Montgomery County Alabama Suffers Massive Ransomware Attack

County Offices Not Functioning After Ransomware Crippled Systems Montgomery County of Alabama has been the latest ransomware attack victim.  The ransomware variant that wormed its way into the county’s systems has not been reported, nor has the ransom demand.  However, government officials stated they are doing everything in their power to restore the county’s systems […]

Continue reading


Top 5 Tips to Combat Ransomware

Top Tips to Keep Your Data Secure Recently Beta News published an article on how, The practical guide to fighting ransomware.  The article listed several tips, timelines for implementation, and explanations why the tips were important.  A vast majority of the information throughout the article was correct and indisputably great advice.  However, a few tips […]

Continue reading


Ransomware Attack Leaves Kansas County Government Without Computer Access

Hackers Target Butler County for Ransomware Attack Over the weekend the Butler County office, located in El Dorado Kansas, with hit a ransomware attack.  The variant has not been disclosed, nor has the ransom demand.  Although the county offices remain open, their computers remain inaccessible due to their systems being encrypted with ransomware.  Butler County […]

Continue reading


Companies Acknowledge The Risk of Ransomware in Their SEC Filings

Companies Aware of Ransomware Threats Many larger companies are aware of the cyber threats their organizations are facing on a daily basis.  To be sure the public is also aware of these threats, these companies have chosen to include cyber security disclosures as part of their SEC filings.  According to the Data Protection Report, the […]

Continue reading


Tennessee Inmates Get New Visitation Rights After Ransomware Took Down Video Visitation

Rutherford County Inmates Get New Visitation Rights The Rutherford County Sheriff’s Office, located in Murfreesboro, Tennessee, has been experiencing issues with their visitation capabilities after ransomware corrupted the video visitation systems.  The sheriff’s office has limited ability to remediate the issue, as the video systems are provided by VizVox.  The Daily News Journal has attempted […]

Continue reading


Ransomware Attack on Delaware Clinic Leaves 19K Patient’s Data Compromised

Delaware Clinic Falls Victim to Ransomware, Leaving Thousands of Patients Potentially Exposed Medical Oncology Hematology Consultants, a medical clinic located in Newark, Delaware was hit with ransomware.  In June, the malicious software riddled the clinic’s servers, leaving over 19,000 patient files potentially exposed.  The patient data compromised includes names, phone numbers, birth dates, as well […]

Continue reading


Ransomware Impacts Massachusetts Public Television for 6 Months

Boylston Massachusetts Public Television Suffers for Five Months After Ransomware Hit As of today, the Boylston public television channels and guides are back to normal.  In March, the station was hit with an unknown ransomware variant.  The ransom demand was not disclosed; however, it appears the demands were not met.  Six months after the attack, […]

Continue reading


South Carolina School District Pays Hackers to Retrieve Data

Hackers Make $2,900 From South Carolina School District Dorchester School District Two, of South Carolina, was hit with ransomware over the summer.  The attack was found when the district discovered over half of its data was inaccessible.  After further investigation, they found 25 servers riddled with an undisclosed ransomware variant.  The school district was unable […]

Continue reading


IRS Issues Ransomware Warning After Malicious Tax Email is Distributed

IRS Releases a Ransomware Warning to All Taxpayers The IRS has issued a new ransomware warning to all taxpayers.  Cyber criminals have begun sending out malicious email campaigns with a “message” from the IRS and FBI.  According to the email, tax payers must download a questionnaire regarding changes to the laws regarding tax compliance.  However, […]

Continue reading


70K Patient Files Exposed After Ransomware Hit Kansas Medical Facility

Ransomware Attack Leaves Thousands of Patient Files Exposed The Salina Family Healthcare Center, located in Salina, Kansas was hit with ransomware in June of 2017.   The ransom demands were not met.  Instead, the infected servers and endpoints were taken offline until they could be scrubbed and backups could be installed.  Now, two months after […]

Continue reading


Ransomware Leads to Over 33K Patient Files Being Leaked

Ransomware Went Undetected for a Month — Exposing Thousands of Patient Files St. Mark’s Surgical Center, located in Fort Myers, Florida was the victim of a ransomware attack in April.  However, the attack was not discovered until May, when the medical facility conducted a forensic investigation.  The event that triggered the investigation is not being […]

