Ransomware Investigation Discovered Bigger Issues

Breach discovered during ransomware investigation… The Peachtree Neurological Clinic, located in Atlanta, Georgia was hit with ransomware.  The clinic is not disclosing when the attack took place.  However, they did report not paying the ransom demand and restoring the files internally.  Although, throughout the investigation and remediation process, the medical facility learned of a security breach. […]

Continue reading


Largest San Francisco Radio Station Still Struggling After Ransomware Hit

Impact Still Felt, A Month After Ransomware Attack KQED, the largest radio station in San Francisco is still struggling to get back to day-to-day operations after ransomware took down their computers in mid-June.  Tech Talk first reported the attack on June 17th, just two days after the ransomware hit.  The station’s streaming services were pushed […]

Continue reading


Three Michigan Medical Facilities Corrupted by Ransomware

Caro Medical Facilities Paralyzed by Ransomware Three medical facilities, all tied to the Caro Community Hospital were infected with ransomware on July 5, 2017.  According to WNEM, the Caro Community Hospital, Caro Medical Clinic and the Caro Quick Care were impacted by the ransomware that hit the Caro Community Hospital’s database.  Once aware of the attack, […]

Continue reading


Canadian Firm Pays $425K in Ransom Demands

Cyber Criminals Take Down Canadian Company Last weekend, and unnamed Canadian firm was hit with ransomware.  IT World Canada reported, the ransomware was able to infiltrate the system by worming its way through vulnerabilities found in the company’s Windows operating system.  The malicious software took down the company’s databases and wiped out all of their […]

Continue reading


LeakerLocker Ransomware Takes Different Approach

LeakerLocker Doesn’t Encrypt… The new ransomware, LeakerLocker, is taking a different approach to exploiting their victims.  Instead of targeting PCs, LeakerLocker focuses on smart phones.  Within the device, they then create an unauthorized copy of the user’s pictures, videos and browsing history.  They then, threaten to share all of this information with every person in […]

Continue reading


Ransomware Strikes – Paralyzing Four Public Systems

Over the last three days, four different ransomware infections have been reported.  Each of which targeting public departments and organizations. WannaCry Takes Down Fire and Police Departments According to US News, two emergency systems in Tennessee were infected with ransomware.  The Murfreesboro Police and Fire Departments were hit, leaving their systems completely paralyzed.  It is unclear […]

Continue reading


Ohio Clinic Ransomware Infections Leads to Breach Concerns

Breach Concerns Raised After Ohio Clinic is Riddled with Ransomware The Ohio clinic, PVHS-ICM Employee Health and Wellness, located in Dublin, recently informed their patients of a ransomware attack that hit its servers in May of 2017.  The ransomware only infected one location.  Therefore, all other locations were not impacted.  The ransomware variant that attacked […]

Continue reading


Huntsville Clinic Notifies Patients of Ransomware Infection

Ransomware Infects Huntsville’s Cove Family and Sports Medicine Cove Family and Sports Medicine, located in Huntsville, Alabama, recently informed their patients of a ransomware attack that occurred in April of 2017.  The ransomware successfully infected with clinic’s systems, encrypting various files.  However, instead of paying the ransom demand, they were able to restore their own […]

Continue reading


Thomas Jefferson Monticello Attacked by Ransomware

Thomas Jefferson Monticello – Recent Ransomware Victim An unknown ransomware variant recently encrypted the computer and phone systems at the Thomas Jefferson Monitcello, located in Charlottesville, Virginia.  The Federal News Radio reported tours are being not interrupted.  However, all electronic transactions have been ceased until the matter can be resolved.  Therefore, all electronic tourist payments […]

Continue reading


Petya Creators Reveals Themselves to Confirm Latest Attack Was Not Petya

Ransomware Creator Verifies, Latest Global Attack was not Petya This week, another global attack hit the world.  Initial reports claimed the attack was a version of the Petya ransomware.  However, after further investigation, it was determined the global attack was not Petya.  It wasn’t even ransomware.  The malware variant spread throughout the attack, deemed NotPetya, […]

Continue reading


Calallen Independent School District’s Security Program Failed The Test

Calallen School’s Network Infected With Ransomware On June 25, 2017, Calallen Independent School District found themselves in a heap of trouble.  Officials began noticing something was wrong with their email systems, and quickly learned ransomware had infiltrated their networks. The exact variant of ransomware that hit the school district is uncertain.  However, officials did report […]

