Bill Toulas reports: The Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups. The agency says that the threat actor’s attacks accounted for six out of the seven cases of ransomware incidents reported last month. Wiping the backups amplifies the damage of the attack and allows…
Category: Malware
UK CISO’s are cowing to ransomware demands more than you think, here’s why they shouldn’t pay up
Emma Woollacott reports: One-third of UK-based CISOs have confessed to paying ransomware groups millions of dollars in recent years in a bid to alleviate the impact of an attack, according to new research. Analysis from security firm Trellix found four-in-ten UK CISOs have managed a ransomware attack in the last five years – and in…
Follow-on extortion campaign: confirmation of some findings by Arctic Wolf
Bill Toulas of Bleeping Computer reported on a recent Arctic Wolf Labs investigation that caught my eye. Arctic Wolf investigated two cases where victims of the Royal and Akira ransomware gangs who had paid ransoms were subsequently approached by threat actors offering to help them by hacking into the server of the ransomware gangs to…
Attorney General James Reaches Agreement with Refuah Health Center to Invest $1.2 Million to Protect Patient Data and Pay $450,000 in Penalties to State
January 5, 2024 NEW YORK – New York Attorney General Letitia James today announced an agreement with a Hudson Valley-area health care provider, Refuah Health Center, Inc. (Refuah), for failing to safeguard the personal and private health information of its patients. The Office of the Attorney General (OAG) found that Refuah failed to maintain appropriate controls to protect and limit access to sensitive data, including by failing to encrypt patient information and using multi-factor authentication. As…
Major Us Museums Suffer Cyberattack Fallout
ArtForum reports: Several US arts institutions were rendered unable to display their collections online after a cyberattack struck a tech service provider used by the museums, the New York Times reports. Among those affected by the breach targeting Gallery Systems, which aids cultural institutions in managing internal documents and displaying works digitally, were the Museum of Fine…
Zeppelin ransomware source code sold for $500 on hacking forum
Bill Toulas reports: A threat actor announced on a cybercrime forum that they sold the source code and a cracked version of the Zeppelin ransomware builder for just $500. The post was spotted by threat intelligence company KELA and while the legitimacy of the offer has not been validated, the screenshots from the seller indicate that the package…