Jen Easterly, Director of CISA, tweeted: In early May 2023, a group self-identifying as the Bl00dy Ransomware Gang was observed attempting to exploit vulnerable PaperCut servers at educational institutions. Read our joint advisory with @FBI and apply patches or workarounds today: http://go.dhs.gov/4sz The advisory is embedded below:
Category: Malware
Methodist Family Health discloses breach potentially involving sensitive info on children
On May 3, Methodist Family Health (MFH) in Arkansas notified HHS that 5,259 patients were affected by a breach. On their website, MFH posted a notice on the same day. It begins: Methodist Family Health (“MFH”) experienced a data breach on March 4, 2023, that was first detected on March 6, 2023. After a thorough…
Ransomware Encryption Rates Reach New Heights
Weren’t we reading something a while back about how some ransomware groups were no longer locking files and were just exfiltrating? Phil Muncaster reports a recent study says the rate of locking is higher than ever. The share of ransomware victims whose data was encrypted by their extorters grew to 76% over the past year,…
More breach news from the U.S. healthcare sector
A small roundup of incidents from the past 24 hours, including some dark web disclosures Uintah Basin Healthcare notifies patients of data breach discovered in November Uintah Basin Healthcare (“UBH”) in Utah became aware of unusual activity in their network on November 7, 2022. They are first notifying patients who received care at UBH between…
NC: Gaston College still investigating February cyberattack; personal information stolen still being determined
Taylor Young reports: Gaston College is a victim of a ransomware attack that prompted the school to take critical systems offline for caution. A college spokesperson said the it discovered the security issue Feb. 22. The school provided alternative links for students and staff, so campus operations and classes could continue. […] Two weeks ago, those…
Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia’s Federal Security Service
Through Operation MEDUSA, the FBI, and the U.S. Attorney’s Office for the Eastern District of New York Neutralized the FSB’s Premier Cyberespionage Malware Implant in Coordination with Multiple Foreign Governments The Justice Department today announced the completion of a court-authorized operation, code-named MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware,…