Ravie Lakshmanan reports: An “aggressive” financially motivated threat actor has been identified as linked to a string of RYUK ransomware attacks since October 2018, while maintaining close partnerships with TrickBot-affiliated threat actors and using a publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks. Cybersecurity firm Mandiant attributed…
Category: Malware
Cox Media Group confirms ransomware attack that took down broadcasts
Sergiu Gatlan reports: American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. The company acknowledged the attack in data breach notification letters sent today via U.S. Mail to over 800 impacted individuals believed to have had their personal…
Manhasset School District Victim of Ransomware?
Frank Rizzo reports: Manhasset School District Acting Superintendent of Schools Gaurav Passi, at the Oct. 7 board of education meeting, said that the district may have been the victim of ransomware. “At this time we can confirm that we have discovered ransomware in our system,” Passi said. “And that the malicious actor—or threat actor, as…
JDC Healthcare discloses ransomware incident; still figuring out who needs to be notified
DALLAS, Oct. 7, 2021 /PRNewswire/ — JDC Healthcare Management LLC (“JDC”) is notifying individuals of an event that may affect the security of some personal information. While, to date, JDC has no evidence that information has been or will be misused, JDC is providing information about the event, JDC’s response to it, and resources available to help…
Netherlands can use intelligence or armed forces to respond to ransomware attacks
Catalin Cimpanu reports: The Dutch government said it would use its intelligence or military services to counter cyber-attacks, including ransomware attacks, that threaten its national security. Answering a parliamentary inquiry into the country’s possible avenues of response to ransomware attacks, Ben Knapen, Dutch Minister of Foreign Affairs, said under normal circumstances, diplomatic avenues take precedence,…
Two more ransomware attacks on the education sector revealed
In August, DataBreaches.net highlighted ransomware threat actors known as Pysa who have been attacking both the medical sector and the education sector — two sectors near and dear to this site’s publisher. Today, we report on two more school districts attacked by Pysa. Consolidated High School District 230 The Consolidated High School District 230 in…