Catalin Cimpanu reports: The Russian Federal Security Service (FSB) said today that it has raided and shut down the operations of the REvil ransomware gang. Raids were conducted today at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said…
Category: Malware
Microsoft Defender weakness lets hackers bypass malware detection
Ionut Ilascu reports: Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there. The issue has persisted for at least eight years, according to some users, and affects Windows 10 21H1 and Windows 10 21H2. Read more at BleepingComputer.
Kronos hackers stole personal info of Metro-North workers, MTA says
David Meyer reports: Ransomware hackers who breached the network of MTA timeclock provider Kronos made off with the personal information of several current and former Metro-North employees, transit leadership said Thursday. “Kronos recently informed us that some files containing personal information of some current and former MTA employees at one of our agencies – Metro-North Railroad –…
Ransomware gang behind attacks on 50 companies arrested in Ukraine
Catalin Cimpanu reports: Ukrainian authorities have detained five members part of a ransomware gang that carried out attacks against more than 50 companies across Europe and the Americas. The arrests, which took place earlier this week, targeted the group’s leader, a 36-year-old Kyiv resident, his wife, and three acquaintances. Officials said the group hacked into…
OH: Memorial Health System notifies 216,478 patients of malware incident last July
In November, Marietta Area Health Care Inc. dba Memorial Health System notified HHS of a breach. The number affected was submitted as 501 — a number that this site often interprets as just a marker to show that the entity knows there was more than 500 patients to notify, but hasn’t yet figured out exactly…
Saved by the backups: Hospital Centro de Andalucia recovered quickly from ransomware attack
Some ransomware groups have pledged not to attack healthcare facilities. Vice Society is not one of them, as their recent attack on a Spanish hospital reminds us. Amaveca Salud provides a number of in-patient and outpatient services and therapies. Last year, they inaugurated a private hospital, Hospital Centro de Andalucia in Lucena, Spain. When…