June 24, 2024 at 02:44PM The ‘Rafel RAT’ malware targets outdated Android devices to conduct ransomware attacks, with over 120 campaigns detected by researchers. It primarily affects devices running Android versions 11 and older, and it can target various brands and models. Threat actors use fake apps to spread Rafel RAT, which can execute commands … Read more
June 21, 2024 at 05:43PM Change Healthcare has formally notified some pharmacy and hospital customers of a data breach by ransomware criminals in February. They are still identifying affected individuals and anticipate mailing letters to them in late July. The stolen information includes names, birth dates, phone numbers, and email addresses. The recovery process is … Read more
June 20, 2024 at 04:55PM CDK Global, the software supplier for thousands of US car dealerships, suffered a cyber incident, leading to system shutdowns on June 19 and again subsequently. The company, currently assessing the issue with third-party experts, has not disclosed a resolution timeframe. There are speculations about ransomware involvement but CDK has not … Read more
June 19, 2024 at 03:35AM Criminals are using social engineering techniques to target organizations worldwide with malicious PowerShell scripts disguised as fake error messages from Google Chrome, Microsoft Word, and OneDrive. Proofpoint identified at least two criminal groups using this tactic, with the possibility of spreading ransomware. Organizations are advised to train employees to recognize … Read more
June 11, 2024 at 11:20AM A new Windows malware called ‘Warmcookie’ is being spread through fake job offer phishing campaigns to infiltrate corporate networks. It is capable of machine fingerprinting, screenshot capturing, and deploying additional payloads. The threat actors create new domains weekly and utilize compromised infrastructure to send phishing emails. Warmcookie gathers victim information, … Read more
June 6, 2024 at 02:34PM In May 2024, the ransomware ‘Fog’ targeted U.S. educational organizations using compromised VPN credentials. Notably, it employs double-extortion tactics by stealing data. With access to internal networks, attackers conduct various malicious activities and deploy the ransomware, appending encrypted files with specific extensions. Victims are directed to a Tor dark website … Read more
June 6, 2024 at 09:40AM A Russian cyber gang, possibly Qilin, launched a ransomware attack on London hospitals, disabling operations and causing cancellations. The affected hospitals included those managed by the National Health Service, with serious disruptions to healthcare services. The incident was reported to police as ransomware attacks continue to affect various sectors, difficult … Read more
June 5, 2024 at 06:00AM Several London hospitals faced disruptions as a cyberattack on Synnovis, a pathology services supplier, led to canceled operations and patient rejections. The ransomware attack affected IT systems, including pathology services and blood transfusions, impacting King’s College, Guy’s and St Thomas’ hospital trusts. The National Health Service is urgently addressing the … Read more
May 23, 2024 at 09:37AM A survey of 1,600 CISOs reveals heightened concern over cyber attacks, with 70% fearing a material attack in the next 12 months. The annual report by Proofpoint also notes an increase in worries about ransomware, malware, and email fraud. Additionally, unrealistic expectations and burnout are causing stress among CISOs, despite … Read more
May 17, 2024 at 07:39PM Australian prescriptions provider MediSecure was hit by a ransomware attack, potentially compromising patients’ personal and health data. The incident is believed to have originated from a third-party vendor. Authorities are investigating the breach, and MediSecure is working with regulatory agencies and cybersecurity officials to manage the impact. This highlights a … Read more