Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks

July 17, 2024 at 02:54AM Cybercrime group Scattered Spider has integrated ransomware strains RansomHub and Qilin in its activities, per Microsoft. Scattered Spider employs social engineering to breach and persist in targets, with a history of targeting VMWare ESXi servers. RansomHub, a widely used ransomware, has been linked to various threat actors. Microsoft urges security … Read more

Microsoft: Scattered Spider Widens Web With RansomHub & Qilin

July 16, 2024 at 05:27PM Microsoft’s Threat Intelligence Team warns of Octo Tempest, also known as Scattered Spider, adding RansomHub and Qilin to its attack arsenal. The threat actor uses sophisticated social engineering, identity compromises, and targets VMware ESXi servers. Notably, it is behind major ransomware attacks on Caesars Palace and MGM Entertainment. The group … Read more

Scattered Spider’s fave new ransomware tools are RansomHub and Qilin

July 16, 2024 at 02:15PM The Scattered Spider cybercrime group, also known as Octo Tempest, is now utilizing RansomHub and Qilin ransomware variants in its attacks. This showcases a potential power shift among hacking groups. Microsoft has identified Scattered Spider as a sophisticated and threatening group, accounting for a significant portion of its investigations. Additionally, … Read more

Microsoft links Scattered Spider hackers to Qilin ransomware attacks

July 16, 2024 at 09:42AM Microsoft revealed that the Scattered Spider cybercrime gang has incorporated Qilin ransomware into its attacks, notably affecting high-profile organizations. The FBI and CISA issued an advisory on the gang’s tactics, including impersonating IT employees and using phishing and MFA bombing for network access. Qilin’s advanced Linux encryptors target VMware ESXi … Read more

UK and US cops band together to tackle Qilin’s ransomware shakedowns

June 25, 2024 at 08:09AM UK and US authorities have united to combat the Qilin ransomware gang’s assault on the healthcare industry. The group’s attack on a UK pathology service disrupted thousands of surgeries and led to stolen patient data being leaked. Investigations by NHS England and law enforcement agencies are ongoing to respond to … Read more

Investigation of Russian Hack on London Hospitals May Take Weeks Amid Worries Over Online Data Dump

June 23, 2024 at 09:21PM The Russian group Qilin’s ransomware attack on London hospitals has caused ongoing cancellations of operations and appointments, impacting patient services. It is reported that patient data including names, dates of birth, and test descriptions have been published online. This attack also compromised records covering 300 million patient interactions. The National … Read more

RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks

June 5, 2024 at 05:35PM RansomHub ransomware recently exploited the ZeroLogon flaw in Windows Netlogon Remote Protocol (CVE-2020-1472) for initial access. Symantec identified the use of Atera, Splashtop, and NetScan tools. Organizations are advised to patch the vulnerability. RansomHub, a ransomware-as-a-service, has impacted numerous organizations. It shares extensive code overlaps with the Knight ransomware, likely … Read more

Qilin ransomware gang linked to attack on London hospitals

June 5, 2024 at 02:00PM Cyber criminals from the Qilin ransomware operation have targeted pathology services provider Synnovis, impacting several major NHS hospitals in London. The attack has caused disruptions to primary healthcare services and led to the postponement and cancellation of non-emergency appointments and surgeries. The group is known for double-extortion attacks, demanding ransom … Read more