New warnings are being issued to U.S. healthcare organizations as a new group, the Royal ransomware gang, attacks them.The Health Sector Cybersecurity Coordination Center (HC3) —HHS’ security team— has concluded that a single group has carried out ransomware attacks against US healthcare organizations. This new analyst note was published on Wednesday.S

Vice Society ransomware seemed to favor educational institutions in their attacks in 2022. The Cybercrime group targeted 33 schools in the last year, surpassing other threat actors like LockBit, BlackCat, BianLian, and Hive.Other industry verticals that attracted unwanted attention were governments, healthcare, manufacturing, commerce, and legal servicesTech

CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack.This figure was published today on the U.S. Department of Health breach portal, where healthcare organizations are legally obligated to report data breaches impacting over 500 individuals.At the start of October, the Illino

The U.S. Department of Health and Human Services (HHS) issued a new warning today for the country's healthcare organizations regarding ongoing attacks from a relatively new operation, the Royal ransomware gang.The Health Sector Cybersecurity Coordination Center (HC3) —HHS' security team— revealed in a new analyst note published Wednesday that the

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The othe

In the latest #StopRansomware effort of publicizing ransomware information for network defenders, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint Cybersecurity Advisory (CSA) on the ransomware known as "Cuba." Though named "Cuba," the ransomware and its operators have no

Last week on Malwarebytes Labs: Fraudster site iSpoof shut down, 142 arrested internationally 3 threats to watch out for this Cyber Monday Twitter user data leaks continue to drip from the faucet China-made equipment banned by FCC due to national security threat Sensitive police records stolen and published by ransomware gang TikTok Invisible Challenge "Unf

It's not been a great week for cloud computing service provider Rackspace. On December 2, customers began experiencing problems connecting and logging into their Exchange environments. Rackspace started investigating and discovered an issue that affected its Hosted Exchange environments.  Now Rackspace has announced it was actually a rans

Rackspace, a cloud computing provider based in Texas, confirmed earlier this week that it is facing a ransomware attack, which is also the reason behind an outage in its Hosted Exchange business. While the investigation takes place, the company states that this is an isolated incident and that its other products and services have not been impacted.As you kno

Sports goods maker Intersport has been hit by the notorious ransomware group Hive, which leaked records of its customers’ personal data, as per French-language media outlet Numerama. The breach allegedly happened in November, with details made available only on the dark web.What Information Leaked?Passports, paystubs, and other details on Intersport customer

The New Zealand government this week confirmed being impacted by a ransomware attack on managed service provider (MSP) Mercury IT, which has disrupted businesses and public authorities in the country.A small business with only 25 employees, Mercury IT provides cybersecurity, IT, telecoms, and support services for multiple organizations in the country.On Dece

The city of Antwerp, Belgium, is working on restoring its digital services that were disrupted, earlier this week, by a cyberattack on its digital provider. The disruption in services has affected everything from schools, daycare centers, and the police.There is not much public information available at this time, but all signs point to a ransomware attack fr

Ransomware is a growing, international threat. It’s also an insidious one.  The state of the art in ransomware is simple but effective. Well-organized criminal gangs hiding in safe-haven countries breach an organization, find, steal and encrypt important files. Then they present victims with the double incentive that, should they refuse to pay, t

Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind its ongoing Hosted Exchange outage."As you know, on Friday, December 2nd, 2022, we became aware of suspicious activity and immediately took proactive measures to isolate the Hosted Exchange environment to contain the incident," the company said in an update

Cryptonite open-source toolkit has been observed turning itself into a data wiper. The transformation is accidental, and it is caused by poor architecture and programming flaws.The findings come amid a developing ransomware scenario in which wipers disguised as file-encrypting malware are increasingly being used to destroy data without permitting decryption.