Colonial Pipeline Co., operator of the largest U.S. fuel pipeline, reportedly paid $5 million to criminals behind a ransomware attack that has sent fuel prices spiking up and down the East Coast. Sources familiar with the payout told Bloomberg that representatives of Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption tool that allowed the firm to restore its computer network disabled in last week's attack. READ MORE...
Ireland's Health Service Executive(HSE), the country's publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack. "There is a significant ransomware attack on the HSE IT systems," the Irish national health service said. "This has caused some disruption to our services. But most healthcare appointments will go ahead as planned. READ MORE...
Ransomware attacks are exploding at a staggering rate, and so are the ransoms being demanded. Now experts are warning against a new threat - triple extortion - which means that attackers are expanding out to demand payments from customers, partners and other third parties related to the initial breach to grab even more cash for their crimes. Check Point's latest ransomware report found that over the past year, ransomware payments have spiked by 171 percent, averaging about $310,000. READ MORE...
Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. Brenntag is a world-leading chemical distribution company headquartered in Germany but with over 17,000 employees worldwide at over 670 sites. READ MORE...
Europol and several national law enforcement agencies have teamed up to take down an investment fraud and money laundering ring that caused losses of approximately €30 million (US$36 million) to hundreds of victims, according to a press release by the European Union's law enforcement agency. The investigation led to the arrest of 11 suspects and involved the search of dozens of locations across Europe and Israel. READ MORE...
Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools (RATs) and information-stealing malware filelessly as part of an ongoing campaign. MSBuild (msbuild.exe) is a legitimate and open-source Microsoft development platform, similar to the Unix make utility, for building applications. This development tool can build apps on any Windows system if provided with an XML schema project file telling it how to automate the build process. READ MORE...
A researcher has found out that it is possible to upload arbitrary data from non-internet-connected devices by sending Bluetooth Low Energy (BLE) broadcasts to nearby Apple devices that will happily upload the data for you. To demonstrate their point, they released an ESP32 firmware that turns the micro-controller into an (upload only) modem. They also created a macOS application to retrieve, decode and display the uploaded data. READ MORE...
As more private data is stored and shared digitally, researchers are exploring new ways to protect data against attacks from bad actors. Current silicon technology exploits microscopic differences between computing components to create secure keys, but AI techniques can be used to predict these keys and gain access to data. Now, Penn State researchers have designed a way to make the encrypted keys harder to crack. READ MORE...