Category: Malware

July 25, 2024

The National Community Pharmacists Association (NCPA) and more than three dozen healthcare providers from 22 U.S. states have filed a lawsuit against Change Healthcare, Optum, and UnitedHealth Group. The lawsuit stems from the catastrophic ransomware attack and subsequent data breach […]

July 19, 2024

SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. FIN7 developed a tool called AvNeutralizer (also known as AuKill) that can bypass security solutions. The […]

July 17, 2024

Costs associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year. According to Sophos’ latest figures, released today, the median ransom payments rose to $2.54 million – a whopping 41 times last year’s sum of […]

July 9, 2024

Evolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine’s attorney general. The filing lists the total number of persons affected (including […]

June 27, 2024

A South Korean media outlet has alleged that local telco KT deliberately infected some customers with malware due to their excessive use of peer-to-peer (P2P) downloading tools. The number of infected users of “web hard drives” – the South Korean […]

June 25, 2024

You know that a technology problem is serious when the White House holds a summit about it. Ransomware is no longer a simple nerd-borne irritation; it’s an organized criminal scourge. Research from the Enterprise Systems Group (ESG) found 79 percent […]

June 13, 2024

The Netherlands’ cybersecurity agency (NCSC) says the previously reported attack on the country’s Ministry of Defense (MoD) was far more extensive than previously thought. The NCSC first published details of a Chinese state-sponsored malware campaign in February, but has continued […]

June 11, 2024

Japanese media conglomerate Kadokawa and several of its properties have been offline for four days after a major cyber attack. A Sunday statement posted to a temporary website reveals that the group detected an issue that prevented access to multiple […]

May 31, 2024

Unknown miscreants broke into more than 600,000 routers belonging to a single ISP late last year and deployed malware on the devices before totally disabling them, according to security researchers. The cyber attack, which wasn’t reported at the time, took […]

May 22, 2024

The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents. According to the breach reporting rules the federal agency adopted in July, public companies must disclose material […]

May 17, 2024

On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The city immediately started its incident response procedure to prevent the threat from spreading and […]

May 13, 2024

Europol is investigating a cybercriminal’s claims that they stole confidential data from a number of the agency’s sources. Among the sources referenced by the cybercriminal, the Europol Platform for Experts (EPE) is confirmed to be the main subject of the […]

May 6, 2024

The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The security breach took place on May 5th, 2024, and immediately started its incident response procedure to prevent the […]

May 6, 2024

Traficom, Finland’s Transport and Communications Agency, issued a warning regarding a current Android malware campaign aimed at bank accounts. Traficom reported that clients of multiple banks received text messages in the Finnish language that instruct recipients to call a service […]

April 26, 2024

Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5% alcohol by volume. It operates stores across Sweden and is responsible […]

April 25, 2024

As part of the malware operation, referred to as GuptiMiner, the threat actor exploited a vulnerability in the eScan antivirus update mechanism and performed a man-in-the-middle (MitM) attack to replace the legitimate update package with a malicious one. eScan is […]

April 12, 2024

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting […]

April 8, 2024

The sophisticated threat group behind a complex JavaScript remote access Trojan (RAT) known as JSOutProx has released a new version of the malware to target organizations in the Middle East. Cybersecurity services firm Resecurity analyzed technical details of multiple incidents […]

April 5, 2024

A cyberattack hit Omni Hotels & Resorts disrupting its services and forcing the company to shut down its systems. The hotel chain did not share details about the attack, however, the effects reported in the notice suggest that the company […]

April 3, 2024

To deploy a ransomware attack, adversaries must first gain access to a victim’s corporate environment, devices, and data. Threat actors typically use two main approaches to gain entry: logging in using compromised credentials, i.e., legitimate access data that had previously […]