November 30, 2023 at 08:24AM Since April 2022, the Black Basta ransomware group has amassed over $107 million, with at least 90 out of 300+ victims paying ransoms. Likely evolved from Conti, the group uses Qakbot for malware deployment and shares typical ransomware-as-a-service payment structures. Its breach of Capita sparked widespread legal action. Meeting Takeaways: … Read more
November 30, 2023 at 06:30AM A CACTUS ransomware campaign is exploiting vulnerabilities in Qlik Sense, noted by Arctic Wolf researchers. These exploits allow attackers to gain initial access and establish persistence through various means, including disabling security software. The broader ransomware landscape continues to adapt and prove lucrative despite crackdowns, with groups like Black Basta … Read more
November 29, 2023 at 01:06AM A new ransomware called Xaro, derived from the DJVU/STOP strain, has been spreading through disguised cracked software. It encrypts files and steals information, demanding $980 in ransom. The malware also installs additional payloads like stealer and loader programs, aiming for double extortion and increased attack success rates. Cybersecurity experts warn … Read more
November 28, 2023 at 04:25PM Slovenian power company HSE was targeted by a ransomware attack on Nov. 22, but power production was unaffected. Control was regained on Nov. 24, with authorities notified and third-party experts engaged to mitigate the attack’s effects. No ransom has been demanded yet, and the situation is believed to be under … Read more
November 28, 2023 at 05:48AM The Google Cloud Cybersecurity Forecast 2024 highlights several cybersecurity trends to prepare for. Attackers will use AI to create convincing fake audio, video, and images for phishing and disinformation campaigns. Ransomware attacks will continue to plague enterprises, so offline backups and incident response plans are crucial. Cloud environments will be … Read more
November 28, 2023 at 05:42AM Healthcare services provider Ardent Health Services experienced a ransomware attack on Thanksgiving morning, causing disruptions to clinical and financial operations. Patient care is unaffected, but certain procedures are being rescheduled and patients are being diverted to other hospitals. Ardent is working to restore systems and determine the extent of the … Read more
November 28, 2023 at 05:26AM Ardent Health Services, based in Nashville, is dealing with a ransomware attack that has affected 30 hospitals and taken its network offline. Patient care at Ardent hospitals is not disrupted, but some patients are being redirected to other hospitals. Ardent has notified law enforcement and is investigating the incident. Full … Read more
November 27, 2023 at 03:12PM Last Friday, a ransomware attack hit the “Ethyrial: Echoes of Yore” MMORPG, resulting in the loss of 17,000 player accounts and their in-game progress. The developers have decided not to pay the attackers and will manually restore the affected systems. Impacted players will receive their lost items and progress, along … Read more
November 27, 2023 at 12:56PM Ardent Health Services, a healthcare provider with 30 hospitals across six U.S. states, experienced a ransomware attack, leading to the entire network being taken offline. Impacted hospitals are diverting emergency care to other facilities while still providing medical screening and stabilizing care. Non-urgent elective surgeries have been temporarily halted. Ardent … Read more
November 27, 2023 at 10:24AM Healthcare solutions company Henry Schein is in the process of restoring its systems after a ransomware group re-encrypted files during negotiations. The group, known as Alphv and BlackCat, claimed responsibility for the attack, saying they encrypted files and stole sensitive data. Henry Schein confirmed a data breach and potential theft … Read more