Security News
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million. Today, BleepingComputer confirmed the ransomware operations negotiation sites are now shut down as well, indicating a further deliberate take down of the ransomware gang's infrastructure.
Infosec in brief The infamous LockBit ransomware gang has been busy in the ten days since an international law enforcement operation took down many of its systems. LockBit quickly set up a new website and updated it with a list of forthcoming victim ransom deadlines - one of which included data allegedly stolen from Fulton County, Georgia.
Global securities finance tech company EquiLend's systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago. Providing regular updates via a dedicated web page, EquiLend almost completed its full restoration last week, waiting only for its data and analytics solutions to get back up and running.
Today's pervasive cyberattacks are forcing the majority of companies to pay ransoms and break their 'do not pay' policies, with data recovery deficiencies compounding the problem, according to Cohesity. All respondents said they need over 24 hours to recover data and restore business processes, and just 7% said their company could recover data and restore business processes within 1-3 days.
Aliaksandr Klimenka, a Belarusian and Cypriot national, has been indicted in the U.S. for his involvement in an international cybercrime money laundering operation. The U.S. DoJ alleged back then that the platform was used to launder funds stolen during the hack of Japanese crypto exchange platform Mt. Gox, as well as ransom payments for the Locky, Cerber, NotPetya, WannaCry, and Spora ransomware operations.
Southern Water provides water services to 2.5 million customers and wastewater services to 4.7 million customers in the southern regions of the England. Some documents leaked online are branded with Greensands logos - the parent company of Southern Water.
One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals may have stolen their personal information. "As you may be aware, on October 1, 2023, Estes discovered that an unauthorized threat actor had gained access to a portion of the Company's IT network and deployed ransomware," it said in a letter mailed to 21,184 people [PDF].
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems. In mid-October 2023, the Kansas courts authority disclosed a "Security incident" that impacted the availability of multiple systems, including the eFiling system attorney's use for document submission, electronic payment systems, and the case management systems used by district and appellate courts.
The LockBit crew is claiming to have leaked all of the data it stole from Boeing late last month, after the passenger jet giant apparently refused to pay the ransom demand. Neither data dump has been verified by The Register, and Boeing declined to answer specific questions about the incident or the stolen files.
Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of...