On October 13, AlphV threat actors added Morrison Community Hospital to their dark web leak site. Within hours, it appeared to have been removed. Today, it was re-listed with this commentary by AlphV: HUGE LEAK COMING! SQL + DATA = 5TB Given that we haven’t received a clear response from MCH representatives, we’ve decided to…
Category: Malware
RagnarLocker ransomware dark web site seized in international sting
Carly Page reports: An international group of law enforcement agencies have seized the dark web portal used by the notorious RagnarLocker ransomware group, TechCrunch has learned. A message on the RagnarLocker website now states that, “this service has been seized by a part of a coordinated international law enforcement action against the RagnarLocker group.” According…
Cuba ransomware gang demands $1.9 million for decryption key; Rock County refuses
WCLO reports an update to the ransomware attack experienced by Rock County, Wisconsin in September after they were attacked by the Cuba ransomware gang: Rock County officials are refusing to pay the $1.9 million hackers are seeking to unlock files that were encrypted during a recent ransomware attack. … Smith says fortunately all critical systems…
CISA shares vulnerabilities, misconfigs used by ransomware gangs
Sergiu Gatlan reports: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware gangs, aiming to help critical infrastructure organizations thwart their attacks. CISA released this information as part of its Ransomware Vulnerability Warning Pilot (RVWP) program, established in January of this year, when it announced that…
FBI and CISA Release Update on AvosLocker Advisory
The AvosLocker ransomware leak site has not been seen for months, but the government is providing an update on them based on its investigations as recently as May 2023. In May, DataBreaches reported on the Bluefield College breach by an affiliate of Avos. Because AvosLocker is RaaS, it’s possible that it is still active but…
How Vermont’s largest hospital now protects patient info 3 years after ransomware attack
Cam Smith reports: Nearly three years after Vermont’s largest hospital fell victim to a ransomware attack, hospital officials say they’ve made progress toward better systems to protect patient information. During the breach, nearly 1,300 servers were compromised on more than 5,000 devices across the UVM Health Network. Hospital officials say while no patient or employee…