June 14, 2024 at 02:11PM Multiple London hospitals impacted by Synnovis ransomware attack forced to cancel hundreds of operations and appointments. Synnovis, formerly known as Viapath, was established in 2009 and rebranded in October 2022. NHS services disrupted as Synnovis systems were locked out in June 3 attack. Ongoing effects expected for months, with potential … Read more
June 14, 2024 at 10:27AM Ascension disclosed a ransomware attack compromising the personal and health information of unknown patients. The incident disrupted their electronic health record system, leading to patient diversions and an ongoing investigation. The attack exfiltrated files from seven servers, potentially containing PHI and PII. Ascension is offering free credit monitoring and identity … Read more
June 14, 2024 at 03:00AM The City of Cleveland faced a cyberattack, leading to the shutdown of systems at City Hall and Erieview Plaza. Key services remained unaffected, and steps were taken to secure and restore affected systems. The city is working with partners to investigate the incident’s nature and scope. The identity of the … Read more
June 13, 2024 at 05:57PM Ascension, a large U.S. healthcare system, disclosed that a ransomware attack in May 2024 was caused by an employee’s unintentional download of a malicious file. The attack affected patient records and led to offline devices. While investigation is ongoing, evidence shows stolen data may include Protected Health Information. The attack … Read more
June 13, 2024 at 02:45PM The Toronto District School Board (TDSB), Canada’s largest school board, is investigating a ransomware attack on its software testing environment to determine if any personal information was exposed. All systems are operational, and the organization is collaborating with cybersecurity experts to assess the incident’s scope and has notified relevant authorities. … Read more
June 13, 2024 at 02:38PM Panera Bread, a U.S. food chain with 2,160 cafes in the U.S. and Canada, suffered a data breach in a March ransomware attack. The breach compromised employee personal data, prompting the company to offer affected individuals a year of identity protection services. The attack caused a week-long system outage, with … Read more
June 12, 2024 at 06:16PM Symantec’s threat hunters suspect Black Basta ransomware gang exploited a Windows privilege escalation bug, CVE-2024-26169, before Microsoft’s patch. Symantec’s analysis suggests the ransomware could have been compiled pre-patch, allowing “at least one group” to exploit the vulnerability as a zero-day. The ransomware gang, tracked as Storm-1811, used social engineering attacks … Read more
June 11, 2024 at 10:28AM TellYouThePass ransomware gang has swiftly exploited the critical CVE-2024-4577 vulnerability in PHP, despite a recent patch. Using publicly available exploit code, they deploy webshells and execute an encryptor payload. By injecting a ransomware variant into memory, they demand 0.1 BTC for decryption. Over 450,000 exposed PHP servers could be vulnerable. … Read more
June 6, 2024 at 06:46PM LAUSD officials are investigating a threat actor’s claim of selling stolen databases holding records of millions of students and thousands of teachers. The alleged data for sale includes over 26 million student records, 24,000 teacher records, and 500 staff records. This follows a previous ransomware attack on LAUSD by the … Read more
June 6, 2024 at 02:34PM In May 2024, the ransomware ‘Fog’ targeted U.S. educational organizations using compromised VPN credentials. Notably, it employs double-extortion tactics by stealing data. With access to internal networks, attackers conduct various malicious activities and deploy the ransomware, appending encrypted files with specific extensions. Victims are directed to a Tor dark website … Read more