February 7, 2024 TLP:CLEAR Report: 202402071200 Executive Summary Akira ransomware is a relatively new ransomware gang that has demonstrated aggressive and capable targeting of the U.S. health sector in its short lifespan. U.S. healthcare organizations are advised to follow the steps in this alert to minimize their risk of attack. Overview Akira ransomware was first…
Rhysida ransomware decryptor publicly released
Laura French reports: A Rhysida ransomware decryption tool has been publicly released and detailed in a preprint paper by South Korean researchers Friday. The Rhysida decryptor takes advantage of a vulnerability in the ransomware’s encryption process, enabling the process to be reverse engineered to recover files. The researchers from Kookmin University and the Korea Internet…
Cyberattack shuts down Colorado public defender’s office
Shelly Bradbury reports: A cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network, locking public defenders across the state out of critical work systems and prompting attorneys to seek delays in their court cases. Office spokesman James Karbach confirmed the breach in a statement Monday,…
20+ hospitals in Romania hit hard by ransomware attack on IT service provider
Graham Cluley reports: Over 20 hospitals in Bucharest have reportedly been impacted by a ransomware attack after cybercriminals targeted an IT service provider. As a consequence medical staff have been forced to use pen-and-paper rather than computer systems. Romania’s National Cybersecurity Directorate (DNSC) said in a statement that the attackers encrypted hospital data using the Backmydata ransomware…
Data breach of two third-party payment operators affects more than 33 million in France: CNIL opens an investigation
Google translation of some of CNIL’s report: The CNIL was informed by Viamedis and Almerys of the computer attack to which they were victims at the end of January. These operators, who manage third-party payment for complementary health insurance, saw the data necessary for their missions be compromised during this breach. In total, this data leak concerns more than 33…
Cyberattack at Armentières hospital, emergency rooms closed for the day
ANM reports: The Armentières hospital center was the victim of a cyberattack during the night from Saturday to Sunday at 2 a.m., France Bleu Nord learned on Sunday February 11 from the hospital management. The pirates demand a ransom from the hospital. The emergency department is closed for the next 24 hours, patients are being…