Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Ransomware (Page 1 of 2)

Auto Added by WPeMatico

Ransomware crooks threaten to ID informants if cops don’t pay up

Ransomware crooks threaten to ID informants if cops don’t pay up

Enlarge (credit: Getty Images)

Ransomware operators have delivered a stunning ultimatum to Washington, DC’s Metropolitan Police Department: pay them $50 million or they’ll leak the identities of confidential informants to street gangs.

Babuk, as the group calls itself, said on Monday that it had obtained 250GB of sensitive data after hacking the MPD network. The group’s site on the darkweb has posted dozens of images of what appear to be sensitive MPD documents. One screenshot shows a Windows directory titled Disciplinary Files. Each of the 28 files shown lists a name. A check of four of the names shows they all belong to MPD officers.

disciplinary-files-640x686.jpg

Other images appeared to show persons-of-interest names and photos, a screenshot of a folder named Gang Database, chief’s reports, lists of arrests, and a document listing the name and address of a confidential informant.

Read 11 remaining paragraphs | Comments

index?i=pwECfvP4c3Q:72-hu5jqzlI:V_sGLiPB index?i=pwECfvP4c3Q:72-hu5jqzlI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/information-technology/2021/04/ransomware-attack-on-dc-police-threatens-safety-of-cops-and-informants/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dan Goodin

Ransomware operators are piling on already hacked Exchange servers

A stylized ransom note asks for bitcoin in exchange for stolen data.

(credit: Aurich Lawson / Ars Technica)

Microsoft Exchange servers compromised in a first round of attacks are getting infected for a second time by a ransomware gang that is trying to profit from a rash of exploits that caught organizations around the world flat-footed.

The ransomware—known as Black Kingdom, DEMON, and DemonWare—is demanding $10,000 for the recovery of encrypted data, security researchers said. The malware is getting installed on Exchange servers that were previously infected by attackers exploiting a critical vulnerability in the Microsoft email program. Attacks started while the vulnerability was still a zero-day. Even after Microsoft issued an emergency patch, as many as 100,000 servers that didn’t install it in time were infected.

Opportunity knocks

The hackers behind those attacks installed a web shell that allowed anyone who knew the URL to completely control the compromised servers. Black Kingdom was spotted last week by Security firm SpearTip. Marcus Hutchins, a security researcher at security firm Kryptos Logic, reported on Sunday that the malware didn’t actually encrypt files.

Read 12 remaining paragraphs | Comments

index?i=LYVOmxMVBn8:QPGfrJsTxWw:V_sGLiPB index?i=LYVOmxMVBn8:QPGfrJsTxWw:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/gadgets/2021/03/ransomware-operators-are-piling-on-already-hacked-exchange-servers/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dan Goodin

Ripe for extortion? Navajo Nation hospital targeted by large-scale ransomware hack

210224-new-mexico-rehoboth-mckinley-chri

Publicly available details about the hack are scarce but the attack highlights how hospital staff are often caught in the middle of ransomware attacks.

Source: https://www.nbcnews.com/tech/security/ripe-extortion-navajo-nation-hospital-targeted-large-scale-ransomware-hack-n1259457
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Kevin Collier

A ransomware attack has shut down Baltimore’s public schools

f6fc6a50-bca3-11ea-aecf-a1580dc8f250Students in the Baltimore County Public Schools (BCPS) system have suddenly found themselves with an extra day off for the Thanksgiving holiday, but it wasn’t because of a snow day. As The Verge reports, an apparent ransomware attack took BCPS’ inter…

Source: https://www.engadget.com/baltimore-public-school-system-ransomware-attack-160600564.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By:

Ransomware attack on a healthcare firm slowed clinical trials

cbe97c10-0657-11eb-bff5-3ba023786cebCyberattacks on the healthcare industry are causing more headaches. The New York Times reports that clinical trials slowed down after healthcare software provider eResearchTechnology suffered ransomware attacks starting two weeks ago. IQVIA (a resear…

Source: https://www.engadget.com/ransomware-attack-slows-clinical-trials-161545599.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By:

Paying ransomware demands could land you in hot water with the feds

A stylized ransom note asks for bitcoin in exchange for stolen data.

