Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment.
This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening to leak unless payment is made. According to Martha Fuller, CEO and president of the US state’s Planned Parenthood office, a network intrusion – or a “cybersecurity incident” as the org put it – was spotted on August 28.
Read more…
Source: The Register
Related:
- Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide
July 19, 2019
One of our honeypots detected a threat that propagates by scanning for open ports and brute forcing weak credentials, installing a Monero cryptocurrency miner and a Perl-based IRC backdoor as the final payload. The miner process is hidden using XHide Process Faker, a 17-year old open source tool used to fake the name of a ...
- Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C&C
July 18, 2019
We observed a recent campaign that primarily targets financial institutions and governmental organizations in the South American region, particularly in Colombia. This blog post covers the activities we observed, the remote access tools (RATs) used, the campaign’s techniques and procedures, and its indicators of compromise (IoCs). Our findings indicate that the campaign appears to be ...
- Bulgaria’s hacked database is now available on hacking forums
July 18, 2019
The database of Bulgaria’s National Revenue Agency (NRA), which was hacked over the weekend and sent to local reporters, is now being shared on hacking forums, ZDNet has learned from sources in the threat intelligence community. Download links to the hacked database have been shared by a hacked data trader known as Instakilla, believed to be operating out of ...
- Mirai Botnet Sees Big 2019 Growth, Shifts Focus to Enterprises
July 18, 2019
The infamous Mirai internet of things botnet is spiking in growth while changing up its tactics, techniques and procedures so far in 2019, to target more and more enterprise-level hardware, It’s a state of affairs that presents a greater concern than ever before given the ongong migration to the cloud era, researchers said. According to researchers ...
- Why Cities Are a Low-Hanging Fruit For Ransomware
July 15, 2019
Ransomware attacks against local governments and cities are repeatedly making headlines, with crippling results on city operations and budgets. Last month, the Florida city of Riviera Beach paid hackers $600,000 after being hit by a ransomware attack that downed its computer systems for three weeks. In 2018, several Atlanta city systems were crippled after a ransomware attack extorted ...
- New Miori Variant Uses Unique Protocol to Communicate with C&C
July 10, 2019
We first detailed a new Mirai variant called Miori in a report late last year after finding the malware spreading via a ThinkPHP Remote Code Execution (RCE) vulnerability. It has recently reappeared bearing a notable difference in the way it communicates with its command-and-control (C&C) server. This Miori variant departs from the usual binary-based protocol and uses ...