The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. and U.K., demanding ransom payments as high as $1.6 million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.
Forefront Dermatology S.C., a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a recent hacking incident. The attack apparently involved a ransomware strain known as "Cuba."
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
Software developer Kaseya has released patches for its remote monitoring software, which had been exploited by REvil ransomware attackers to infect up to 60 MSPs and 1,500 of their clients. The patches mitigate the final three vulnerabilities out of seven that researchers reported to Kaseya in early April.
In the latest weekly update, a panel of Information Security Media Group editors discusses the repercussions of the Kaseya ransomware incident, the immediate response of the cybersecurity community and key risk management takeaways.
As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack. It's a reminder that the goal of cybercrime remains to maximize illicit profits as easily and quickly as possible.
Two small Maryland towns are among the latest victims to come to light almost a week after the REvil ransomware supply chain attack that targeted Kaseya's VSA remote IT management software. The company says the attack on on-premises VSA installations affected about 60 of its managed service provider customers and up...
Ransomware-wielding criminals continue to hone their illicit business models, as demonstrated by the strike against customers of Kaseya. A full postmortem of the attack has yet to be issued, but one question sure to be leveled at the software vendor is this: Should it have fixed the flaw more quickly?
The REvil ransomware operation behind the massive attack centering on Kaseya, which develops software used by managed service providers, has offered to decrypt all victims - MSPs as well as their customers - for $70 million in bitcoins. Experts note this isn't the first time REvil has hit MSPs, or even Kaseya.
The U.S. Cybersecurity and Infrastructure Security Agency has released a Ransomware Readiness Assessment audit tool to help organizations size up their ability to defend against and recover from attacks.
The U.S. Senate has unanimously approved Chris Inglis as national cyber director. He assumes the role as the country is still reeling from a series of ransomware attacks and the SolarWinds supply chain attack. Meanwhile, confirmation of a new CISA director is on hold.
Bitcoin has enabled fast payments to cybercriminals pushing ransomware. How to deal with bitcoin is the subject of a spirited debate, with some arguing to restrict it. But bitcoin doesn't always favor cybercriminals, and it may actually be more of an ally than a foe by revealing webs of criminality.
The Department of Homeland Security unit that's responsible for the safety of the nation's interstate pipelines is preparing new cybersecurity requirements for oil and gas companies in the wake of the Colonial Pipeline Co. ransomware attack.