Christian Vasquez reports: Hackers have leaked hundreds of computer files allegedly stolen from a Houston-based oil and natural gas producer — the latest in a series of ransomware attacks that put a new twist on an old extortion playbook. The hackers behind the “Nefilim” malware say they have stolen over 800 gigabytes of personnel and…
Category: Malware
New Ramsay malware can steal sensitive documents from air-gapped networks
Catalin Cimpanu reports: Researchers from cyber-security firm ESET announced today that they discovered a never-before-seen malware framework with advanced capabilities that are rarely seen today. Named Ramsay, ESET says this malware toolkit appears to have been designed to infect air-gapped computers, collect Word and other sensitive documents in a hidden storage container, and then wait…
ZA: Gautrain IT technician illegally installed spyware
Zelda Venter reports: A Gautrain technician has been sentenced to 10 years imprisonment for the unlawful installation of spyware to desktop and laptop computers at the Gautrain Management Agency in Midrand. Information technology technician Obakeng Israel Busang, contracted to Gautrain, was sentenced in the Johannesburg Specialised Commercial Crimes Court following a guilty plea. Read more…
Magellan Health notifies employees whose personal data were exfiltrated in a ransomware attack
Magellan Health is notifying an undisclosed number of employees who information may have been exfiltrated in a ransomware attack. The attack began with a phishing attack on April 6 that impersonated a Magellan client. On April 11, Magellan discovered the breach, and called in Mandiant to investigate. Their investigation revealed that the attackers had exfiltrated…
Maze Team under the spotlight
Maze has seemingly done such a good job getting media attention that we’re also seeing more analyses of their methods. This week, check out this report from FireEye: Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents and this report from Sophos: Maze ransomware: extorting victims for 1 year and counting In…
Paying the Ransom Doubles Cost of Recovering from a Ransomware Attack, According to Sophos
One of the interesting things I learned this past week at the Privacy+Security Forum Spring Academy was that 75% of a prominent law firm’s clients were able to recover from a ransomware attack without having to pay ransom. I was surprised to hear that statistic, as I would have guessed a higher percentage paid ransom….