Continue reading


The Next Global Cyber Weapon Has Been Released

WannaCry ransomware hit the globe just over 30 days ago.  It was predicted, another global ransomware attack would take place sooner or later.  However, who would’ve thought instead of ransomware, it would be complete cyber warfare? NotPetya Spreads Around the World Initial reports of NotPetya, had researchers believing it was a variation of Petya, a […]

Continue reading


Cyber Attacks are Hitting England

England Targeted Victim of Cyber Attacks British Parliament Targeted in “Determined” Cyber Attack The British parliament was the recent victim of a “sustained and determined” cyber attack.  The attack was targeting weak email passwords.  The parliament was able to isolate the infection and took precautionary measures to mitigate the spread.  They decided by temporarily disabling […]

Continue reading


Backups Smackups, Prevention is the Real Key

Why Backing Up Your Data Won’t Work Let’s be honest, backing up your data is important.  Maybe more so for some users than others, but important nonetheless.  However, backups are not the golden ticket when it comes to restoring data after a malware attack.  Although they could be useful in restoring your files after a […]

Continue reading


Ransomware Attacks Two Medical Facilities

Two Medical Organizations Release Statements Regarding Ransomware Attacks Airway Oxygen Inc. Airway Oxygen Inc., a Michigan medical supply company, informed its patients of a ransomware attack that took place in mid-April.  The ransomware variant was not disclosed, nor was the amount of the ransom demand.  Airway Oxygen did not disclose if they paid the ransom, […]

Continue reading


WannaCry Continues to Infect Business Operations

Wanacrypt0r ransom screen

WannaCry Attacks Again… It has been over a month since the world was introduced to WannaCry ransomware.  However, even with increased awareness and preventative options in place, businesses are still being effected.  A Honda plant in Japan was the most recent victim of the WannaCry epidemic.  On June 18, 2017, the plant had to temporarily […]

Continue reading


Victim Pays $1M in Ransom After 153 Linux Servers Became Infected

Linux is not immune — 153 infections leading to 3,400 websites down The largest ransomware payout in history is taking place at this very moment.  Nayana, a web hosting company located in South Korea, was hit with ransomware on June 10th.  The ransomware variant, Erebus, successfully infiltrated 153 Linux servers, allowing the cyber criminals access […]

Continue reading


Streaming Services Pushed Offline After Ransomware Hit 

This is New — Ransomware Attacks Streaming Services Ransomware has hit schools, small businesses, large conglomerates, churches, and medical facilities — but now reports have been made that a California radio station has been hit.  KQED out of San Francisco was hit with ransomware late last week.  The unknown ransomware variant took down the radio’s […]

Continue reading


Midwestern Hospital Infected With Ransomware

Iowan Hospital Paralyzed by Ransomware On June 14, 2017 an unknown ransomware variant infected the Waverly Health Center, a hospital located in Waverly, Iowa.  Fortunately, the facility encrypts all of their patient data.  Therefore, the hackers were unable to obtain any of the patient’s personal information.  Although, the hackers were able to infect the systems, […]

Continue reading


Ransomware Attack Leads Hospitals to Suspend Emails

Unknown Ransomware Variant Infiltrates University College London The University College London (UCL) was hit with a ransomware attack yesterday afternoon.  After the UCL shared their systems had been infected, concerns were raised that another global ransomware attack, similar to WannaCry, was on its way.  Due to the strong ties between the UCL and the University […]

Continue reading


Apple Declines to Comment on Growing Malware Threats

Ransomware & Spyware Targets Apple’s Mac Computers With Apple’s market share growing, it is fair to assume cyber criminals will broaden their hacking horizons beyond Windows PCs.  Recently, ransomware was found targeting Mac computers.  Ransomware, or the malicious software that encrypts user data and demands payment in order for the user to regain access, has […]

Continue reading


The Top 10 Ransomware Myths Busted

Ransomware has become a popular topic over the last month.  The increased awareness to this growing cyber threat can likely be attributed to the WannaCry ransomware attack that hit worldwide in mid-May.  However, there are still several misconceptions regarding this form of malware. Top 10 Ransomware Myths Ransomware is just a virus. False – Ransomware […]

