Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment.
This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening to leak unless payment is made. According to Martha Fuller, CEO and president of the US state’s Planned Parenthood office, a network intrusion – or a “cybersecurity incident” as the org put it – was spotted on August 28.
Read more…
Source: The Register
Related:
- Stealthy Magecart malware mistakenly leaks list of hacked stores
December 19, 2020
A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. The threat actors use this RAT for maintaining persistence and for regaining access to the servers of hacked online shops. Once they connect to the ...
- Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware
December 18, 2020
Trend Micro researchers have recently encountered a Negasteal (also known as Agent Tesla) variant that used hastebin for the fileless delivery of the Crysis (also known as Dharma) ransomware. This is the first time that we have observed Negasteal with a ransomware payload. Only a few months ago, Deep Instinct published the first reported case of ...
- This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators
December 17, 2020
A Remote Access Trojan (RAT) on sale in underground forums has evolved to abuse Tor when maintaining persistence on infected machines. On Thursday, Sophos Labs’ Sivagnanam Gn and Sean Gallagher revealed ongoing research into the malware, which has been in the wild since 2019. Dubbed SystemBC, the RAT has evolved from acting as a virtual private network ...
- Gitpaste-12 Worm Widens Set of Exploits in New Attacks
December 15, 2020
The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices. First discovered in a round of late-October attacks that targeted Linux-based servers and internet-of-things (IoT) devices, the botnet utilizes GitHub and Pastebin for housing malicious component code, has at ...
- Agent Tesla Keylogger Gets Data Theft and Targeting Update
December 15, 2020
Six-year-old keylogger malware called Agent Tesla has been updated again, this time with expanded targeting and improved data exfiltration features. Agent Tesla first came into the scene in 2014, specializing in keylogging (designed to record keystrokes made by a user in order to exfiltrate data like credentials and more) and data-stealing. Since then keylogger has only ...
- Intel’s Habana Labs hacked by Pay2Key ransomware, data stolen
December 13, 2020
Intel-owned AI processor developer Habana Labs has suffered a cyberattack where data was stolen and leaked by threat actors. Habana Labs is an Israeli developer of AI processors that accelerate artificial intelligence workloads in the datacenter. Intel purchased the company in December 2019 for approximately $2 billion. Today, the Pay2Key ransomware operation leaked data allegedly stolen from ...