Zach Shipman reports: The MediaMarktSaturn group has suffered a heavy ramsonware attack in recent days. It is difficult to say who did it: someone from Holland is ready to believe that it is the Hive group, which would have asked for 240 million dollars in bitcoin, however at the moment there is no claim on…
Category: Malware
Waikato DHB warned a cyber attack ‘catastrophic for patient safety’
Natalie Akoorie reports: The Waikato District Health Board was warned its IT security was inadequate and severely compromised just months before a massive ransomware attack that brought Waikato Hospital to its knees. The internal cyber security document dated December last year also warned that a lack of training meant staff posed an unintentional threat to…
Manhasset School District continues to recover from September ransomware attack
Robert Pelaez has an update on the Manhasset School District ransomware incident that resulted in the dumping of numerous files on current and former employees and students on the dark web — many with personal and sensitive information. But what caught my eye in the update was this: Last month, district officials warned Manhasset students…
Some Florida Heart Associates data appears on dark web after ransomware attack earlier this year
In July, this site noted a May, 2021 ransomware incident that significantly impacted Florida Heart Associates. In July, they notified HHS that 45,148 patients were impacted. Now this week, we learned that it was Pysa threat actors who had attacked them, and they have now dumped some of the data. Pysa’s dump is a little…
US seizes $6 million in ransom payments and expected to charge Ukrainian over major REvil cyberattack
Christina Carrega and Sean Lyngaas report: Law enforcement officials have seized an estimated $6 million in ransom payments, and the US Justice Department is expected to announce Monday that it has charged a suspect from Ukraine over a damaging July ransomware attack on an American company in a breakthrough for the Biden administration’s pursuit of cybercriminals, CNN…
Five Affiliates of Sodinokibi/REvil Have Been Arrested by Now
On 4 November, Romanian authorities arrested two individuals suspected of cyber-attacks deploying the Sodinokibi/REvil ransomware. They are allegedly responsible for 5,000 infections, which in total pocketed half a million euros in ransom payments. Since February 2021, law enforcement authorities have arrested three other affiliates of Sodinokibi/REvil and two suspects connected to GandCrab. These are some…