Graham Cluley reports: On 9 July, Iran’s railroad system came under attack from hackers. The attackers posted messages on station departure boards warning of “long delay[s] because of cyberattack”, and suggesting inconvenienced passengers call “64411” for more information. 64411 is reportedly the telephone number of the office of Ayatollah Ali Khamenei, Iran’s supreme leader. With…
Category: Malware
New details — and data — emerge from Eskenazi Health ransomware incident
On August 4, this site noted that Eskenazi Health in Indiana had reportedly gone on diversion protocols following an attempted ransomware attack. On August 9, the hospital reported that it was still on diversion but that no patient or employee data was affected by the attack – or at least as far as they could…
Here’s how information stealers pose a threat beyond ransomware
From Intel 471: Ransomware is a top threat that security teams should be tailoring their systems to defend against. But in order to do so, they may need to look further than the ransomware itself. And by widening that scope, these teams may protect their enterprise beyond the damage that ransomware can cause. The activity…
Conti ransomware prioritizes revenue and cyberinsurance data theft
Lawrence Abrams points us to some interesting findings by Advanced Intel, who pored through the Conti manuals and materials recently dumped by a disgruntled affiliate. An interesting tactic used by the ransomware gang is using the legitimate Atera remote access software as a backdoor for continued persistence. When conducting an attack, ransomware operations commonly deploy…
Healthcare provider expected to lose $106.8 million following ransomware attack
Sometimes (but not always), breaches have steep consequences. Catalin Cimpanu reports: Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. “Operating revenues and operating expenses for the quarter ended…
Hive ransomware attacks Memorial Health System, steals patient data
Yesterday, news broke that Memorial Health system in Ohio had been hit with a ransomware attack and that surgeries were being delayed. Today Ionut Ilascu reports more details, including that the attack appears to involve the Hive ransomware threat actors: BleepingComputer has seen evidence that the attackers have stolen databases with information belonging to 200,000…