Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew

June 21, 2024 at 05:43PM Change Healthcare has formally notified some pharmacy and hospital customers of a data breach by ransomware criminals in February. They are still identifying affected individuals and anticipate mailing letters to them in late July. The stolen information includes names, birth dates, phone numbers, and email addresses. The recovery process is … Read more

Car dealer software bigshot CDK pulls systems offline twice amid ‘cyber incident’

June 20, 2024 at 04:55PM CDK Global, the software supplier for thousands of US car dealerships, suffered a cyber incident, leading to system shutdowns on June 19 and again subsequently. The company, currently assessing the issue with third-party experts, has not disclosed a resolution timeframe. There are speculations about ransomware involvement but CDK has not … Read more

That PowerShell ‘fix’ for your root cert ‘problem’ is a malware loader in disguise

June 19, 2024 at 03:35AM Criminals are using social engineering techniques to target organizations worldwide with malicious PowerShell scripts disguised as fake error messages from Google Chrome, Microsoft Word, and OneDrive. Proofpoint identified at least two criminal groups using this tactic, with the possibility of spreading ransomware. Organizations are advised to train employees to recognize … Read more

New Warmcookie Windows backdoor pushed via fake job offers

June 11, 2024 at 11:20AM A new Windows malware called ‘Warmcookie’ is being spread through fake job offer phishing campaigns to infiltrate corporate networks. It is capable of machine fingerprinting, screenshot capturing, and deploying additional payloads. The threat actors create new domains weekly and utilize compromised infrastructure to send phishing emails. Warmcookie gathers victim information, … Read more

New Fog ransomware targets US education sector via breached VPNs

June 6, 2024 at 02:34PM In May 2024, the ransomware ‘Fog’ targeted U.S. educational organizations using compromised VPN credentials. Notably, it employs double-extortion tactics by stealing data. With access to internal networks, attackers conduct various malicious activities and deploy the ransomware, appending encrypted files with specific extensions. Victims are directed to a Tor dark website … Read more

A Russian Cyber Gang Is Thought to Be Behind a Ransomware Attack That Hit London Hospitals

June 6, 2024 at 09:40AM A Russian cyber gang, possibly Qilin, launched a ransomware attack on London hospitals, disabling operations and causing cancellations. The affected hospitals included those managed by the National Health Service, with serious disruptions to healthcare services. The incident was reported to police as ransomware attacks continue to affect various sectors, difficult … Read more

London Hospitals Cancel Operations and Appointments After Being Hit in Ransomware Attack

June 5, 2024 at 06:00AM Several London hospitals faced disruptions as a cyberattack on Synnovis, a pathology services supplier, led to canceled operations and patient rejections. The ransomware attack affected IT systems, including pathology services and blood transfusions, impacting King’s College, Guy’s and St Thomas’ hospital trusts. The National Health Service is urgently addressing the … Read more

70% of CISOs worry their org is at risk of a material cyber attack

May 23, 2024 at 09:37AM A survey of 1,600 CISOs reveals heightened concern over cyber attacks, with 70% fearing a material attack in the next 12 months. The annual report by Proofpoint also notes an increase in worries about ransomware, malware, and email fraud. Additionally, unrealistic expectations and burnout are causing stress among CISOs, despite … Read more

Aussie cops probe MediSecure’s ‘large-scale ransomware data breach’

May 17, 2024 at 07:39PM Australian prescriptions provider MediSecure was hit by a ransomware attack, potentially compromising patients’ personal and health data. The incident is believed to have originated from a third-party vendor. Authorities are investigating the breach, and MediSecure is working with regulatory agencies and cybersecurity officials to manage the impact. This highlights a … Read more

Personal Information Stolen in City of Wichita Ransomware Attack

May 16, 2024 at 07:10AM Personal information was stolen in a ransomware attack on the City of Wichita, Kansas, impacting law enforcement and traffic data. The attack occurred in early May, and the city has been working to recover systems. The number of affected individuals and the ransomware group responsible have not been disclosed. The … Read more