On November 9, DataBreaches.net published “Without Undue Delay” which catalogued health sector ransomware attacks where attackers had dumped patient data as part of an attempt to pressure their victims into paying ransom. That report was a companion to a post arguing that patients need to be notified sooner of ransomware dumps than HIPAA’s 60-day window…
Category: Malware
The Wash Tub is notifying customers of a year-long payment card breach
The Wash Tub is notifying customers of a year-long payment card breach: San Antonio (November 12, 2020) – The Wash Tub is notifying customers of an incident that has been recently identified and addressed involving a suspected data breach that occurred September 2019 through October 2020. The Wash Tub was recently notified of suspicious activity…
DarkSide ransomware is creating a secure data leak service in Iran
Lawrence Abrams reports: The DarkSide Ransomware operation claims they are creating a distributed storage system in Iran to store and leak data stolen from victims. To show they mean business, the ransomware gang has deposited $320 thousand on a hacker forum. DarkSide is run as a Ransomware-as-a-Service (RaaS) where developers are in charge of programming…
AU: Newcastle Grammar School Targeted In Cyber Attack
Ian Crouch reports: Newcastle Grammar School has been the target of a cyber attack by criminals. School officials became aware of the attack at the weekend, with ransomware used to encrypt and destroy part of the school’s IT network. Fairfax reports the perpetrators have tried to extort money from the school to unlock the damage….
“Email Appender” Implants Malicious Emails Directly Into Mailboxes
As if we didn’t have enough breaches that start by compromising an employee’s email account, now there’s more to worry about. Imagine that despite training your employees to be careful, and despite using updated AV or other software to detect nasties, a threat actor could deliver malware-laden emails directly into your employees’ inboxes. Will employees…
Ransomware Group Turns to Facebook Ads
Brian Krebs reports: It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. Read more on KrebsOnSecurity.com. The Ragnar Locker threat actors…