Continue reading


WanaCrypt0r Analysis Part II – SMB Exploit and Worm Component

Wanacrypt0r ransom screen

Introduction Part II of the WanaCrypt0r code analysis has arrived. We’re going to be starting out where we left off last time, which is with the Microsoft Windows MS17-010 Server Message Block (SMB) exploit/”worm component” that made the ransomware so dangerous by allowing it to spread to other vulnerable (not patched) systems on the network […]

Continue reading


98% of WannaCry Infections Occurred on Windows 7 Machines

Window XP Held Strong Against WannaCry – Despite Initial Reports The ransomware that took the world by storm in mid-May was found to be far less successful on Windows XP computers than originally thought.  WannaCry ransomware was believed to spread vigorously due to the outdated Windows XP operating system.  However, according to a recent study, […]

Continue reading


Why is the Healthcare Industry More Prone to Cyber-attacks?

Healthcare Industry – An Easy Target Over the past few days, we’ve seen a new ransomware called WannaCry or WannaCrypt wreak havoc across the globe, infecting hundreds of large corporations, such as FedEx, Telefonica, and Britain’s National Health Service (NHS). Though the ransomware continued to infect computers at a more subdued pace, many corporations are […]

Continue reading


WanaCrypt0r – A dive into the code

Wanacrypt0r ransom screen

Introduction During the past few days, as one might expect, we’ve been getting lots of news, reports, and files for the ransomware entitled WanaCrypt0r/WannaCry/WanaCrypt. First and foremost, the good news is that customers of PC Matic SuperShield were protected from WanaCrypt0r the entire time. However, this post aims to provide a technical analysis of how […]

Continue reading


WannaCry Impacted Over 200K Endpoints Wordwide

WannaCry Distributes Biggest Cyber Attack to Date A massive ransomware attack has hit worldwide, impacting various countries and tens of thousands of endpoints.  According to CNBC, over 200,000 malicious attacks were distributed last Friday, May 12, 2017, in over 150 different countries.  However, these statistics are expected to increase as additional information is released. The […]

Continue reading


Providence Law Firm Pays Cyber Criminals, Files Remained Locked

Providence Law Firm Pays Cyber Criminals Thousands A prominent law firm, located in Providence, Rhode Island, was hit with ransomware three months ago.  Their systems are back to normal after the attack hit, but not until after they paid the cyber criminal thousands. The law firm was hit with an unknown ransomware variant months ago. […]

Continue reading


Greenway Health Struggles to Recover After Ransomware Hit

Ransomware, the malicious software that locks files until a payment demand is made, has recently hit Greenway Health, located in Carrollton, Georgia.  Greenway Health is an electronic health records vendor.  Total, they serve over 75,000 different healthcare facilities. The ransomware strike occurred last week; however, some of the Greenway Health users are still unable to […]

Continue reading


45% of SMBs Don’t Retrieve Files After Paying Ransom Demands

SMBs Short Changed After Meeting Cyber Criminals Demands One of the many risks ransomware victims face is, the likelihood they pay the ransom but don’t get the decryption keys to actually unlock their files.  In a recent study done by SpiceWorks, a shocking 45% of small and medium sized businesses (SMBs) are not retrieving their […]

Continue reading


Newark City Hall Held Hostage – $30K Ransom Demanded

Ransomware Strikes Again… This time, it was the City Hall in Newark, New Jersey.  The attack reportedly began on Friday, April 21st, and continued to spread over the weekend.  According to KnowBe4, Seth Wainer, Chief Information Officer for the City of Newark, reported, “The virus compromised our network and disrupted many services that we offer. […]

Continue reading


Erie County Medical Systems Remain Down Almost Two Weeks After Attack

Erie County Medical Center Remains Down 13 Days After Attack Erie County Medical Center, located in Buffalo, New York was recently hit with a virus, leaving its systems down for the last 13 days.  Although the medical facility has yet to confirm the virus was ransomware, Buffalo News made reports, that is indeed the case. […]

Continue reading


Locky Ransomware Variant Returns with a Vengeance

Old Ransomware Returns with A Bang Many reports have reported 2016 as the year of ransomware.  This can much attributed to the ransomware variant, Locky.  However, in 2017, Locky ransomware has been on somewhat of a hiatus.  This lead to another ransomware variant, Cerber, becoming the most popular ransomware of 2017. However, it appears Locky […]

Continue reading


Rensenware Wants You to Play — Not Pay

Rensenware Demands Victims Earn Their Files Back Ransomware, the malicious software that locks your files and demand a payment to retrieve them, was recently taken to a different level.  A new ransomware variant, deemed Rensenware, locks your files and demands the victims play a game, Touhou Seirensen.  Victims have to earn 200 million points on […]

