Rustam Mirkasymov and Oleg Skulkin of Group-IB write: The email raised no suspicions. An employee of a Russian medical company boldly clicked on the link and downloaded the attached ZIP archive. The message with the subject “Bill due” looked like it had been sent by the Finance Department of a large Russian media holding, the…
Search Results for: ransomware
Maze attackers adopt Ragnar Locker virtual machine technique
Andrew Brandt and Peter Mackenzie of Sophos report: While conducting an investigation into an attack in July in which the attackers repeatedly attempted to infect computers with Maze ransomware, analysts with Sophos’ Managed Threat Response (MTR) discovered that the attackers had adopted a technique pioneered by the threat actors behind Ragnar Locker earlier this year,…
Ontario nurses’ regulatory body investigating ‘cyber security incident’
Kate Dubinski reports: The College of Nurses of Ontario (CNO) has been dealing with a “cyber security incident” that may have compromised the personal information of its almost 200,000 members, CBC News has learned. The name of the college and some of the information hackers say they have access to appears on a website associated with…
Maze attacking some of the country’s largest school districts
On August 27, Clark County School District (CCSD) in Nevada experienced a data security incident that they disclosed the next day. And on September 8, they issued an update. The update noted that the attack was a ransomware attack. Although the district stated it had seen no evidence of misuse, they were notifying everyone to…
Interim Report on the Blackbaud Breach: 3.4 Million Patients and Counting
The Blackbaud ransomware incident disclosed on July 16 will likely end up being the largest or one of the largest breaches of the year involving patient information. I’ve been reading disclosures from dozens of entities and have compiled a list of those Blackbaud clients whose disclosures state or suggest that Blackbaud had been storing some…
SC: In September, Roper St. Francis was busy sending notifications on two separate breaches
On September 3, ABC reported that Roper St. Francis was notifying 6,000 patients about a breach involving their protected health information. This week, you may have read that Roper St. Francis is notifying almost 93,000 patients. There are two unrelated incidents. The first involved the compromise of an employee’s email account in June that the…