pohnpei, Chuuk and Kosrae. Yap is the Western-most island in the FSM, located about midway between Guam and Palau. From the YAP Health Services Facebook Page on March 12: Cyberattack Disrupts Yap…
#StopRansomware: Medusa Ransomware
Release Date: March 12, 2025 Alert Code: AA25-071A Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect…
Pinehurst Radiology Associates remains closed more than 1 month after cyberattack
Marty Stempniak reports: An East Coast imaging group remains closed more than one month after a cyberattack, according to reports from local media. Pinehurst Radiology Associates recently gave notice of the incident, launching an investigation amid suspicious activity on its network. Located in the Sandhills of North Carolina’s Moore County, the practice hired legal counsel…
Akira ransomware gang used an unsecured webcam to bypass EDR
The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Pierluigi Paganini reports: Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an unsecured webcam to encrypt systems within a target’s network, bypassing Endpoint Detection…