Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment.
This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening to leak unless payment is made. According to Martha Fuller, CEO and president of the US state’s Planned Parenthood office, a network intrusion – or a “cybersecurity incident” as the org put it – was spotted on August 28.
Read more…
Source: The Register
Related:
- Agent Tesla ramps up its game in bypassing security walls, attacks endpoint protection
February 2, 2021
Agent Tesla malware variants are now using new techniques to try and eradicate endpoint antivirus security. On Tuesday, Sophos researchers said that two new variants of the Remote Access Trojan (RAT) are targeting Microsoft Anti-Malware Software Interface (AMSI), scanning and analysis software designed to prevent malware infections from taking hold. Agent Tesla operators will now attempt to ...
- Minnesota: Netgain ransomware incident impacts local governments
February 2, 2021
The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. The government of Ramsey County learned about the potential breach on December 2, 2020, when Netagin ...
- Trickbot malware now maps victims’ networks using Masscan
February 2, 2021
The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim’s computer. This new module, dubbed masrv, uses the open-source masscan tool, a mass port scanner with its own TCP/IP stack and capable of scanning large swaths of the Internet in a matter of minutes. Trickbot uses the ...
- UK Research and Innovation (UKRI) suffers ransomware attack
January 30, 2021
The UK Research and Innovation (UKRI) is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and ...
- Fonix ransomware shuts down and releases master decryption key
January 29, 2021
The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. Fonix Ransomware, also known as Xinof and FonixCrypter, began operating in June 2020 and has been steadily encrypting victims since. The ransomware operation was not as widely active as others, such as REvil, Netwalker, ...
- Post Office Phishing Hits Credit Card Users in 26 Countries
January 28, 2021
Phishing remains a popular and effective tactic that malicious actors continue to deploy against internet users. The current retail climate brought about by the global health crisis has only worsened the problem. Many countries across the globe have seen a surge in online shopping, and malicious actors are quick to deploy campaigns that take advantage ...