Security News

Fresenius, Europe's largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. Based in Germany, the Fresenius Group includes four independent businesses: Fresenius Medical Care, a leading provider of care to those suffering from kidney failure; Fresenius Helios, Europe's largest private hospital operator; Fresenius Kabi, which supplies pharmaceutical drugs and medical devices; and Fresenius Vamed, which manages healthcare facilities.

Australian shipping giant Toll informed customers on Tuesday that it has shut down some IT systems after discovering a piece of ransomware. Toll said it discovered the ransomware after seeing unusual activity on some servers.

Transport company Toll Group has been slugged by ransomware for the second time in three months. "As a result of investigations undertaken so far, we can confirm that this activity is the result of a ransomware attack. Working with IT security experts, we have identified the variant to be a relatively new form of ransomware known as Nefilim."

In addition to the attack on the hospital in the Czech Republic, she cited a number of healthcare cyber incidents in France, Spain and Thailand, adding that there needs to be more collaboration worldwide on protecting critical health infrastructure in times of crisis. Ransomware attacks on healthcare providers rose 350% in the fourth quarter of 2019, and Emsisoft research shows that more than 759 healthcare providers were hit with ransomware last year.

While most consumers are taking necessary security precautions to protect their online accounts, businesses may not be doing enough to protect their information - inadvertently driving sales to competitors that can, an Arcserve research reveals. Nearly nine of ten consumers consider the trustworthiness of a business prior to purchasing a product or service and,.

A piece of Android ransomware uses a scareware tactic to extort money from victims: it asks them to provide their credit card information to pay a "Fine," Check Point reveals. Dubbed Black Rose Lucy, or simply Lucy, the malicious program was initially discovered in 2018 as a Malware-as-a-Service botnet and dropper for Android devices.

"Using an attack pattern typical of human-operated ransomware campaigns, attackers have compromised target networks for several months beginning earlier this year and have been waiting to monetize their attacks by deploying ransomware when they would see the most financial gain," says the Microsoft Threat Protection Intelligence Team. "Human-operated ransomware attacks represent a different level of threat because adversaries are adept at systems administration and security misconfigurations and can therefore adapt to any path of least resistance they find in a compromised network," the team explained.

Cybercriminals behind the Android-based dropper malware Black Rose Lucy have shifted attacks from info-stealing to ransomware - with a sextortion twist. With its most recent ransomware campaign, researchers said they have discovered more than 80 malware samples tied to Lucy, along with identifying one new active Lucy variant in the wild.

The Clop ransomware group attacked biopharmaceutical company ExecuPharm and reportedly leaked some of the company's compromised data on underground forums. According to a recent data breach notice, various ExecuPharm servers were hit in a ransomware attack on March 13, which compromised "Select corporate and personnel information." The attack was initiated through phishing emails that were sent to ExecuPharm employees.

The attack accuses victims of possessing pornography, encrypts all files on the device, and then instructs them to pay a fine to unlock the data, according to Check Point Research. After a successful infection on an Android device, Lucy encrypts files and then displays a ransom note in a browser window.