(credit: Aurich Lawson)

Businesses, governments, and organizations that are hit by crippling ransomware attacks now have a new worry to contend with—big fines from the US Department of Treasury in the event that they pay to recover their data.

Treasury Department officials made that guidance official in an advisory published on Thursday. It warns that payments made to specific entities or to any entity in certain countries—specifically, those with a designated “sanctions nexus”—could subject the payer to financial penalties levied by the Office of Foreign Assets Control, or OFAC.

The prohibition applies not only to the group that is infected but also to any companies or contractors the hacked group’s security or insurance engages with, including those who provide insurance, digital forensics, and incident response, as well as all financial services that help facilitate or process ransom payments.

Read 10 remaining paragraphs | Comments

index?i=0-XE6ot7CUM:TllBpQB5h5g:V_sGLiPB index?i=0-XE6ot7CUM:TllBpQB5h5g:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/?p=1711128
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dan Goodin

Healthcare giant UHS hit by ransomware attack, sources say

GettyImages-1219749368.jpg?w=600

Universal Health Services, one of the largest healthcare providers in the U.S., has been hit by a ransomware attack.

The attack hit UHS systems early on Sunday morning, according to two people with direct knowledge of the incident, locking computers and phone systems at several UHS facilities across the country, including in California and Florida.

One of the people said the computer screens changed with text that referenced the “shadow universe,” consistent with the Ryuk ransomware. “Everyone was told to turn off all the computers and not to turn them on again,” the person said. “We were told it will be days before the computers are up again.”

It’s not immediately known what impact the ransomware attack is having on patient care, or how widespread the issue is.

A spokesperson for UHS did not immediately respond to a request for comment.

An executive who oversees cybersecurity at another U.S. hospital system, who asked not to be named as they were not authorized to speak to the press, told TechCrunch that patient medical data is “likely safe” as UHS relies on Cerner, a healthcare technology company, to handle its patients’ electronic health records.

UHS has 400 hospitals and healthcare facilities in the U.S. and the U.K., and serves millions of patients each year.

The Ryuk ransomware is linked to a Russian cybercrime group, known as Wizard Spider, according to security firm Crowdstrike. Ryuk’s operators are known to go “big game hunting” and have previously targeted large organizations, including shipping giant Pitney Bowes and the U.S. Coast Guard.

Some ransomware operators said earlier this year that they would not attack health organizations and hospitals during the COVID-19 pandemic, but Ryuk’s operators did not.

Last week, police in Germany launched a homicide investigation after the death of a woman, who was diverted to another hospital following a ransomware attack.

We’ll have more on the UHS incident as we get it.


Do you know more? Send tips securely over Signal and WhatsApp to +1 646-755-8849 or send an encrypted email to: zack.whittaker@protonmail.com

Let’s block ads! (Why?)

Source: https://techcrunch.com/2020/09/28/universal-health-services-ransomware/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Zack Whittaker

Hartford postpones first day of school after ransomware attack

statecapitolbuildings_connecticut_hartfo

The city of Hartford, Conn., postponed its scheduled first day of school on Tuesday after a ransomware virus attack affected school systems over the weekend.  Hartford Public Schools announced …

Source: https://thehill.com/policy/cybersecurity/515446-hartford-postpones-first-day-of-school-after-ransomware-attack
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Justine Coleman

Tesla worked with the FBI to block a million dollar ransomware attack

63e92570-e86b-11ea-8fff-9f36cd920670Earlier this week, the FBI arrested a 27-year-old Russian citizen for attempting to carry out a ransomware attack against a US company. It turns out that company was Tesla, Electrek reports.According to a complaint shared by the Department of Justice…

Source: https://www.engadget.com/tesla-fbi-ransomware-attack-nevada-gigafactory-141547760.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By:

« Older posts