The US Marshals Service (USMS) is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a "major incident" by officials, impacting a "stand-alone" system (meaning it is not connected to a larger federal network) within the service, an agency spokesperson said Monday. The attack was discovere
A pro-Russian hacking group is claiming responsibility for cyber-attacks on several hospitals in the United States. The attack came just days after the Federal Bureau of Investigation (FBI) said it took down a ransomware group that was also targeting hospitals in what was called “The Hive” attack.
The US Attorney General says they’ve seen how cyber-attacks on medical facilities can be very disruptive. “The Hive ransomware attack was able to prevent the hospital from accepting new patients,” th
The US Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known Hive IOCs and TTPs identified through FBI investigations as recently as November 2022. FBI, CISA, and HHS encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents. Victims of ransomware operations should report the incident to thei
Costa Rica is still reeling from the ransomware attacks deployed by the Conti group, and now the Hive ransomware group has joined in. According to Bleeping Computer, the Hive ransomware group is behind the attack beginning 31 March 2022 targeting Costa Rica’s public health service.
The Costa Rican government agency has publicly stated that an attack took place early Tuesday morning. The targeted government entities included the Costa Rican Social Security Fund (CCSS). The government also st
Ransomware is a constant thorn in the side of cyber security professionals worldwide. Hive Ransomware stormed onto the scene in June of 2021 and in their first six months, from June to December of 2021 they managed to compromise 355 companies. The group made headlines for targeting IT, real estate, and healthcare organizations, prompting an FBI Alert sharing the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the group in late August.
Activity Summary - Week Ending 10 September 2021:
- Red Sky Alliance identified 47,398 connections from new unique IP addresses- Sinkholes
- Analysts identified 1,034 new IP addresses participating in various Botnets
- 4 unique email accounts compromised with Keyloggers were used to log into Personal Accounts
- Sality Malware Variant seen 42252 times this past week
- Hive Ransomware Alert
- STRRAT RAT
- FIN7 again
- Microsoft and $20 billion in Cyber Security
- South Korea and TrickBot Arrest
- To SOAR, or to SIEM
Note: this page contains paid content.
Please, subscribe to get an access.