Security Affairs

FEBRUARY 20, 2025

NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. NailaoLocker ransomware is written in C++,the researchers said that the malware is not sophisticated and is poorly designed. The ransomware appends the . Operators accept ransom payments in Bitcoin.

Healthcare 84

Healthcare Ransomware VPN Malware 84

Security Affairs

DECEMBER 4, 2024

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. reads the CSA.

Ransomware 124

Ransomware Telecommunications Healthcare Insurance 124

Krebs on Security

AUGUST 19, 2021

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ” This attacker’s approach may seem fairly amateur, but it would be a mistake to dismiss the threat from West African cybercriminals dabbling in ransomware. billion in 2020.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform.

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Security Affairs

NOVEMBER 6, 2024

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. healthcare providers, NorthBay Healthcare and Weiser Memorial Hospital.

Ransomware 124

Ransomware Healthcare Antivirus Data breaches 124

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The victim shaming site maintained by the NetWalker ransomware group, after being seized by authorities this week. ” Image: Chainalysis. million from the scheme.

Ransomware 338

Ransomware Cybercrime Antivirus Encryption 338

Krebs on Security

MAY 16, 2023

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. And on April 26, 2021, Matveev and his Babuk gang allegedly deployed ransomware against the Metropolitan Police Department in Washington, D.C.

Ransomware 313

Ransomware Cybercrime VPN Healthcare 313

Krebs on Security

OCTOBER 28, 2020

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. hospitals and healthcare providers.”

Ransomware 278

Ransomware Healthcare Computers and Electronics Cybercrime 278

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. The Treasury Department sanctioned the ransomware actor.

Ransomware 117

Ransomware Healthcare Hacking Malware 117

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. hospitals and healthcare providers.”.

Ransomware 301

Ransomware Healthcare Cybercrime Government 301

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 345

Ransomware Backups Encryption Internet 345

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. “On September 8, 2024, we suffered a ransomware attack on our computer system.

Ransomware 123

Ransomware Insurance Encryption Healthcare 123

Malwarebytes

DECEMBER 2, 2024

The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world.

Ransomware 126

Ransomware Backups Small Business Malware 126

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems.

Healthcare 145

Healthcare Ransomware Cybercrime Advertising 145

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

Krebs on Security

DECEMBER 16, 2019

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. The message displayed at the top of the Maze Ransomware public shaming site. Follow the news!”

Ransomware 247

Ransomware Data breaches Healthcare Cybercrime 247

Security Affairs

SEPTEMBER 20, 2024

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. healthcare sector. The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors.

Healthcare 129

Healthcare Ransomware Cybercrime Manufacturing 129

Penetration Testing

MARCH 4, 2024

When the Babuk ransomware group disbanded in 2021, it seemed like a minor victory in the ongoing battle against cybercrime. However, the leak of Babuk’s source code has become a breeding ground for new... The post RA World Ransomware: A Babuk Successor Targets Healthcare appeared first on Penetration Testing.

Healthcare 128

Healthcare Penetration Testing Ransomware Cybercrime 128

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. ” reads a report published by Halcyon.

Ransomware 101

Ransomware Hacking Social Engineering VPN 101

Security Affairs

APRIL 14, 2020

Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e. AgentTesla ). Attackers used a spoofed address mimicking the World Health Organization (noreply@who[.]int)

Healthcare 144

Healthcare Ransomware Phishing Government 144

Heimadal Security

MARCH 1, 2024

Change Healthcare, a subsidiary of UnitedHealth Group, has fallen victim to a ransomware attack orchestrated by the notorious cybercrime gang ALPHV/BlackCat. Change Healthcare is […] The post Massive Ransomware Attack Disrupts US Healthcare: Behind it, ALPHV/BlackCat appeared first on Heimdal Security Blog.

Healthcare 115

Healthcare Ransomware Cybercrime Cybersecurity 115

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.”

