ransomware
Indian tech giant Tata Technologies hit by ransomware attack
Tata Technologies Ltd. had to suspend some of its IT services following a ransomware attack that impacted the company network. A subsidiary of Tata Motors, Tata Technologies is an Indian public multinational tech firm that focuses on automotive design, aerospace engineering, and R&D engineering in general. It is one of India’s key tech developers and state […]
Mizuno USA says hackers stayed in its network for two months
Mizuno USA, a subsidiary of Mizuno Corporation, one of the world’s largest sporting goods manufacturers, confirmed in data breach notification letters that unknown attackers stole files from its network between August and October 2024. Headquartered in Peachtree Corners, Georgia, Mizuno USA manufactures and distributes golf, running, baseball, volleyball, softball, swimming, and tennis equipment, apparel, and […]
KuCoin to pay nearly $300 million in penalties after guilty plea
KuCoin’s operator, PEKEN Global Limited, pleaded guilty to operating an unlicensed money-transmitting business and agreed to pay $297 million in penalties to settle charges in the U.S. The cryptocurrency exchange was charged in March 2024 for its failure to implement the required anti-money laundering (AML) requirements, allowing cybercriminals to use the platform to launder their proceeds. According […]
Ransomware attack disrupts New York blood donation giant
The New York Blood Center (NYBC), one of the world’s largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments. NYBC collects almost 4,000 units of blood products every day and serves more than 75 million people in more than a dozen states. It also provides transfusion-related […]
UnitedHealth now says 190 million impacted by 2024 data breach
UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. In October, UnitedHealth reported to the US Department of Health and Human Services Office for Civil Rights that the attack affected 100 million people. However, as first reported by TechCrunch, UnitedHealth […]
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access
Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. VMware ESXi appliances have a critical role in virtualized environments as they can run on a single physical server multiple virtual machines of an organization. They are largely unmonitored and have been a target for hackers looking to […]
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. The threat actors are sending thousands of spam messages over a short period and then call the target from an adversary-controlled Office […]
Label giant Avery says website hacked to steal credit cards
Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers’ credit cards and personal information. Avery is an American company that produces and sells self-adhesive labels, apparel branding elements, and printing services. In a data breach notification sent to impacted customers, Avery discovered they were attacked on […]
OneBlood confirms personal data stolen in July ransomware attack
Blood-donation not-for-profit OneBlood confirms that donors’ personal information was stolen in a ransomware attack last summer. OneBlood first notified the public about the attack on July 31, 2024, noting that ransomware actors had encrypted its virtual machines, forcing the healthcare organization to fall back to using manual processes. OneBlood is a supplier of blood to over 250 hospitals […]
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. The campaign was discovered by Halcyon, who reported that a threat actor named “Codefinger” had encrypted at least two victims. However, the operation could escalate or the […]