Marco A. De Felice (@amvinfe) managed to shoulder-surf ransom negotiations between Black Basta and KFI Engineers (“KFI”) in Minnesota. He reports that the victims wound up paying $300,000.00, half of what the attackers initially demanded. KFI counts schools and hospitals among its clients, but as an engineering firm, one would not expect them to have…
Search Results for: ransomware
Reventics notifying patients of ransomware incident
Reventics LLC is a business associate in Colorado offering revenue cycle management, clinical documentation, and quality improvement services. On or about December 15, 2022, Reventics detected some anomalies in its systems and discovered an intrusion and encryption of its files. Some of those files contained protected health information (PHI) of patients. On December 27, an…
Weeklong ransomware attack on Oakland government drags on
Da Lin reports: OAKLAND – 10 days after the City of Oakland experienced a ransomware attack, many of its departments remain shut down to the public. Emergency services like police and fire are operational. The lobby at the Oakland Police Department is one of few places still open to the public, but there are signs…
Update to the Des Moines Public School ransomware attack
For some students in Des Moines, Iowa, the return to school after the winter holidays was soon interrupted by a cyberattack that resulted in classes being canceled. But as classes continued to be canceled, it became clearer that restoration and recovery would not be quick. By January 11, two days after the announcement of school…
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Chetan Raghuprasad writes: Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP)…
City of Oakland declares state of emergency after ransomware attack
Sergiu Gatlan reports: Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th. Interim City Administrator G. Harold Duffey declared a state of emergency to allow the City of Oakland to expedite orders, materials and equipment procurement,…