Category Archives: Cyber Attack

Spotlight Podcast: OT Is Under Attack. Now What?

Chris Walcutt, the CSO at DirectDefense talks about the rapidly changing threat landscape that critical infrastructure owners and operators inhabit, and how savvy firms are managing OT cyber risks.

The post Spotlight Podcast: OT Is Under Attack. Now What? appeared first on The Security Ledger with Paul F. Roberts.

Exclusive: CISA’s Jen Easterly wants to protect US hospitals following spate of ransomware attacks

APT, Ransomware, Cyber Attack

 

Three and a half years ago, the Springhill Medical Center in Mobile, Alabama, became the target of Russian-based cybercriminals known as the Ryuk gang and Wizard Spider. The hackers locked up all the hospital’s computers, medical records and equipment when Springhill refused to pay a ransom.

It’s one example out of hundreds in the past three years of cyber hackers attacking unsuspecting hospitals and medical centers knowing that if those hospitals’ systems are down, lives can be lost.

“These criminal groups have been deploying ransomware against these hospitals, trying to lock up data, in some cases locking up medical devices in order to cause life-threatening conditions that then would, in their view, get these organizations to be much more likely to pay a quick ransom and have them make a buck,” Dmitri Alperovitch, founder of Silverado Policy Accelerator explains.

“It’s been really an epidemic over the last three years with a range of both rural hospitals, small organizations and major hospital networks being attacked on a continuous basis by these groups and, in some cases, having to pay hundreds of thousands of dollars in ransom.” 

Now, the nation’s top cyber defenders plan to make protecting hospitals and schools their priority in the new year.

More:

 

Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers.Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at Guardicore

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years."At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," Marriott said in a

Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines.Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own

US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences.The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed

Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims

Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.According to researchers at Binary Defense, the newly discovered Emotet sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts to

Russian Pleads Guilty to Running ‘CardPlanet’ to Sell Stolen Credit Cards

Image credit: Times of Israel. Aleksei Burkov, a 29-year-old Russian hacker, on Thursday pleaded guilty to multiple criminal charges for running two illegal websites that helped cyber criminals commit more than $20 million in credit card fraud.The first website Burkov operated was an online marketplace for buying and selling stolen credit card and debit card numbers—called Cardplanet—which