Derek Kortepeter reports: Proofpoint researchers have published findings on a campaign involving the Hakbit ransomware. As their blog post states, the ransomware is being spread via spear-phishing emails targeted at individuals in “mid-level positions across the pharmaceutical, legal, financial, business service, retail, and healthcare sector.” The attacks, described as low-volume, are specifically targeting employees of organizations located in…
Category: Malware
BBC got to spectate ransomware negotiations with NetWalker
Oh, this is a bit different. Joe Tidy of BBC reports that BBC got an anonymous tipoff about NetWalker’s ransomware negotiations with the University of California San Francisco and was able to spectate the chat negotiations. BBC’s report includes snippets of the negotiations such as when the uni counter-offered $780,000 to the threat actors’ $3…
New Ransom X Ransomware used in Texas TxDOT cyberattack
Lawrence Abrams reports: A new ransomware called Ransom X is being actively used in human-operated and targeted attacks against government agencies and enterprises. May 2020 was not a good month for Texas as both the Texas Courts and the Texas Department of Transportation (TxDOT) were hit with ransomware attacks. At the time of the attacks, it was not known…
ZA: Hackers strike at Life Healthcare, extent of data breach yet to be assessed
I missed this one a few weeks ago, it seems. On June 9, CGTN Africa reported: South Africa’s Life Healthcare said on Tuesday its southern African operation was hit by a cyber attack affecting its admissions systems, business processing systems and email servers, but is yet to determine the extent to which data has been…
A new Malware strain dubbed as ‘Lucifer’ is affecting most of the Windows PCs, abusing critical vulnerabilities
Metal Messiah reports: A new variant of a powerful cryptojacking and DDoS-based malware is exploiting severe vulnerabilities in Windows machines, and affecting them in the process. Dubbed as “Lucifer”, this new malware is part of an active campaign against Windows hosts and uses a variety of ‘exploits’ in the latest wave of attacks, Palo Alto Networks’…
UCSF admits it paid NetWalker more than $1 million ransom
On June 4, this site noted that NetWalker ransomware operators had added the University of California at San Francisco (UCSF) to their website where they name victims who have not paid their ransom demands. I did not expect the university to pay, commenting, at the time, “I wonder if the threat actors know how many…