Malware

CL0P adds the New York City Bar Association to their leak site

The CL0P ransomware gang has added the NYC Bar Association to their leak site today. Unsurprisingly, the threat actors have some unkind words for their victim: The New York City Bar is example of one more institution who not take their obligation to secure client, employee and case data seriously. We download more than...

Bits ‘n Pieces (Trozos y Piezas)

ES: City Council of Durango “Completely Paralyzed” by Cyberattack The City Council of Durango in Biscay reports it is “completely paralyzed” by a cyberattack last Saturday. The news site Durangon quotes the Deputy Mayor, Iker Urkiza (machine translation) that the ‘hacking  “has been serious” and that it will paralyze their computer systems “for weeks.” ...

Lorenz ransomware gang plants backdoors to use months later

Ionut Ilascu reports: Security researchers are warning that patching critical vulnerabilities allowing access to the network is insufficient to defend against ransomware attacks. Some gangs are exploiting the flaws to plan a backdoor while the window of opportunity exists and may return long after the victim applied the necessary security updates. One case is...

Ransomware attack exposes California transit giant’s sensitive data

Matt Kapko reports: A ransomware attack against San Francisco’s Bay Area Rapid Transit exposed highly sensitive and personal data after a threat group leaked the records Friday. The nation’s fifth-largest transit system by ridership, and largest in California, remains operational. Vice Society, a prolific ransomware group, claimed responsibility for the attack on Friday when...

Guardian confirms it was hit by ransomware attack

Dan Milmo reports: The Guardian has confirmed it was hit by a ransomware attack in December and that the personal data of UK staff members has been accessed in the incident. The Guardian Media Group’s chief executive, Anna Bateson, and the Guardian’s editor-in-chief, Katharine Viner, confirmed the news in an update emailed to staff...

TX: West Oaks Eyecare discloses malware incident

On November 7, West Oaks Eyecare in Texas discovered one of their computer systems had been encrypted by malware. Their investigation into the incident indicated that the threat actor(s) may have accessed patient billing information: We thoroughly reviewed the files involved to determine what information they contained. Based on our review, we identified files...

Consulate Health Care chain hit by Hive

Hive ransomware gang has added another healthcare-related victim to its leak site. This time, the victim is Consulate Health Care (CHC), a chain of service providers with a troubled financial history. Enter Hive, Stage Left Hive’s listing for CHC indicates that they locked CHC’s files on December 3. Hive has already leaked some of...