Ransomware | SC Media

Ransomware

Hospital

No reprieve for health care orgs as ransomware hits hospital operator, plastic surgeons

If there was any lingering hope that cybercriminals would show mercy on health care providers during the COVID-19 crisis — as some claimed they would do — that pipe dream evaporated with the news that various ransomware groups attacked Fresenius, Europe’s largest private hospital operator, as well as a pair of U.S.-based plastic surgery clinics.…

‘About Coronavirus’ app locks Android screens with repackaged malware

An existing version of the Android device screen-locking malware SLocker has apparently been copied and repackaged in the form of a mobile coronavirus app, in hopes of drawing in victims and encouraging downloads from third-party marketplace sites. Researchers at Bitdefender found the malicious app, which has been targeting users in Ukraine, Russia, Kazakhstan, Turkmenistan and…

Average ransom payment up 33 percent in Q1, Sodinokibi and Ryuk top variants

The ever industrious and forward-looking groups behind the majority of ransomware attacks essentially reinvented the business during the first quarter of 2020 developing new tools and methods that helped boost their success rate. The advent of the COVID-19 pandemic certainly helped these cybercriminals by giving them additional avenues to pursue but the new strategies would…

In growing market for genetic data, privacy implications prove lasting

ExecuPharm employee info compromised following reported ransomware attack

ExecuPharm, a provider of pharmaceutical clinical research support services, has suffered a data security incident that has reportedly been identified as a CLOP ransomware attack, coupled with a corresponding data leak. Security experts have expressed concern that cybercriminals will target health care organizations at a time when their services may be needed to help respond…

black shades

Shade ransomware gang gives up keys, apologizes to victims

The malicious actors behind Shade ransomware made an unusual announcement on GitHub, not only publishing all 750,000 decryptor keys for the malware but apologizing for their criminal actions. “We are the team which created a trojan-encryptor mostly known as Shade, Troldesh or Encoder.858. In fact, we stopped its distribution in the end of 2019.” the…

Online leak undermines Torrance’s claim that no personal data was affected by cyberattack

A new online post by the DoppelPaymer gang further suggests that a cyberattack experienced by Torrance, California in late February-early March was a case of ransomware — one that appears to have affected personal data, despite the Los Angeles-area city’s claims otherwise. Brett Callow, threat analyst at Emsisoft, shared several examples of sensitive data published…

Maze ransomware attack catches IT services firm Cognizant unawares

Digital solutions provider and IT consultant giant Cognizant has been struck by a Maze ransomware attack that infected its systems and caused service disruptions to its clients. The Teaneck, N.J.-based company, with roughly $15 billion in revenue, confirmed the incident in a press release over the weekend. Cognizant serves a wide spectrum of industries, including…

More CFOs feeling the heat with ransomware

 Too often we’re hearing about ​cities​ and ​organizations​ falling prey to ransomware attacks with the average cost of ransomware related downtime ​hovering around $55K​ – note that’s just the cost of ​downtime ​ , which excludes any ransom that might be paid. It’s also estimated that the total damage costs from global ransomware incidents are…

Ragnar Locker’s well-conceived ransomware attack on Energias de Portugal

Ragnar Locker’s ransomware attack on Energias de Portugal (EDP) and its subsequent 1,580 bitcoin, or $11 million, ransom demand indicates the attack was well thought out with the attacker fully understanding it’s victim’s financial capabilities. James McQuiggan, security awareness advocate at KnowBe4, told SC Media that Ragnar Locker’s general modus operandi is to charge a…

Next post in Ransomware