UK Firms pay £200m in ransoms to hackers Gangs of cybercriminals forced British companies to pay out more than £200 million in ransoms last year, experts have revealed. The extortionists, many from Russia or Eastern European countries, are targeting well-known businesses with malicious software and then charging them tens of millions of pounds to regain access to networks. Companies fearful of public embarrassment,… Read More
A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The attack, which exploited a Citrix ADCCVE-2019-19781vulnerability to cripple the hospital systems on September 10, is said to have been ‘misdirected’ in that it was originally intended for Heinrich Heine University, according… Read More
Hamstrung by ransomware, 10 hospitals are turning away some patients All three hospitals that make up the DCH Health System in Alabama were closed to new patients on Tuesday as officials there coped with an attack that paralyzed the health network’s computer system. The hospitals—DCH Regional Medical Center in Tuscaloosa, Northport Medical Center, and Fayette Medical Center—are turning away ‘all but the most critical new… Read More
Baltimore ransomware nightmare could last weeks more, with big consequences It’s been nearly two weeks since the City of Baltimore’s networks were shut down in response to a ransomware attack, and there’s still no end in sight to the attack’s impact. It may be weeks more before the city’s services return to something resembling normal—manual workarounds are being put in place to handle some services… Read More
DBGer Ransomware Uses EternalBlue and Mimikats to Spread Across Networks The change was not only in name but also in the ransomware’s modus operandi. According to the researcher, whose discovery was later confirmed by an Intezer code similarity analysis, the new (Satan) DBGer ransomware now also incorporates Mimikatz, an open-source password-dumping utility. The purpose of DBGer incorporating Mimikatz is for lateral movement inside compromised networks.… Read More
Years of Police Dashcam Video Lost in Atlanta Ransomware Incident The Atlanta Police Department has lost years worth of police car dashcam videos following the March ransomware attack that affected most of the city’s IT infrastructure. Chief Shields said footage from body-worn cameras was not compromised in the cyber-attack that crippled Atlanta city IT systems for almost two months, but only videos recorded by police… Read More
Police Dept Loses 10 Months of Work to Ransomware. Gets Infected a Second Time Secret Service agents are now investigating the point of entry for both infections, hoping to find clues and track down the hackers. The first ransomware infection took place on April 23, last month and encrypted ten months worth of work data related to active investigations. Officials said they didn’t pay the ransom and were able… Read More
SynAck targeted ransomware uses the Doppelgänging technique The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this sophisticated technique in an attempt to bypass modern security solutions. In April 2018, we spotted the first ransomware employing this bypass technique – SynAck ransomware. It should be noted that SynAck… Read More
School District Pays $10,000 Bitcoin Ransom To Hackers After Cyberattack And despite the nefarious nature of the school system’s lockdown, there is no criminal investigation into the matter because solving this crime is “impossible,” said Interim Leominster Police Chief Michael Goldman. Source: cbslocal… Read More
Spartacus ransomware: introduction to a strain of unsophisticated malware There is nothing impressive about them, in fact just the opposite. I would say they are boring at best. So why are we writing about one of them? The analysis of Spartacus can essentially be used as a base knowledge and reference for anyone analyzing variants of these basic .NET ransomware that they may come… Read More