On February 17, DataBreaches reported that the RansomHub ransomware group claimed responsibility for an attack on the Sault Ste. Marie Tribe of Chippewa Indians. RansomHub claimed to have “temporarily locked” the tribe’s infrastructure and to have acquired 119 GB of files (501, 211 files). The post included statements by RansomHub as seen on their dark…
Category: Of Note
Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors
Marine Pichon and Alexis Bonnefoi of Orange Cyberdefense report: Last year, Orange Cyberdefense’s CERT investigated a series of incidents from an unknown threat actor leveraging both ShadowPad and PlugX. Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese – a topic our World Watch CTI team holds in high regard), the campaign impacted several European organizations, including in the healthcare vertical, during…
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
Dan Black of Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government…
Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted
As Unmanned Aerial Vehicles (UAVs or “drones”) and Unmanned Aerial Systems (UAS) are increasingly deployed as part of military operations, there has also been an upsurge in counter-UAV (C-UAV) and counter-UAS technologies designed to detect and neutralize the threats they pose. Unsurprisingly, there has been an uptick in cyberespionage groups and cybercriminals attempting to acquire…
Deal leaks: data protection during M&A
Fraser Tennant reports: …. The reality is that M&A practitioners, in their quest to negotiate the best possible deal, may be less focused on the tools that are used to store and share confidential transactional data – both internally and externally. This can leave such data highly vulnerable to hackers with malicious intent. “Threat actors…
Memorial Hospital and Manor notifies 120,085 people of November ransomware attack
On November 3, 2024, WALB in Georgia reported that Memorial Hospital and Manor had been the victim of a ransomware attack on November 1 that they discovered on November 2. The hospital announced the incident on its Facebook page in a post that is no longer available. But Memorial Hospital and Manor did not appear…