MedExHCO
April 22, 2023
•[ ransomware, malware, finance ]
The Cl0p ransomware gang claims to have hacked MedExHCO, allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
Allied Benefit
April 22, 2023
•[ ransomware, leak, malware ]
The Cl0p ransomware gang leaks some data from Allied Benefit allegedly exfiltrated exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.
Robeson Health Care Corporation
April 21, 2023
•[ hack, malware, healthcare ]
Robeson Health Care Corporation files a notice of data breach after learning that confidential patient data was accessed by an unauthorized party following a malware attack.
Undisclosed critical infrastructure organization in the United States
April 21, 2023
•[ hack, malware, energy ]
Researchers from Symantec/Broadcom reveal that the software supply chain attack that led to last month's 3CX breach has also impacted at least several critical infrastructure organizations in the United States and Europe.
Logistica Integrada Sulamericana (LISA)
April 21, 2023
•[ ransomware, malware ]
Logistica Integrada Sulamericana (LISA) is listed in the BlackCat's ransomware leak site.
Saville Row
April 21, 2023
•[ ransomware, leak, malware ]
Saville Row, a Chilean clothing store, is added to BlackCat's ransomware leak site.
Cementos Progreso
April 21, 2023
•[ ransomware, leak, malware ]
Cementos Progreso is added to BlackCat's ransomware leak site. As proof, they offer some samples with internal documents.
Seguros la Occidental
April 21, 2023
•[ ransomware, malware, finance ]
Seguros la Occidental, a Venezuelan insurer that offers general and life insurance products, is added to BlackCat's ransomware leak site with samples containing 27 screenshots of images of various insurance company documents that included ID cards.
3CX
April 20, 2023
•[ espionage, malware, technology ]
Researchers from Mandiant reveal that the 3CX supply chain attack was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds.
Peachtree Orthopedics
April 20, 2023
•[ ransomware, malware, healthcare ]
Peachtree Orthopedics posts a notice of data breach on the company's website after determining that an unauthorized party had gained access to its computer network. The Karakurt ransomware gang claims responsibility for the attack.
Unknown Organization
April 20, 2023
•[ hack, malware, government ]
Even a Brazilian state government website (semed.capital.ms.gov.br) is observed serving Fortnite spam within the same campaign.
Coldiretti
April 19, 2023
•[ ransomware, malware ]
Coldiretti, the Italian organization of agricultural entrepreneurs, suffers a Play ransomware attack.
PaperCut
April 19, 2023
•[ ransomware, malware, technology ]
Print management software developer PaperCut warns customers to update their software immediately, as hackers are actively exploiting two flaws, ZDI-CAN-18987 / PO-1216 and ZDI-CAN-19226 / PO-1219, to gain access to vulnerable servers. Later the attacks are attributed to the Cl0p ransomware gang.
Lake Dallas Independent School District
April 18, 2023
•[ ransomware, leak, malware ]
The Royal ransomware gang adds Lake Dallas Independent School District in Texas to its leak site.
Cisco
April 18, 2023
•[ espionage, malware, technology ]
The UK National Cyber Security Centre (NCSC), US Cybersecurity and Infrastructure Security Agency (CISA), NSA, FBI, and Cisco warn of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, exploiting CVE-2017-6742, allowing unauthenticated access to the device.
Chattanooga Heart Institute
April 17, 2023
•[ ransomware, malware, healthcare ]
The Chattanooga Heart Institute notifies more than 170,000 patients and others that hackers may have stolen their sensitive personal and medical information in a cyberattack detected in April. The Karakurt ransomware group claimed credit for the hack a month later.
Point32Health
April 17, 2023
•[ ransomware, malware, finance ]
Point32Health, a New England health insurance firm serving more than two million people, is dealing with a ransomware attack impacting several of its systems.
Uniondale Union Free School District
April 17, 2023
•[ ransomware, malware, education ]
Uniondale Union Free School District (UUFSD) in New York is added to Medusa's leak site with some files leaked.
Pineland Schools
April 17, 2023
•[ ransomware, malware, education ]
Pineland Schools is added to the LockBit ransomware site with some files as proof of claim. The attackers claim to have 64GB of data.
MAC Pizza Management
April 17, 2023
•[ ransomware, malware, retail ]
MAC Pizza Management files a notice of data breach after learning that confidential information belonging to thousands of people was compromised following a ransomware attack.
