Research by: Jiri Vinopal, Dennis Yarizadeh and Gil Gekker Key Findings: Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) encountered a previously unnamed ransomware strain, we dubbed Rorschach, deployed against a US-based company. Rorschach ransomware appears to be unique, sharing no overlaps that could easily attribute it to any known ransomware strain. In addition, it…
Cyber attack downs major Israeli university websites
The Jersualem Post reports: Websites of multiple major universities in Israel were attacked by a group of hackers calling themselves “Anonymous Sudan” on Tuesday. Among the websites unavailable for browsing were the sites of Tel Aviv University, the Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel…
Unpacking the Structure of Modern Cybercrime Organizations
David Sancho, Mayra Rosario Fuentes report: The last 20 years have seen the cyberthreat landscape transform markedly: From an era of cyberattacks with damaging payloads, the cybercrime space has evolved to one where malicious actors have organized themselves into groups, mainly driven by financial gain. Consequently, organizations now contend with a new breed of cybercriminals…
Western Digital says hackers stole data in ‘network security’ breach
Carly Page reports: Data storage giant Western Digital has confirmed that hackers exfiltrated data from its systems during a “network security incident” last week. The California-based company said in a statement on Monday that an unauthorized third party gained access to “a number” of its internal systems on March 26. Western Digital hasn’t confirmed the nature of…
Are you a “Lucky Winner” from Equifax?
Earlier today, vx-underground reported that a hoax email was being sent from Equifax with the subject line “Free Pompompurin.” An unknown individual has compromised the email system for Equifax. They have sent out an email with the subject matter as “Free Pompompurin”. Image 1. email extended header information Image 2. email itself pic.twitter.com/mlrO99uVdl — vx-underground…
Developing: Stormous claims to have attacked hospital; apologizes minutes later, pledges to undo damage, and seeks forgiveness (Update1: was this a scam?)
Stormous Ransomware added Cameron Memorial Community Hospital in Indiana to their leak site today and posted a pointer to it on their Telegram channel. Then they appeared to regret their actions, posting the following only minutes later: We are writing to express our sincerest apologies for the recent ransomware attack on hospital IT systems. We…