Continue reading


ABCD Pediatrics Breached and Hit with Ransomware

ABCD Pediatrics Hit Twice by Cyber Criminals Another ransomware attack was reported, this time by ABCD Pediatrics, located in San Antonio, Texas.  Ransomware reports have sadly become the norm lately, but this one is a bit different.  Not only was the medical facility hit with ransomware, their IT department also reported unknown user IDs created, […]

Continue reading


Oahu Man Falls Victim to Ransomware Attack

Ransomware Victim Pays $599 and Remained Hacked After clicking on a malicious ad, an Oahu man found himself the victim of a ransomware attack.  The man clicked on the ad, to immediately have his files be encrypted by the cyber criminals.  The ransomware message from the hackers, displayed a support phone number for the victim […]

Continue reading


Forsyth Public Schools Overrun with Malware

Forsyth Schools Hacked Forsyth Public Schools, located in Montana was the victim of a major hack over the weekend.  They are uncertain when the hack began, but was identified on Saturday, April 1, 2017.  According to Last Best News, the school received three emails prior to the attack, saying they had to pay a ransom […]

Continue reading


Dutch Parliament “Briefly” Hit with Ransomware

Are the Turks responsible for the ransomware hit on the Dutch Parliament? As previously reported, there has been some hostility overseas between Turkey and Germany and the Netherlands.  Germany and the Netherlands have banned Turkish ministers from campaigning in their regions for an upcoming election.  This ban has caused strains between the three areas, which […]

Continue reading


Another Urology Clinic Hit With Ransomware

Another Urology Clinic is Victimized In late 2016, the Metropolitan Urology Group was hit with ransomware.  Now, Urology Austin, located in Austin, Texas, just released they were hit with ransomware on January 22, 2017.  Ransomware, the malware that locks critical files and demands a payment from the victim to release the files, has been taking the […]

Continue reading


Richmond Housing Agency Loses Data After Ransomware Attack

Richmond Housing Agency Lost a Month’s Worth of Data The Richmond Housing Agency, in Indiana, was recently hit with a ransomware attack.  The systems were infected in on February 27, 2017.  The ransomware variant is believed to have ties back to India.  After encrypting the housing agency’s systems, hackers demanded $8,000 to restore the company’s […]

Continue reading


Metropolitan Urology Group Suffers Breach Due to Ransomware Attack

Metropolitan Urology Group Found Patient Information Leaked During Ransomware Attack In November, 2016, the Metropolitan Urology Group (MUG) was hit with a ransomware attack.  Two months later, in January, 2017, MUG discovered the hackers obtained private, patient information during the attack.  The patients impacted are those who rendered services between 2003 and 2010.  The information exposed […]

Continue reading


Appropriate Defense Against Ransomware is Not Backups

The Today Show featured another piece on cyber security today, this time discussing ransomware.  During which, Tom Costello claimed the best way to protect yourself from a ransomware attack is to back up your data.  This cannot be further from the truth.  First of all, backups do not protect you from becoming a victim of ransomware.  It can be […]

Continue reading


Wood River Police Department Catches Ransomware Before Major Issues Presented

Wood River Police Department of Illinois Hit With Ransomware According to The Telegraph, on March 5, 2017 the Wood River Police Department was hit with a malicious phishing attack that included ransomware.  The phishing attack was successful, infecting one computer.  However, the issues that presented after the attack set off red flags for the officers. […]

Continue reading


State Senate Crippled After Ransomware Attack

PA State Senate Ransomware Attack Pennsylvania senators were unable to access their computer networks and data after ransomware took over the Pennsylvania Senate’s computer systems.  According to 10 TV, the attack hasn’t affected the state’s networks, which are separate from the Senate’s computers. The ransomware variant that successfully infiltrated the Senate’s system is not being disclosed, nor […]

Continue reading


Corporations Boost Bitcoin Supply in Preparation for Ransomware Attacks

Companies Are Prepping to Pay Cyber Criminals According to Coin Telegraph, many corporations are preparing for ransomware attacks by increasing their supply of the non-traceable currency, bitcoins.  Since bitcoins are not traceable, it is typically the currency of choice by hackers. Am I the only one who thinks this is absolutely absurd? Malware attacks of […]

Continue reading