Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment.
This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening to leak unless payment is made. According to Martha Fuller, CEO and president of the US state’s Planned Parenthood office, a network intrusion – or a “cybersecurity incident” as the org put it – was spotted on August 28.
Read more…
Source: The Register
Related:
- Healthcare organizations face rising ransomware attacks – and are paying up
June 3, 2022
Healthcare organizations, already an attractive target for ransomware given the highly sensitive data they hold, saw such attacks almost double between 2020 and 2021, according to a survey released this week by Sophos. The outfit’s team also found that while polled healthcare orgs are quite likely to pay ransoms, they rarely get all of their data ...
- Clipminer Botnet Makes Operators at Least $1.7 Million
June 2, 2022
Symantec’s Threat Hunter Team, a part of Broadcom Software, has uncovered a cyber-criminal operation that has potentially made the actors behind it at least $1.7 million in illicit gains from cryptocurrency mining and theft via clipboard hijacking. The malware being used, tracked by Symantec as Trojan.Clipminer, has a number of similarities to another crypto-mining Trojan called ...
- YourCyanide: A CMD-Based Ransomware With Multiple Layers of Obfuscation
June 2, 2022
The Trend Micro Threat Hunting team recently analyzed a series of CMD-based ransomware variants with a number capabilities such as stealing user information, bypassing remote desktop connections, and propagating through email and physical drives. In this blog entry, Trend Micro researchers will analyze YourCyanide, the latest variant of the CMD-based ransomware family that started with GonnaCope. ...
- Takedown of SMS-based FluBot spyware infecting Android phones
June 1, 2022
An international law enforcement operation involving 11 countries has resulted in the takedown of one of the fastest-spreading mobile malware to date. Known as FluBot, this Android malware has been spreading aggressively through SMS, stealing passwords, online banking details and other sensitive information from infected smartphones across the world. Its infrastructure was successfully disrupted earlier ...
- Using Python to unearth a goldmine of threat intelligence from leaked chat logs
June 1, 2022
Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICPy, for example, is a Python tool dedicated to threat intelligence. It aims to help threat analysts acquire, enrich, ...
- FBI: Karakurt Data Extortion Group
June 1, 2022
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are releasing this joint Cybersecurity Advisory (CSA) to provide information on the Karakurt data extortion group, also known as the Karakurt Team and Karakurt Lair. Karakurt actors have employed a ...