<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: ransomware

Cybercrime Against Healthcare Soars During COVID-19

Healthcare has been one of the most severely impacted industries by the still-menacing COVID-19 virus. The sudden global pandemic created a surge in demand for clinical care, medical equipment, healthcare technologies and eventually - a solution. All of these and more rely on information technology. From making appointments and delivering healthcare to patients, to using internet-connected medical devices and developing vaccine research, COVID-19 response is vulnerable to cyber attacks on all levels. Being by far the most pressing issue today, it comes as no surprise that attackers are exploiting the difficult situation healthcare institutions are facing to wreak havoc and cash in on their struggle.

Read More

Share this:

ThreatSTOP's Hottest Content of the Year

Wondering what our readers were most interested in over the past year? Wonder no more! We've rounded up our most read articles of the year to save you time. Wrapping up the worldwide roller coaster that was 2020, we wish we were feeling a little more nostalgic. Covid-19 came in like a tornado and changed up our daily lives as we knew them. The security industry, accordingly, also had to change mindsets and processes to adjust to a new, distributed-access-focused reality.

The Best, according to you:

Read More

Share this:

Chinese Hacker Group APT27 Enters the Ransomware Business

New research has discovered a number of ransomware attacks linked to APT27, a hacker group widely believed to be operating from China. A report from Security Joes and Profero has outlined its response to a ransomware incident involving the encryption of several core servers. During their analysis, researchers also found malware samples tied to a DRBControl backdoor campaign from earlier this year, which targeted major gaming companies worldwide. Two Chinese APT groups have been linked to the campaign: APT27 and Winnti.

Read More

Share this:

WHEN RANSOMWARE HITS CLOSE TO HOME

Last Friday’s family dinner started like any other. My grandmother stealthily running around the kitchen adding some finishing touches to her amazing dishes, while her children and grandchildren gradually arrive. Meeting once a week (or two) for a Friday dinner is customary for traditional Israeli families (and let’s face it, Israel is so small that no matter where you live – it’s still no more than a few-hour drive from your family). As we started moving delicious-smelling food from the kitchen to the dining room, my family asked me excitedly (and a bit worriedly) – “Did you hear about the Shirbit cyber attack? They got attacked with a ransom malware, have you heard of those?”.

Read More

Share this:

RANSOMWARE THREATENS TO SHUT DOWN ONLINE LEARNING – AT ENORMOUS COSTS

Universities have become a popular target for ransomware attacks, so much so that earlier this year, three universities fell victim to a ransomware attack in the same week. With the urgency of shifting to online learning, many education institutions have found themselves extremely ill prepared in the face of cyber attacks. Distance learning has massively opened up a huge attack surface - we are using unhardened collaboration applications like Zoom and at the same time, machines are now remote, removing control over updating and patching from the organization, says Andrew Homer, vice president of security strategy at Morphisec. Yet cybercriminals aren’t getting any slower at deploying attacks, and higher education has become one of the most targeted industries for ransomware attacks over the last few years.

Read More

Share this:

United Health Systems: All US Sites Impacted in Ransomware Attack

Last week, Universal Health Services, confirmed that the ransomware attack on their networks on September 27th affected computers at all of their US care sites and hospitals. The ransomware that hit UHS, one of the largest health systems in the US, is the infamous Ryuk, which has been wreaking havoc in targeted ransomware attacks since 2018. During the attack, the Ryuk began shut down systems in the emergency department, as well as additional systems causing some ambulances had to be diverted, and lab test results became delayed. Technicians at some UHS-owned facilities described reverting to pen-and-paper during the attack.

Read More

Share this:

RANSOMWARE NEWS JUST KEEPS ON COMING

Less than three weeks have passed since we released our ransomware-themed newsletter to our subscribers, and we’ve already come across endless new headlines about big-name ransomware attacks. And we all know - when the attacks are big, the ransom prices are high!

Read More

Share this:

Learning from the Honda Ransomware Attack

 

The Japanese manufacturing giant revealed that it had been hit with ransomware on Monday June 8, 2020, forcing it to shut down a number of manufacturing facilities and disrupting its global operations. Honda was left with no choice but to halt operations in Japan, North America, the U.K., Turkey and Italy. Furthermore, the ransomware attack caused disruptions to the company’s customer service and financial services.

Read More

Share this:

US Secret Service Warns Surge in Ransomware Attacks Targeting MSPs

 

Managed Service Providers (MSPs) seem to be a huge target for ransomware lately. MSPs in both government and the private sector have been under attack, causing the U.S. Secret Service to issue a special warning about this phenomenon.

Read More

Share this:

Announcing ThreatSTOP 6.0 Featuring Role Based Access Control

 

So much about good, basic Security comes down to proper access control. Information security, physical security, personal security, (probably even financial security?) – all security, it seems, works better when there’s proper control over who has access to what and when.

ThreatSTOP’s platform has historically allowed two levels of user access: Admin and Reporter. In this simple scheme, Admins could access everything, like creating a custom DNS Firewall policy, or whitelisting an IP across all their firewalls, while lowly Reporters got read-only access to look at reports. Two extremes of access control for what was a simpler time.

In the years since, things have really evolved in Security. It's gotten scarier outside – there are more threats, nastier ones, more sophisticated attackers, and shrewder methods. DDoS for hire, and turn-key ransomware. The myth of companies “too big to take down” or “too small to be targeted” got busted. It has gotten crazy out there.

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter