Ransomware
-
Blog
Ransomware gang claims cyberattack that shut down a Pennsylvania school district
Ransomware gang RansomHub today claimed responsibility for a cyber attack on Interboro Schools last month. The Pennsylvania school district confirmed it was the victim of a ransomware attack on October 28, 2024, and cancelled classes the following day due to network issues. In a post on its leak site, RansomHub says it stole 1.1 TB of data from the school…
Read More » -
Blog
New ransomware gang claims cyber attack on Bartow County School System and others
Late last week a new ransomware gang, Chort, emerged. It posted six new victims to its data leak site including four US schools and colleges. One was the Bartow County School System which recently suffered a week-long outage due to a cyber attack in mid-October. In a statement, the school confirmed an ‘unauthorized external source’ had caused the outage which…
Read More » -
Blog
Ransomware gang claims responsibility for cyber attack on Ohio school district that cancelled classes
Ransomware gang BlackSuit today claimed responsibility for an October 2024 cyber attack on Marysville Schools in Ohio. The gang says it stole 121 GB of data from the school district. Marysville Schools has not verified BlackSuit’s claim, but on October 26, 2024, the district announced it was the victim of a ransomware attack. Classes were canceled due to the resulting…
Read More » -
Blog
American Associated Pharmacies resets all user passwords after ransomware gang claims responsibility for cyber attack
Ransomware gang Embargo today claimed responsibility for a cyber attack on American Associated Pharmacies (AAP), a cooperative made up of 2,000 pharmacies across the USA. Embargo gave AAP until November 19, 2024 to pay an undisclosed ransom. AAP did not verify Embargo’s claim, but it did post a notice on its website informing customers that all user passwords had been…
Read More » -
Blog
New Ymir ransomware partners with RustyStealer in attacks
A new ransomware family called ‘Ymir’ has been spotted in the wild, encrypting systems that were previously compromised by the RustyStealer infostealer malware. RustyStealer is a known malware family first documented in 2021, but its appearance with ransomware demonstrates another example of the recent trend of cybercrime operations working together. According to Kaspersky researchers who discovered Ymir during an incident response,…
Read More » -
Blog
Critical Veeam RCE bug now used in Frag ransomware attacks
After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. Code White security researcher Florian Hauser found that the vulnerability (tracked as CVE-2024-40711) is caused by a deserialization of untrusted data weakness that unauthenticated threat actors can exploit to gain remote code execution (RCE)…
Read More » -
Blog
Ransomware gang claims cyber attack that shut down Nebraska schools
Ransomware gang Interlock today claimed responsibility for a cyber attack that shut down Winnebago Public Schools in Nebraska. On October 21, 2024, Winnebago Public Schools announced it suffered a cyber attack. The school district’s website stated, “There has been a cyber-attack on the system at Winnebago Public Schools. We are currently working through the breach, and trying to get our…
Read More » -
Blog
Ransomware gang claims responsibility for election-day cyber attack on Michigan county
Ransomware gang Embargo last night claimed responsibility for a cyber attack on Wexford County, MI that took place on election day in the United States. Embargo added Wexford County to its leak site on the evening of the election. It claims to have stolen 1 TB of data. The group is demanding an undisclosed sum of ransom to be paid…
Read More » -
Blog
Ransomware gang claims responsibility for cyber attack on Georgia hospital
Memorial Hospital & Manor in Bainbridge, Georgia over the weekend announced it was the victim of a ransomware attack impacting access to electronic health records. The hospital posted the following message on Facebook on November 3, 2024: “ATTENTION!!! This is to inform you that Memorial Hospital and Manor is experiencing a ransomware incident. This impacts access to our Electronic Health…
Read More » -
Blog
Meet Interlock — The new ransomware targeting FreeBSD servers
Image: Midjourney A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. Launched at the end of September 2024, Interlock has since claimed attacks on six organizations, publishing stolen data on their data leak site after a ransom was not paid. One of the victims is Wayne County,…
Read More »