On September 20, a relatively new ransomware gang called INC Ransomware added the Federal Labor Relations Authority to their leak site. As proof, they offered six images of files, two of which appear to contain personal information from cases or submissions involving care. In response to a request from this site, INC also provided DataBreaches…
Category: Malware
Ransomware gang QakBot resurfaces after Feds’ botnet takedown
Simon Hendery reports: Evidence suggests the notorious Qakbot malware gang continued staging cyberattacks in August, even as authorities seized its‘ infrastructure and dismantled the formidable botnet it had built up over several years. Before the FBI-led operation that took down the botnet, QakBot (also known as “QBot,” “QuackBot” and “Pinkslipbot”) was the most common malware…
Against advice of board attorney and feds, David Archie reveals how much Hinds County paid hackers after cyberattack
Bravo for standing up for transparency! C.J. LeMaster reports: Hinds County Supervisor David Archie revealed how much officials paid hackers after a cyberattack crippled county services for weeks, against the advice of the board’s attorney and federal investigators, with Archie arguing taxpayers have a right to know what’s going on with their tax dollars. The…
Melissa: ransomware prevention partnership
From Politie, this press release: Driebergen – The Public Prosecution Service (OM), the police, the National Cyber Security Center (NCSC), Cyberveilig Nederland and various private parties* from the cybersecurity sector today signed the ‘Melissa’ covenant. Melissa is a partnership between these public and private parties to combat ransomware attacks. The shared goal is to make the Netherlands…
HC3: Analyst Note: LokiBot Malware
Report: 202309291200 Executive Summary Active since 2015 and among the most prevalent and persistent strains of malware families since 2018, LokiBot has matured over time to target multi-sector industries. Despite its apolitical targeting of critical infrastructure, the malware’s adverse effect on the Healthcare and Public Health (HPH) sector shows its reach. In March 2020, a…
ECHN cyberattack compromised Social Security numbers, financial info and patients’ medical records
Eric Bedner reports: The cyberattack against the Eastern Connecticut Health Network in August resulted in the theft of employee and patient names and Social Security numbers, as well as patients’ confidential health and financial information, according to an attorney representing Prospect Medical Holdings — ECHN’s parent company. In a letter to the Connecticut attorney general’s office on…