Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment.
This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening to leak unless payment is made. According to Martha Fuller, CEO and president of the US state’s Planned Parenthood office, a network intrusion – or a “cybersecurity incident” as the org put it – was spotted on August 28.
Read more…
Source: The Register
Related:
- Ransomware: This amateur attack shows how clueless criminals are trying to get in on the action
August 19, 2021
Ransomware is one of the biggest cybersecurity threats to businesses today, and cyber criminals can potentially make millions of dollars in Bitcoin for a single successful attack. This lure of quickly making large sums of money is attracting interest from across the cyber-criminal spectrum, from sophisticated gangs specialising in ransomware attacks, to affiliate schemes where wannabe ...
- Diavol ransomware sample shows stronger connection to TrickBot gang
August 18, 2021
A new analysis of a Diavol ransomware sample shows a more clear connection with the gang behind the TrickBot botnet and the evolution of the malware. The recent research is the second one that finds common ground in the code of the two threats, tying them to the same actor. Previous analysis of Diavol (Romanian for Devil) ...
- HolesWarm Malware Exploits Unpatched Windows, Linux Servers
August 18, 2021
By leveraging more than 20 known vulnerabilities in Linux and Windows servers, the HolesWarm cryptominer malware has been able to break into more than 1,000 cloud hosts just since June. The basic cryptominer botnet has been so successful at juggling so many different known vulnerabilities between attacks, researchers at Tencent who first identified HolesWarm refer to ...
- Japanese insurer Tokio Marine discloses ransomware attack
August 18, 2021
Tokio Marine Holdings, a multinational insurance holding company in Japan, announced this week that its Singapore branch, Tokio Marine Insurance Singapore (TMiS), suffered a ransomware attack. The announcement came at the beginning of the week and contains little information about the incident outside the action taken to deal with the intrusion. Read more… Source: Bleeping Computer
- LockBit 2.0 Ransomware Proliferates Globally
August 17, 2021
The LockBit ransomware-as-a-service (RaaS) gang has ramped up its targeted attacks, researchers said, with attempts against organizations in Chile, Italy, Taiwan and the U.K. using version 2.0 of its malware. Attacks in July and August have employed LockBit 2.0, according to a Trend Micro analysis released on Monday, featuring a souped-up encryption method. “In contrast to LockBit’s ...
- Conti ransomware prioritizes revenue and cyberinsurance data theft
August 17, 2021
Training material used by Conti ransomware affiliates was leaked online this month, allowing an inside look at how attackers abuse legitimate software and seek out cyber insurance policies. Earlier this month, a disgruntled affiliate posted to a hacking forum the IP addresses for Cobalt Strike C2 servers used by the gang and a 113 MB archive ...