Lawrence Abrams reports: A new ransomware called RegretLocker uses a variety of advanced features that allows it to encrypt virtual hard drives and close open files for encryption. RegretLocker was discovered in October and is a simple ransomware in terms of appearance as it does not contain a long-winded ransom note and uses email for communication…
Hospital, Patients Seek Ransomware Attack Settlement Approval
Mary Anne Pazanowski reports: Saint Francis Healthcare System and the representatives of a class of over 90,000 patients is asking a federal court to approve the final settlement of a lawsuit growing out of a 2019 ransomware attack on a computer network that disrupted medical services and exposed patient records to unlawful access. Read more…
Folksam data breach leaks info of 1M Swedes to Google, Facebook, more
Sergiu Gatlan reports: Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers’ personal info with multiple technology giants. The insurer discovered the data breach after an internal audit according to Jens Wikström, Head of Marketing and Sales at Folksam, and reported the incident to…
Saarbrücken Airport reports cyberattack
The following is a Google translation: There was a cyber attack on Saarbrücken Airport and the state-owned structural holding company Saar GmbH on Tuesday morning. Flight operations are not affected. SHS and airport spokesman Ludwin Vogel confirmed to the SR that the company was being attacked via the Internet. He emphasized that flight operations were not affected. The…
Campari Group victim of a malware attack
A Google translation of a report on Trend-Online: Campari Group informs that, presumably on 1 November 2020, it was the subject of a malware attack (computer virus), which was promptly identified. The Group’s IT department, with the support of IT security experts, immediately took action to limit the spread of malware in data and systems. Read…
Did REvil just acquire source code for the KPot stealer?
Cyjax notes: The source code for the KPot stealer has been auctioned off, with a representative of the REvil ransomware group being the sole public bidder. KPot first appeared in the darknet in mid-2018 as a Malware-as-a-Service (MaaS). It’s functionality included: Collect passwords, cookies, browsing history and autofill forms from Chrome, Firefox and Edge Collect…