Security News
The UK's data protection watchdog says it plans to fine a managed software provider to the NHS £6.09 million for failings that led to a 2022 ransomware attack. Advanced pulled its systems offline on August 4, 2022, in an incident that was eventually attributed to LockBit, back in its heydey which has thankfully now ended.
One of the US's largest car dealerships says the IT outage caused by CDK Global's June ransomware attack cost it approximately $30 million. Sonic Automotive filed a Form 8-K with the Securities and Exchange Commission on Monday alongside the release of its quarterly financials, confirming that like its rivals, it too was materially affected by the incident at CDK. Of the total $30 million drop in pre-tax GAAP income, $11.6 million of that related to additional compensation paid to staff, and possibly external contractors, who helped to handle the outage, it said.
Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan. Angry IP Scanner is an IP address and port scanner, and as such is more likely to be downloaded and used by IT workers.
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. [...]
Electronic manufacturing services provider Keytronic has revealed that it suffered losses of over $17 million due to a May ransomware attack. [...]
[...]
A ransomware attack against blood-donation nonprofit OneBlood, which services more than 250 American hospitals, has "Significantly reduced" the org's ability to take, test, and distribute blood. "In an effort to further manage the blood supply we have asked the more than 250 hospitals we serve to activate their critical blood shortage protocols and to remain in that status for the time being."
OneBlood, a large not-for-profit blood center that serves hospitals and patients in the United States, is dealing with an IT systems outage caused by a ransomware attack. [...]
A vulnerability in the ESXi hypervisor was patched by VMware last week, but Microsoft has revealed that it has already been exploited by ransomware groups to gain administrative permissions. The vulnerability affects ESXi versions 7.0 and 8.0 and VMware Cloud Foundation versions 4.x and 5.x., but patches were only rolled out for ESXi 8.0 and VMware Cloud Foundation 5.x. It has a relatively low CVSS severity score of 6.8.
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. "In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amount- an achievement that's bound to attract the interest of other attackers looking to replicate such success by adopting their key tactics," reads the 2024 Zscaler Ransomware Report.