Healthcare 324

Healthcare Backups Ransomware Insurance 324

Security Affairs

NOVEMBER 28, 2023

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. The healthcare provider disclosed that it has suffered a ransomware attack on November 23.

Healthcare 131

Healthcare Ransomware Technology Internet 131

Security Boulevard

MARCH 17, 2021

With cybercrime rising by 600% during the pandemic, businesses are more vulnerable than ever to the financial and reputational repercussions of cyberattacks. Costs of Cybercrime Global cybercrime costs are on the rise, increasing 15 per cent year over year, according to a 2021 cyberwarfare report by CyberSecurity Ventures.

Cybercrime 138

Cybercrime Cyber Attacks Ransomware Healthcare 138

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” They provide healthcare services including: primary care, geriatric medicine, vision care, behavioral health services, pediatrics, womens health, pediatric medicine, family planning and dental services.

Hacking 115

Hacking Healthcare Backups Ransomware 115

Security Affairs

JANUARY 5, 2021

According to a new report published by Check Point, organizations in the healthcare industry have faced a 45% increase in attacks since November. Check Point researchers reported a surge in the number of attacks against organizations in the healthcare industry , +45% since November. SecurityAffairs – hacking, healthcare industry).

Healthcare 134

Healthcare Ransomware DDOS Cyber threats 134

Security Affairs

MARCH 2, 2025

The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Qilin has targeted various sectors, including healthcare.

Ransomware 76

Ransomware Cybercrime Encryption Healthcare 76

Security Affairs

APRIL 13, 2025

The ransomware group has since leaked the stolen data on its dark web leak site. Ransomware attacks on U.S. healthcare providers surged in 2024, with 98 attacks compromising 117 million records. Cell C has confirmed a data breach following a RansomHouse cyberattack that occurred last year.

Data breaches 126

Data breaches Unstructured Data Identity Theft Healthcare 126

SecureWorld News

FEBRUARY 16, 2023

A joint Cybersecurity Advisory (CSA) has revealed that the Democratic People's Republic of Korea (DPRK) is doing its best to become the New Kids on the Block (NKOTB) of ransomware. The CSA provides updates to earlier alerts of malicious cyber actor activities involving DPRK ransomware campaigns—namely Maui and H0lyGh0st ransomware.

Healthcare 116

Healthcare Ransomware Cryptocurrency Accountability 116

Security Affairs

MARCH 26, 2025

Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has identified a Local File Include (LFI) vulnerability in Data Leak Site (DLS) of BlackLock Ransomware. BlackLock Ransomware was named as one of the fastest-growing ransomware strains for today.

Ransomware 76

Ransomware Cybersecurity Healthcare Accountability 76

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The advisory updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released on April 19, 2022 and on December 19, 2023.

Healthcare 135

Healthcare Ransomware Government Insurance 135

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Ransomware 361

Ransomware Malware Healthcare Internet 361

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare 132

Healthcare Ransomware Encryption Passwords 132

SecureWorld News

MARCH 7, 2024

The unprecedented cyberattack on healthcare giant Change Healthcare has taken a chaotic turn, with allegations that the prolific BlackCat ransomware gang conducted an "exit scam"—shutting down operations after receiving a $22 million ransom payment from the company without paying their own affiliate hacker.

Healthcare 118

Healthcare Ransomware Data preservation Scams 118

eSecurity Planet

MAY 30, 2024

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. CNN reported the Black Basta ransomware gang performed the attack, although the company hasn’t officially confirmed the information.

Healthcare 124

Healthcare Cybersecurity Ransomware Backups 124

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital revealed thatthe ransomware attack it suffered last year has exposed sensitive health data for over 316,000 patients. On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. Anna Jaques Hospital is a not-for-profit community healthcare facility located in Newburyport, Massachusetts.

Data breaches 115

Data breaches Insurance Healthcare Ransomware 115

Security Affairs

MARCH 7, 2025

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts tracked the Medusa ransomware activity as Spearwing.

Ransomware 62

Ransomware Antivirus Healthcare Encryption 62