REWARD OF UP TO $15 MILLION NAME: ALPHV/Blackcat Ransomware as a Service (RaaS) NATIONALITY: Various (Unknown) CITIZENSHIP: Various (Unknown) The U.S. Department of State is offering a reward of up to $10,000,000 for information leading to the identification or location of any individual(s) who hold a key leadership position in the Transnational Organized Crime group behind the ALPHV/Blackcat ransomware variant. In…
Category: Malware
Update on INTEGRIS Health data breach: incident response criticized by patients
In December, INTEGRIS Health disclosed a cyberattack in November in which threat actors contacted patients directly to extort them when INTEGRIS wouldn’t pay their demands. DataBreaches subsequently reported additional details. On February 6, INTEGRIS updated its breach notice. The updated website notice incorporates the kind of language that advocates for transparency and data protection may…
PA: Washington County pays $350,000 ransom after cyberattack
Chris Hoffman reports: The Washington County Board of Commissioners formally voted on Thursday on handling the recent cyberattack. Some have questioned the transparency of the process. The questions about transparency have been because of secret and emergency meetings. According to the solicitor, some of that was because of the deadlines set up by the cybercriminals….
HC3: Analyst Note: Akira Ransomware
February 7, 2024 TLP:CLEAR Report: 202402071200 Executive Summary Akira ransomware is a relatively new ransomware gang that has demonstrated aggressive and capable targeting of the U.S. health sector in its short lifespan. U.S. healthcare organizations are advised to follow the steps in this alert to minimize their risk of attack. Overview Akira ransomware was first…
Rhysida ransomware decryptor publicly released
Laura French reports: A Rhysida ransomware decryption tool has been publicly released and detailed in a preprint paper by South Korean researchers Friday. The Rhysida decryptor takes advantage of a vulnerability in the ransomware’s encryption process, enabling the process to be reverse engineered to recover files. The researchers from Kookmin University and the Korea Internet…
Cyberattack shuts down Colorado public defender’s office
Shelly Bradbury reports: A cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network, locking public defenders across the state out of critical work systems and prompting attorneys to seek delays in their court cases. Office spokesman James Karbach confirmed the breach in a statement Monday,…