Continue reading


Ransomware Attack Creates Breach Concerns for LA Medical Center

LA Medical Center Infected With Ransomware Pacific Alliance Medical Center, located in Los Angeles California, suffered a ransomware attack in mid-June of 2017.  It is because of this attack, concerns of a data breach have risen.  With the hackers having access to the medical center’s systems, it is possible they had visibility to patient files […]

Continue reading


Script Engines Being Used to Distribute New Strain of Spora Ransomware

We’ve recently been covering scripting attacks in more detail on the Malware Research blog. These types of attacks have the ability to be completely fileless, as explained in a previous post. However, scripts also sometimes do come in files or accompany file-based malware. The new strain of Spora malware does just this. It uses a […]

Continue reading


Cerber Ransomware Expands It’s Corruption Power

Cerber is now draining bitcoin wallets, on top of encrypting files Cerber, a ransomware variant that has been notorious for making alterations to its malware to worsen the impact, has done it again.  Now the ransomware variant is targeting bitcoin wallets.  Once infected with Cerber, the malware will search the user’s device for different files […]

Continue reading


Ransomware Attack Creates Breach Concern for SD Medical Facility

Aftermath of South Dakota Medical Facility Ransomware Attack In February of 2017,  Plastic Surgery Associates of South Dakota was hit with a ransomware attack.  The malware left medical records encrypted, completely unavailable to staff.  The medical facility reached out to third-party investigators for assistance.  However, in April, all evidence was lost.  Therefore, it is unclear […]

Continue reading


300K Pennsylvania Patient Files Breached After Ransomware Hit

Pennsylvania Ransomware Attack Leads to Significant Breach An unknown ransomware variant hit the Women’s Health Group, located in Pennsylvania.  The ransomware hit impacted 45 offices.  However, officials reported the encrypted data was restored through the backup system. The ransomware attack also lead to a significant security breach, impacting approximately 300,000 patient files.  The information breached […]

Continue reading


And You Thought WannaCry and NotPetya Were Bad…

Money Wasn’t Their End-Game… Combined, WannaCry and NotPetya, the two global attacks that hit the world in the last 90 days, received payouts of approximately $150,000 USD.  To some it may sound like a lot – but to cyber criminals, that’s nothing.  WannaCry and NotPetya were not in corrupting company data with the end goal […]

Continue reading


Ransomware Investigation Discovered Bigger Issues

Breach discovered during ransomware investigation… The Peachtree Neurological Clinic, located in Atlanta, Georgia was hit with ransomware.  The clinic is not disclosing when the attack took place.  However, they did report not paying the ransom demand and restoring the files internally.  Although, throughout the investigation and remediation process, the medical facility learned of a security breach. […]

Continue reading


Largest San Francisco Radio Station Still Struggling After Ransomware Hit

Impact Still Felt, A Month After Ransomware Attack KQED, the largest radio station in San Francisco is still struggling to get back to day-to-day operations after ransomware took down their computers in mid-June.  Tech Talk first reported the attack on June 17th, just two days after the ransomware hit.  The station’s streaming services were pushed […]

Continue reading


Three Michigan Medical Facilities Corrupted by Ransomware

Caro Medical Facilities Paralyzed by Ransomware Three medical facilities, all tied to the Caro Community Hospital were infected with ransomware on July 5, 2017.  According to WNEM, the Caro Community Hospital, Caro Medical Clinic and the Caro Quick Care were impacted by the ransomware that hit the Caro Community Hospital’s database.  Once aware of the attack, […]

Continue reading


Canadian Firm Pays $425K in Ransom Demands

Cyber Criminals Take Down Canadian Company Last weekend, and unnamed Canadian firm was hit with ransomware.  IT World Canada reported, the ransomware was able to infiltrate the system by worming its way through vulnerabilities found in the company’s Windows operating system.  The malicious software took down the company’s databases and wiped out all of their […]

Continue reading


LeakerLocker Ransomware Takes Different Approach

LeakerLocker Doesn’t Encrypt… The new ransomware, LeakerLocker, is taking a different approach to exploiting their victims.  Instead of targeting PCs, LeakerLocker focuses on smart phones.  Within the device, they then create an unauthorized copy of the user’s pictures, videos and browsing history.  They then, threaten to share all of this information with every person in […]

