Simon Sharwood reports: Ransomware actors aim to spend the shortest amount of time possible inside your systems, and that means the encryption they employ is shoddy and often corrupts your data. That in turn means restoration after paying ransoms is often a more expensive chore than just deciding not to pay and working from our…
Category: Malware
CrowdStrike finds new ransomware-as-a-service group targeting VMWare ESXi servers (5 tips to fight back)
Nancy Liu reports: CrowStrike discovered a new ransomware-as-a-service (RaaS) group — MichaelKors (formerly Qilin) — targeting VMWare ESXi servers since last month. The VMWare ESXi is a hypervisor that runs and manages virtual machines (VMs) directly on a dedicated host’s hardware. The products associated with the ESXi platform include VMware vSphere Hypervisor, vCenter, ONE Access or Identity…
Philadelphia Inquirer hit by cyberattack causing newspaper’s largest disruption in decades
AP reports: The Philadelphia Inquirer experienced the most significant disruption to its operations in 27 years due to what the newspaper calls a cyberattack. The company was working to restore print operations after a cyber incursion that prevented the printing of the newspaper’s Sunday print edition, the Inquirer reported on its website. Read more at…
Ransomware attack on PharMerica affected 5.8 million patients
While the Fortra/GoAnywhere data breach by Clop is shaping up to be the biggest, or one of the biggest, breaches affecting HIPAA-covered entities and business associates in 2023, an attack by Money Message on PharMerica is currently the largest single breach reported so far this year, with almost 6 million affected. On April 8, DataBreaches…
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
Jurgita Lapienytė reports: Unlike most ransom campaigns, CheckMate, discovered in 2022, has been quiet throughout its operations. To the best of our knowledge, it doesn’t operate a data leak site. That’s quite unusual for a ransomware campaign since many prominent gangs brag about big targets and post them as victims on their data leak sites….
Bluefield University cyberattack affects employees, students, and some students’ parents (2)
Updated May 13: It appears that Bluefield U. has not warned students that the university’s system is still compromised and that the threat actor can see and acquire files. Yesterday, a student that DataBreaches will not name submitted a Virginia Tuition Assistance Grant application with his full Social Security number, date of birth, and other…