Lawrence Abrams reports: Threat actors are now installing a new ransomware called ‘DEARCRY’ after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to…
Search Results for: ransomware
Another hospital hit by ransomware in France, Spain’s public employment service hit with Ryuk, and China’s Cosco Shipping allegedly hacked by LORDBR
Another French hospital, Centre Hospitalier Général d’Oloron, has fallen victim to a ransomware attack. France Bleu reports (translation): The Oloron Sainte-Marie hospital (Pyrénées-Atlantiques) was the victim of a cyberattack on Monday March 8 in the early afternoon. No application works and a message asking for a ransom of $ 50,000 to be transferred to a…
JP: Consulting firm hit with ransomware; 350 households have info possibly leaked
Hokkaido Cultural Broadcasting reports that an unnamed consulting firm in Tokyo contracted by Asahikawa City as part of rebuilding a housing complex was compromised by ransomware, resulting in the compromise of personal information for about 350 households. Read about it on fnn.jp (Japanese). h/t, @Chum1ng0
Ransomware gang plans to call victim’s business partners about attacks
Lawrence Abrams reports: The REvil ransomware operation announced this week that they are using DDoS attacks and voice calls to journalists and victim’s business partners to generate ransom payments. Read more on BleepingComputer.
Terminated: Texas Medicaid subcontractor dumped after data breach in ransomware attack from Russia
Robert T. Garrett reports that a breach that significantly impacted Texas Medicaid patients last year was not fully or accurately disclosed to the state by the subcontractor at the time. A Texas Medicaid subcontractor has been terminated after a data-privacy breach caused by a ransomware attack from Russia last year exposed the personal information of…
New ransomware only decrypts victims who join their Discord server
Lawrence Abrams reports: A new ransomware called ‘Hog’ encrypts users’ devices and only decrypts them if they join the developer’s Discord server. This week, security researcher MalwareHunterTeam found an in-development decryptor for the Hog Ransomware that requires victims to join their Discord server to decrypt their files. Read more on BleepingComputer.