Zack Whittaker reports: A security researcher says six companies were saved from having to pay potentially hefty ransom demands, in part thanks to rookie security flaws found in the web infrastructure used by the ransomware gangs themselves. Two companies received the decryption keys to unscramble their data without having to pay the cybercriminals a ransom,…
Category: Malware
FBI Issues Warning As ‘Men In Black’ Hackers Demand $60 Million Ransom
Davey Winder reports: An updated advisory from the FBI and the Cybersecurity and Infrastructure Security Agency has warned of the danger from a ransomware group that has demanded as much as $60 million from its victims, and a staggering total of $500 million so far. The criminal hackers concerned have rebranded from calling themselves Royal…
UK: Provisional decision to impose £6m fine on software provider Advanced following 2022 ransomware attack
The following statement by the Information Commissioner’s Office concerns a devastating 2022 ransomware attack by LockBit3.0 on Advanced Computer Software Group (“Advanced”), an IT vendor for the UK’s National Health Service (NHS). Here is the ICO’s statement about Advanced: We have provisionally decided to fine Advanced Computer Software Group Ltd (Advanced) £6.09m, following an initial…
Six U.S. hospital breach reports from July; some have flown under the media radar (1)
Although DataBreaches does not report on all incidents involving U.S. healthcare entities, a log is kept to calculate statistics for the annual Breach Barometer report produced by Protenus, Inc. For the month of July, DataBreaches noted the following six U.S. hospitals disclosed breaches or were claimed as victims by threat actors. Some of these incidents…
Crypto-wallet service seized for helping ransomware gangs launder stolen funds
Risky Biz News reports: German and US authorities have seized a crypto-wallet service named Cryptonator on charges of money laundering and operating an unlicensed money service business. The service allowed individuals to set up crypto-wallet funds that could receive and send funds from and to any type of blockchain service, effectively operating as a “personal…
Mandiant Uncovers Threat Group Behind Basta Ransomware
Akshaya Asokan reports: A newly identified financially motivated hacking group is deploying Basta ransomware as part of an ongoing extortion campaign that began early this year. Google Mandiant, which uncovered the campaign, tracks the group as UNC4393. Since Basta is not publically marketed and is available on invitation-only basis, Mandiant researchers believe UNC4393 is likely the “primary…