Update: Locky is the suspected culprit in the Prime, Hollywood Presbyterian and Kentucky ransomware attacks. On Monday, Maryland-based MedStar Health reported malware had caused a shutdown of some systems at its hospitals in Baltimore. Separately, Cisco Talos Research is claiming that a number of the attacks are exploiting a vulnerability in a network server called JBoss using a ransomware dubbed SamSam. Perhaps both are creating mischief? Ars Technica, Cisco Talos blog, BBC News, ThreatPost
More and worse attacks north of the 49th Parallel. Norfolk General Hospital in Simcoe, Ontario had a ransomware attack this week that spread to computers of staff, patients and families via the external website through the outdated content management system. According to MalwareBytes, “The particular strain of ransomware dropped here is TeslaCrypt which demands $500 to recover your personal files it has encrypted. That payment doubles after a week.” So if you are running old Joomla! or even old WordPress, update now! Neil Versel in MedCityNews
If you’re thinking Mac Prevents Attacks, the first ransomware targeting Apple OS X hit earlier this month. Mac users who downloaded version 2.90 of Transmission, a data transfer program using BitTorrent, were infected. KeRanger appears after three days to demand one bitcoin (about $400) to a specific address to retrieve their files. HealthcareITNews
Finally, there is the Hackermania gift that keeps on giving: Healthcare.gov. (more…)
Most Recent Comments