Danny Palmer reports: A newly uncovered cyber criminal campaign is using a well-known exploit kit to distribute ransomware using drive-by downloads on hacked websites. While not used as prolifically as it once was, the RIG Exploit kit leverages vulnerabilities in Internet Explorer and Flash Player to launch JavaScript, Flash, VBscript-based attacks to distribute malware to…
Category: Malware
Medical Oncology Hematology Consultants notifies 19,203 patients after ransomware incident
Medical Oncology Hematology Consultants, PA in Delaware recently reported a ransomware attack to HHS that affected 19,203 patients. The attack began on June 17, but wasn’t discovered until July 7. The practice notes that there was no indication that any PHI was accessed, much less acquired. I was impressed by their robust response to the incident…
This giant ransomware campaign just sent millions of malware-spreading emails
Danny Palmer reports: Once considered almost dead, the Locky strain of ransomware has continued its resurgence with a new email distribution campaign, which researchers say is one of the largest malware campaigns of this half of the year. Over 23 million messages containing Locky were sent in just 24 hours on 28 August, with the…
SC: Dorchester School District 2 says $2,900 ransom paid to recover data after server breach, but no identities stolen
Drew Tripp reports: Dorchester School District 2 officials say no student or staff member’s identity information was stolen or compromised in a ransomware attack on the district’s computer network servers over the summer, but that some files were corrupted and lost, and the district was forced to pay a ransom to regain access to other…
Bit Paymer Ransomware Hits Scottish Hospitals
I mentioned this ransomware incident the other day, but now Catalin Cimpanu has a really good article with much detail about the ransomware and ransom demands, etc. You can read his report on BleepingComputer. Catalin’s article answers one question I had posed about the NHS Lanarkshire incident – the ransomware is believed to be installed…
More details emerge on NHS Lanarkshire ransomware attack
The cyber attack that led to operations and appointments being cancelled at NHS Lanarkshire was another “ransomware” case, Neil Pooran reports: The malicious software has been identified as a programme called Bitpaymer, a new type of ransomware which was able to get past existing security measures. Bitpaymer locks away files and demands payments in Bitcoins,…