A hospital in Massachusetts quietly paid off a ransomware gang after a February hack that exposed patients' sensitive medical and financial data, the hospital said in a May 28 statement. Sturdy Memorial Hospital, a 126-bed facility in the city of Attleboro, said that the information exposed in the hacking incident may have included insurance claim numbers, medical history, treatment information, Social Security numbers, bank routing numbers and credit card numbers and security codes, among other data. READ MORE...
The Steamship Authority, Massachusetts' largest ferry service, was hit by a ransomware attack on Wednesday which led to ticketing and reservation disruptions. "The Woods Hole, Martha's Vineyard, and Nantucket Steamship Authority has been the target of a ransomware attack that is affecting operations as of Wednesday morning," the ferry service said on Wednesday. "There is no impact to the safety of vessel operations, as the issue does not affect radar or GPS functionality." READ MORE...
FujiFilm is investigating a ransomware attack and has shut down portions of its network to prevent the attack's spread. FujiFilm, also known as just Fuji, is a Japanese multinational conglomerate headquartered in Tokyo, Japan, which initially started in optical film and cameras. It has grown to include pharmaceuticals, storage devices, photocopiers and printers (XEROX), and digital cameras. FUJIFILM earned $20.1 billion in 2020 and has 37,151 employees worldwide. READ MORE...
REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research. Researchers from security firm Sophos detected the new ransomware, called Epsilon Red. READ MORE...
Exploiting memory leaks, injecting code into processes, and a variety of side-channel attacks could become much more difficult to pull off if a technique for creating a "morphable" processor architecture gains widespread adoption. The research effort, known as Morpheus, is a set of architectural changes to processors that implement two protections: the randomization of processor elements critical to program execution and the periodic encryption of those elements, a process called "churn." READ MORE...
Exploit acquisition firm Zerodium on Tuesday announced that it is offering $100,000 for severe vulnerabilities in Pidgin for Windows and Linux. Pidgin is a multi-platform instant messaging client that relies on the libpurple library to provide support for multiple messaging protocols, which allows users to use the same application with multiple messaging services. The exploit broker is looking for exploits that could be triggered remotely to achieve execution of arbitrary code. READ MORE...
Trend Micro on Thursday disclosed the details of a recently patched privilege escalation vulnerability that has been found to impact macOS, iOS and iPadOS. The flaw, tracked as CVE-2021-30724, was discovered by Trend Micro researcher Mickey Jin, and it was patched by Apple on May 24 with the release of macOS 11.4, iOS 14.6 and iPadOS 14.6. The vulnerability can allow a local attacker to elevate privileges by sending specially crafted requests. READ MORE...