City of Flint Scrambling to Restore Services Following Ransomware Attack

August 19, 2024 at 09:43AM The City of Flint, Michigan, is working to restore network systems after a ransomware attack on August 14. The attack affected payment and communication services, but emergency services like 911 were not impacted. BS&A billing system was disrupted, causing online transaction issues. The city is investigating potential impact on personal … Read more

RansomHub-linked EDR-killing malware spotted in the wild

August 18, 2024 at 09:57PM A new malware called EDRKillShifter has been identified by Sophos, using legitimate but vulnerable drivers to deliver ransomware to targets and disrupt endpoint detection and response software. Additionally, a critical vulnerability has been reported in SolarWinds Web Help Desk, while NetSuite SuiteCommerce and SiteBuilder sites are found to be exploitable. … Read more

In Other News: 400 CNAs, Crash Reports, Schlatter Cyberattack

August 16, 2024 at 10:33AM SecurityWeek’s cybersecurity news roundup presents a collection of significant stories that may have gone unnoticed. This week’s articles include the expansion of CVE Numbering Authorities, transitive vulnerabilities in application security, a new variant of the Gafgyt botnet, and various cyberattacks targeting companies and governments. Notable insights from the series are … Read more

RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks

August 15, 2024 at 07:33AM A cybercrime group linked to RansomHub ransomware has been using a new tool, EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This tool is a delivery mechanism for vulnerable drivers and can deliver different driver payloads. It’s important to keep systems updated and enable tamper protection in … Read more

Mayor of Columbus, Ohio, Says Ransomware Attackers Stole Corrupted, Unusable Data

August 15, 2024 at 05:09AM Hackers recently breached Columbus, Ohio, claiming to have stolen 6.5 terabytes of data, including sensitive information like log-in details and city camera access. However, Mayor Andrew Ginther confirmed most data was corrupted or encrypted and not put up for auction. The city is now focused on increasing digital security to … Read more

Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster

August 14, 2024 at 01:10PM Biotech company Enzo Biochem is required to pay a $4.5 million penalty to three state attorneys general after a 2023 ransomware attack compromised data for over 2.4 million individuals. The company’s poor cybersecurity practices allowed attackers to gain access, impacting New York, New Jersey, and Connecticut residents. Enzo is now … Read more

460k Impacted by Kootenai Health Ransomware Attack

August 14, 2024 at 06:57AM Healthcare provider Kootenai Health in Idaho reported a data breach affecting over 460,000 individuals’ personal and health information. The breach, linked to the 3AM ransomware gang, involved unauthorized access to the network and the exfiltration of sensitive data. Affected individuals are receiving 12 months of credit and identity protection services. … Read more

3AM ransomware stole data of 464,000 Kootenai Health patients

August 13, 2024 at 11:24AM Kootenai Health reported a data breach affecting 464,000 patients. Personal information was stolen and leaked due to a ransomware attack by the 3AM group. The meeting notes indicate that Kootenai Health has experienced a data breach affecting more than 464,000 patients. This breach occurred as a result of a ransomware … Read more

Ransomware Hits Australian Gold Mining Firm Evolution Mining

August 13, 2024 at 06:42AM Evolution Mining disclosed a ransomware attack on its IT systems, which was identified on August 8 and believed to be contained. The company is working with cyber forensic experts and has notified the Australian Cyber Security Centre. They do not anticipate a material impact on operations, and no specific details … Read more

Australian gold producer Evolution Mining hit by ransomware

August 12, 2024 at 02:08PM Evolution Mining experienced a ransomware attack on August 8, 2024, affecting its IT systems. The company engaged external cybersecurity experts and has contained the attack. Despite the disruption, it anticipates no material impact on operations. The incident has been reported to the Australian Cyber Security Centre, with no group claiming … Read more