Security News

S2 Ep30: Let’s Encrypt, ULTRASOUND attacks, backups for ransom – Naked Security Podcast
2020-03-11 17:51

This week we talk about why Let's Encrypt might have to celebrate its billionth certificate twice, wonder if James Bond could hack Siri with ultrasound, and make backups surprisingly interesting. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

Local governments: Don't pay ransoms to hackers
2020-03-11 12:30

A new report from the Deloitte Center for Government Insights surveyed ransomware attacks on local governments throughout 2019 and lays out a few tips for those faced with the tough decision of whether to pay ransoms or not. The crucial question for most local governments is whether to pay, and while it may seem like the massive cost differences between thousand-dollar ransom payments and million-dollar recovery efforts is steep, the report suggests local governments hold the fort and refrain from paying cybercriminals.

Hacked Off: Patients Sue Ransom-Paying Hospital Group
2020-02-19 10:18

A lawsuit seeking class action status has been filed against a New Jersey healthcare organization in the wake of a ransomware attack last December in which the entity paid attackers a ransom to unlock its systems. Because of the ransomware attack, patients had their medical care and treatment disrupted, the complaint alleges.

Ryuk and Sodinokibi Surge as Ransom Payments Double
2020-01-28 12:18

Attackers using Ryuk and Sodinokibi - aka REvil - are increasingly "Focusing their attacks on large companies where they can attempt to extort the organization for a seven-figure payout," it says, noting that the average Ryuk ransom payment last quarter was $780,000. One commonality across all types of tools is that attackers overwhelmingly continue to demand ransom payments in bitcoins.

Some Hackers Take the Ransom and Run: Researchers
2020-01-24 05:24

Paying off hackers after a ransomware infection could end up being a total loss, according to a study released Thursday which finds some attackers just take the money and run. A survey by researchers at the security firm Proofpoint found that 33 percent of organizations infected with ransomware opted to pay the ransom.

Ransom-Demanding Gangs Target Fresh Victims: Patients
2020-01-21 12:33

Could ransomware shakedowns against healthcare entities be taking an even uglier turn? In a recent attack on a Florida-based plastic surgery practice, hackers exfiltrated patients' medical records and then demanded a ransom be paid by the clinic and some of its patients to avoid further exposure of the data. "The attackers demanded a ransom negotiation, and as of Nov. 29, 2019, about 15-20 patients have since contacted TCFFR to report individual ransom demands from the attackers threatening the public release of their photos and personal information unless unspecified ransom demands are negotiated and met."

New Data Ransom Target: Patients
2020-01-20 21:04

Could ransomware shakedowns against healthcare entities be taking an even uglier turn? In a recent attack on a Florida-based plastic surgery practice, hackers exfiltrated patients' medical records and then demanded a ransom be paid by the clinic and some of its patients to avoid further exposure of the data. "The attackers demanded a ransom negotiation, and as of Nov. 29, 2019, about 15-20 patients have since contacted TCFFR to report individual ransom demands from the attackers threatening the public release of their photos and personal information unless unspecified ransom demands are negotiated and met."

‘Maze’ ransomware threatens data exposure unless $6m ransom paid
2020-01-07 12:35

That ransomware attackers can steal as well as encrypt data isn't a new phenomenon but the possibility that sensitive data might be revealed to the world is potentially more damaging than any short-term disruption caused by the malware. To understand this defiance, consider other recent Maze incidents in which the Maze gang released samples of the stolen data to media, and set up a special website to publish it.

Canadian Lab Pays Ransom to 'Retrieve' Data
2019-12-18 21:48

Hackers Exfiltrated Data on 15 Million LifeLabs ClientsA Canadian medical testing lab acknowledges that it paid a ransom to "retrieve" data stolen by hackers in an incident that apparently did not...

Canadian Lab Test Provider Pays Ransom to Secure Hacked Data
2019-12-18 03:38

Lab test provider LifeLabs said Tuesday that it paid a ransom to secure data for Canadians that was stolen in a data breach in late October. read more