Jonathan Greig reports: Cleveland’s City Hall will remain closed on Tuesday in the aftermath of a cyberattack that has forced officials to take unnamed systems offline. In a statement to Recorded Future News, the city said the incident has been confirmed as a ransomware attack, but they declined to answer specific questions about what services…
Category: Malware
You permanently closed your business and then got hit with a ransomware attack. It just doesn’t seem fair, does it?
From a breach notification by civil law firm Santoro Whitmire in Las Vegas: Recently, after the firm permanently closed its business, we were the target of a ransomware attack. Ransomware is a computer virus that encrypts computer systems until and unless we pay money (i.e., the ransom) demanded by the attackers. We immediately notified law…
Special Health Resources’ “technical difficulties” are due to a ransomware attack
Although some threat groups or affiliates have sworn off attacking the medical sector with ransomware, not all have. On Sunday evening, June 2, Special Health Resources (“SHR”) posted a notice on their Facebook account: We are currently experiencing technical difficulties and on Monday, our health centers will only see patients who are actively sick. All…
RansomHouse: investigation and findings by Analyst1
Analyst1 has published a report on RansomHouse: RansomHouse: Stolen Data Market, Influence Operations & Other Tricks Up the Sleeve. The Executive Summary of the report by Anastasia Sentsova begins: This research aims to identify connections between RansomHouse, and other groups based on the investigation of multiple crossclaims of victims. Emerging after the Babuk source code…
Never heard of the Embargo ransomware group? SuspectFile provides some insight.
Marco A. De Felice (aka @amvinfe) writes: Embargo is yet another ransomware group emerging in the digital extortion landscape, a group that some industry analysts compare to the much more well-known Alphv group. However, programming similarities do not align with the statements made by a group member during our interview. The program used by Embargo…
FBI Cyber Lead Urges Potential LockBit Victims to Contact Internet Crime Complaint Center
FBI Cyber Division Assistant Director Bryan Vorndran on June 5 highlighted the Bureau’s “ongoing disruption” of the LockBit ransomware group and its affiliates, and urged potential victims to contact the Bureau’s Internet Crime Complaint Center (IC3). The Bureau now has more than 7,000 LockBit decryption keys in its possession, Vorndran said in a keynote at the…