Ashish Khaitan reports: Ukraine has become the battleground for a cyber onslaught, with the NoName ransomware attack claiming responsibility for a series of attacks on various entities. The NoName ransomware attack has specifically targeted prominent organizations in Ukraine, as revealed by the threat actor on their dark web portal. The list includes the National Securities…
Category: Malware
Employee files compromised after ransomware attack on Campbell County School District
Matthew Dietz reports: The Campbell County School District announced Thursday that it was recently the target of a ransomware incident that allowed an unauthorized person to gain access to employee files. The school district did not specify when the incident occurred. The district said the incident impacted the availability and functionality of its computer network….
Newfound school district still working to recover data after cyber attack
Thomas P. Caldwell reports: Newfound Area School District is recovering from a Nov. 15 cyber breach, described as a ransomware attack because it locked users out, although the unknown hacker did not make a financial demand. Jason Sgro, a senior partner at the Atom Group, the cyber response company based in Portsmouth working to restore…
Neurology Center of Nevada allegedly attacked by Qlin
Cardiovascular Consultants in Arizona is not the only U.S. medical entity the ransomware gang known as Qlin has hit. On December 4, Qlin added the Neurology Center of Nevada (NCN) to their leak site. They also provided screenshots as proof of claims. Some of those screenshots revealed personal or protected health information. In addition to…
Hospital systems slowly coming back online after October cyberattack
Paul Pedro reports: The five regional hospitals affected by a ransomware cyberattack are confirming that charting systems started coming back online last week and have continued this week. “As we continue to bring systems online, we are closely monitoring system integrity during network restoration at each institution,” hospital officials said in a statement on Thursday morning. “This…
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors
Ryan Tomcik, Adrian McCabe, Rufus Brown, and Geoff Ackerman write: Earlier this year, Mandiant’s Managed Defense threat hunting team identified an UNC2975 malicious advertising (“malvertising”) campaign promoting malicious websites themed around unclaimed funds. This campaign dates back to at least June 19, 2023, and has abused search engine traffic and leveraged malicious advertisements to affect…