Security News

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
2024-07-26 08:55

The U.S. Department of Justice on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. "Rim Jong Hyok and his co-conspirators deployed ransomware to extort U.S. hospitals and health care companies, then laundered the proceeds to help fund North Korea's illicit activities," said Paul Abbate, deputy director of the Federal Bureau of Investigation.

US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks
2024-07-25 17:17

The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker identified as Rim Jong Hyok. Part of the Andariel North Korean hacking group, Hyok and other Andariel operatives were linked to Maui ransomware attacks targeting critical infrastructure and healthcare organizations across the United States.

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
2024-07-25 14:08

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. "APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009," researchers Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, and Michael Barnhart said.

LA County Superior Court closes doors to reboot justice after ransomware attack
2024-07-22 17:15

Some rest for the wicked? Los Angeles County Superior Court, the largest trial court in America, closed all 36 of its courthouses today following an "unprecedented" ransomware attack on Friday.…

New Play ransomware Linux version targets VMware ESXi VMs
2024-07-22 17:01

Play ransomware is the latest ransomware gang to start deploying a dedicated locker for encrypting Linux devices and specifically targeting VMware ESXi virtual machines. [...]

Cybercrooks crafting solo careers in wake of ransomware takedowns
2024-07-22 16:33

More baddies go it alone as trust in big gangs withers, claims Europol A fresh report from Europol suggests that the recent disruption of ransomware-as-a-service (RaaS) groups is fragmenting the...

Los Angeles Superior Court shuts down after ransomware attack
2024-07-22 14:37

The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack. [...]

New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems
2024-07-22 03:56

Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play that's designed to target VMWare ESXi environments. Manufacturing, professional services, construction, IT, retail, financial services, transportation, media, legal services, and real estate are some of the top industries affected by the Play ransomware during the time period.

MediSecure: Ransomware gang stole data of 12.9 million people
2024-07-19 17:05

MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack. At the time, the Australian National Cyber Security Coordinator, who was helping MEdiSecure to mitigate the breach, described it as a "Large-scale ransomware data breach."

Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks
2024-07-19 12:30

Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The development comes more than two months after the U.K. National Crime Agency unmasked a 31-year-old Russian national named Dmitry Yuryevich Khoroshev as the administrator and developer of the LockBit ransomware operation.