By Ben Seri and Barak Hadad Nine vulnerabilities in critical infrastructure used by 80% of major hospitals in North America. Swisslog’s Translogic Pneumatic Tube System (PTS), a solution that plays a crucial role in patient care, found vulnerable to devastating attack. Read more on ARMIS.
Category: Of Note
Secrets and Lies: The Games Ransomware Attackers Play
Mathew J. Schwartz reports: If you’re a criminal, practicing good operational security would seem to preclude granting tell-all news media interviews. And yet we’ve seen a spate of attackers who wield ransomware – including MountLocker, LockBit, REvil and DarkMatter – sharing insights into their inclinations, motivations and tactics. One perhaps inadvertent takeaway from their interviews…
Disgruntled ransomware affiliate leaks the Conti gang’s technical manuals
Catalin Cimpanu reports: A disgruntled member of the Conti ransomware program has leaked today the manuals and technical guides used by the Conti gang to train affiliate members on how to access, move laterally, and escalate access inside a hacked company and then exfiltrate its data before encrypting files. Leaked on an underground cybercrime forum…
Waikato DHB wins injunction to stop Radio NZ using hacked data
Stuff reports: Waikato District Health Board has succeeded in court action to stop Radio New Zealand using data taken in a cyber-attack. In a decision released on Wednesday, the health board has won an interim injunction through the High Court restraining Radio NZ from accessing stolen data without consent and to permanently delete that data…
U.S. medical entities fall prey to Pysa threat actors, but many haven’t disclosed it – at least, not yet.
—– A DataBreaches.net report by Dissent and Chum1ng0 —– Since 2018, threat actors known as “Pysa” (for “Protect Your System Amigo”) have used mespinoza ransomware to lock up victims’ files after exfiltrating a copy of them. In early 2020, alerts about these “big-game hunters” were published by both the FBI and CNIL . Since then,…
Decryptor released for Prometheus ransomware victims
Catalin Cimpanu reports: Taiwanese security firm CyCraft has released a free application that can help victims of the Prometheus ransomware recover and decrypt some of their files. Available on GitHub, the decryptor effectively works by brute-forcing the encryption key used to lock the victim’s data. Read more on The Record.