Expert warns of Turtle macOS ransomware
The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…
Ardent Health Hospitals Disrupted After Ransomware Attack
Ardent Health Services, headquartered in Nashville, Tenn., and operating in six different states, fell victim to a ransomware attack in late November that has taken its entire network offline. Some 30 hospitals have been affected by this ransomware attack. While the attack didn’t disrupt patient care in Ardent hospitals, those in need of emergency medical…
Exploited Vulnerabilities Can Take Months to Make KEV List
On October 10, the Cybersecurity and Infrastructure Security Agency (CISA) updated the Known Exploited Vulnerabilities (KEV) catalog with five known software flaws. At the top of the list: A use-after-free vulnerability in Adobe’s Acrobat and Reader PDF-viewing applications that could allow code execution with the privileges of any user that clicked on a malicious file….
Rackspace Ransomware Costs Soar to Nearly $12M
Financial disclosures filed over the past year show that Rackspace Technology has continued to rack up expenses and losses following last year’s December ransomware attack on one of its hosted Microsoft Exchange servers. So far, the incident costs have soared well into eight figures. Rackspace is a Texas-based, cloud computing services provider, largely for small…
‘Hunters International’ Cyberattackers Take Over Hive Ransomware
The FBI may have successfully disrupted the destructive Hive ransomware operation earlier this year, but the group’s malware code continues to present a threat to organizations everywhere. In October, a security researcher’s analysis of a ransomware used by new group called Hunters International showed substantial code overlaps with Hive ransomware. A subsequent analysis by Bitdefender…
Cyberattack Forces San Diego Hospital to Divert Patients
A San Diego public hospital is diverting ambulances and patients to other facilities as it deals with a cyberattack detected early Thursday. The medical center is the latest among a growing roster of regional healthcare providers forced to suddenly shift patients to neighboring entities due to a cybersecurity crisis. Tri-City Medical Center is an acute…
DDoS attack leads to significant disruption in ChatGPT services
OpenAI confirmed earlier today that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. “We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.” reads the update posted by OpenAI on its…
Ontario Hospitals Expect Monthlong Ransomware Recovery
A shared IT services provider and its five Ontario member hospitals say their recovery from a Daixin Team ransomware attack in October could last into December as the group rebuilds its IT network. Meanwhile, the outage will continue to disrupt patient services, including diagnostics and treatments. TransForm Shared Service Organization and the regional hospitals to…
Ransomware Mastermind Uncovered After Oversharing on Dark Web
When researchers responded to an ad to join up with a ransomware-as-a-service (RaaS) operation, they wound up in a cybercriminal job interview with one of the most active threat actors in the affiliate business, who turns out to be behind at least five different strains of ransomware. Meet “farnetwork,” who was unmasked after giving over…
Generative AI to fuel stronger phishing campaigns, information operations at scale in 2024
The signs an average person uses to tell whether an email is legitimate or a scam by checking for misspellings, grammar errors, and lack of cultural context will be harder to spot in 2024. Attackers will continue to use generative AI and large language models (LLM) in phishing, SMS, and other social engineering operations to…
