ransomware

RansomHouse gang automates VMware ESXi attacks with new MrAgent tool

by

February 15, 2024 at 01:57PM RansomHouse’s new tool ‘MrAgent’ automates deploying its data encrypter across multiple VMware ESXi hypervisors. This ransomware targeting large organizations maximizes impact by compromising critical applications and services. Custom configurations include scheduling an encryption event and altering the hypervisor’s monitor message. The tool’s adaptation for Windows systems demonstrates intent to extend … Read more

Cyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Experts Warn

by

February 15, 2024 at 01:33PM Cybersecurity experts warn of increasing cyberattacks on hospitals, leaving them vulnerable to data and network breaches. The use of online technology has expanded the digital attack surface, making hospitals a prime target for ransomware attacks. The US government is urged to take more significant action to address the escalating cyber … Read more

Trans-Northern Pipelines investigating ALPHV ransomware attack claims

by

February 14, 2024 at 10:31AM Trans-Northern Pipelines (TNPI) confirmed a November 2023 breach in their internal network and is investigating data theft by the ALPHV/BlackCat ransomware gang. Operating 850km in Ontario-Quebec and 320km in Alberta, the company transports petroleum products while facing cybersecurity challenges. ALPHV, formerly DarkSide and BlackMatter, has been linked to numerous global … Read more

We’re at a Pivotal Moment for AI and Cybersecurity

by

February 14, 2024 at 10:02AM The rise of generative AI has intensified the cybersecurity battlefield, empowering cyber attackers with advanced phishing techniques and malware creation. However, responsible deployment of AI can provide security professionals with the contextual understanding needed to preempt and combat these threats, offering hope for an improved security posture in the ongoing … Read more

Southern Water cyberattack expected to hit hundreds of thousands of customers

by

February 14, 2024 at 07:41AM Southern Water confirms data breach affecting 5-10% of customers and undisclosed staff members due to January cyberattack. Black Basta ransomware group claimed responsibility. Data, including personal and financial details, was leaked online. Customers being notified and offered Experian Identity Plus membership. No evidence of further data publication found. Critical infrastructure … Read more

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

by

February 14, 2024 at 06:06AM The Bumblebee malware loader, initially linked to ransomware groups, has resurfaced using old-school VBA macros to target US organizations in a new campaign. Its reappearance signals a change in attack tactics, bucking the trend towards more advanced methods. Although this may seem outdated, vigilance and security measures should not be … Read more

Aircraft Leasing Company Acknowledges Cyberattack in SEC Filing

by

February 13, 2024 at 03:05PM Willis Lease Finance Corp. reported a cybersecurity incident on Jan. 31, resulting in offline systems. Unauthorized activity was discovered, prompting an investigation alongside cybersecurity experts. While the group behind the incident remains unidentified, the Black Basta ransomware group claimed to have stolen 910GB of data from the company, including customer … Read more

ALPHV blackmails Canadian pipeline over claims it stole 190GB of vital info

by

February 13, 2024 at 02:29PM Canada’s Trans-Northern Pipelines was allegedly targeted by the ALPHV/BlackCat ransomware group, claiming to have stolen 190GB of data, including vital information. This intrusion draws comparisons to the 2021 Colonial Pipeline attack. ALPHV has also targeted other critical infrastructure organizations, prompting calls for improved cybersecurity measures to prevent catastrophic attacks on … Read more

Willis Lease Finance Corp Discloses Cyberattack

by

February 13, 2024 at 09:57AM Aircraft parts dealer Willis Lease Finance Corporation (WLFC) reported a cyberattack to the US Securities and Exchange Commission, detected on January 31. The company contained the incident by February 2 and is investigating the scope and impact of the attack. The Black Basta ransomware gang claims responsibility and threatens to … Read more

Bank of America Customer Data Stolen in Data Breach

by

February 13, 2024 at 09:57AM Bank of America notified 57,000 customers of a data breach at third-party provider Infosys McCamish System. The parent company, Infosys, disclosed the cyberattack on November 3, 2023, stating that customer data was exfiltrated. Bank of America informed customers of potential compromise of personal information and offered identity theft protection. The … Read more