It appears that a third-party vendor has quietly paid ransom to unidentified threat actors. In a press release yesterday, Renaissance Life & Health Insurance Company of America says they were notified on June 1 by their vendor, Secure Administrative Solutions LLC (“SAS”), of a ransomware incident that involved unauthorized access to its systems occurred between…
Search Results for: ransomware
Ransomware via a call centre? BazaCall means no email attachment or link required for infection
Graham Cluley writes: Unsuspecting users of Office 365 are being tricked by a cybercriminal gang into calling a bogus call centre, with the eventual intention of installing ransomware onto their computers. Microsoft has warned that fraudulent emails are being sent out, attempting to trick users into calling a phone number operated by a cybercrime group. Read more…
Illinois AG Raoul Spends $2.5M On Ransomware Hack: Report
Jeff Arnold reports: Illinois Attorney General Kwame Raoul’s office spent more than $2.5 million for cybersecurity after a ransomware hack in April that put the personal data of an unknown number of residents at risk and came after federal authorities told him that his office’s cybersecurity systems were lacking. …. In the meantime, Raoul’s office…
Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves
Mathew J. Schwartz reports: The ransomware landscape constantly changes, which can make it difficult to track which attackers are coming, going or simply rebranding. One example is the DoppelPaymer – aka DopplePaymer – ransomware-as-a-service operation, which has gone relatively quiet since early May, posting no victims to its data leak site since May 6 and…
McAfee: Babuk ransomware decryptor causes encryption ‘beyond repair’
Jonathan Greig reports that a new report from McAfee Advanced Threat Research gives horrible reviews to Babuk’s cross-platform binary — so horrible that not only should victims not pay them, but affiliates should avoid them. “It seems that Babuk has adopted live beta testing on its victims when it comes to its Golang binary and…
Ransomware attack on Grass Valley
The City of Grass Valley has a notice on YubaNet that begins: On June 29, 2021 the City of Grass Valley discovered an unknown source had made unauthorized access to our information systems. The perpetrators of this cyber attack informed the City they had obtained data from City systems and threatened to publish the data…