Continue reading


Ransomware Strikes – Paralyzing Four Public Systems

Over the last three days, four different ransomware infections have been reported.  Each of which targeting public departments and organizations. WannaCry Takes Down Fire and Police Departments According to US News, two emergency systems in Tennessee were infected with ransomware.  The Murfreesboro Police and Fire Departments were hit, leaving their systems completely paralyzed.  It is unclear […]

Continue reading


Ohio Clinic Ransomware Infections Leads to Breach Concerns

Breach Concerns Raised After Ohio Clinic is Riddled with Ransomware The Ohio clinic, PVHS-ICM Employee Health and Wellness, located in Dublin, recently informed their patients of a ransomware attack that hit its servers in May of 2017.  The ransomware only infected one location.  Therefore, all other locations were not impacted.  The ransomware variant that attacked […]

Continue reading


Huntsville Clinic Notifies Patients of Ransomware Infection

Ransomware Infects Huntsville’s Cove Family and Sports Medicine Cove Family and Sports Medicine, located in Huntsville, Alabama, recently informed their patients of a ransomware attack that occurred in April of 2017.  The ransomware successfully infected with clinic’s systems, encrypting various files.  However, instead of paying the ransom demand, they were able to restore their own […]

Continue reading


Thomas Jefferson Monticello Attacked by Ransomware

Thomas Jefferson Monticello – Recent Ransomware Victim An unknown ransomware variant recently encrypted the computer and phone systems at the Thomas Jefferson Monitcello, located in Charlottesville, Virginia.  The Federal News Radio reported tours are being not interrupted.  However, all electronic transactions have been ceased until the matter can be resolved.  Therefore, all electronic tourist payments […]

Continue reading


Petya Creators Reveals Themselves to Confirm Latest Attack Was Not Petya

Ransomware Creator Verifies, Latest Global Attack was not Petya This week, another global attack hit the world.  Initial reports claimed the attack was a version of the Petya ransomware.  However, after further investigation, it was determined the global attack was not Petya.  It wasn’t even ransomware.  The malware variant spread throughout the attack, deemed NotPetya, […]

Continue reading


Calallen Independent School District’s Security Program Failed The Test

Calallen School’s Network Infected With Ransomware On June 25, 2017, Calallen Independent School District found themselves in a heap of trouble.  Officials began noticing something was wrong with their email systems, and quickly learned ransomware had infiltrated their networks. The exact variant of ransomware that hit the school district is uncertain.  However, officials did report […]

Continue reading


The Next Global Cyber Weapon Has Been Released

WannaCry ransomware hit the globe just over 30 days ago.  It was predicted, another global ransomware attack would take place sooner or later.  However, who would’ve thought instead of ransomware, it would be complete cyber warfare? NotPetya Spreads Around the World Initial reports of NotPetya, had researchers believing it was a variation of Petya, a […]

Continue reading


Cyber Attacks are Hitting England

England Targeted Victim of Cyber Attacks British Parliament Targeted in “Determined” Cyber Attack The British parliament was the recent victim of a “sustained and determined” cyber attack.  The attack was targeting weak email passwords.  The parliament was able to isolate the infection and took precautionary measures to mitigate the spread.  They decided by temporarily disabling […]

Continue reading


Backups Smackups, Prevention is the Real Key

Why Backing Up Your Data Won’t Work Let’s be honest, backing up your data is important.  Maybe more so for some users than others, but important nonetheless.  However, backups are not the golden ticket when it comes to restoring data after a malware attack.  Although they could be useful in restoring your files after a […]

Continue reading


Ransomware Attacks Two Medical Facilities

Two Medical Organizations Release Statements Regarding Ransomware Attacks Airway Oxygen Inc. Airway Oxygen Inc., a Michigan medical supply company, informed its patients of a ransomware attack that took place in mid-April.  The ransomware variant was not disclosed, nor was the amount of the ransom demand.  Airway Oxygen did not disclose if they paid the ransom, […]

Continue reading


WannaCry Continues to Infect Business Operations

Wanacrypt0r ransom screen

WannaCry Attacks Again… It has been over a month since the world was introduced to WannaCry ransomware.  However, even with increased awareness and preventative options in place, businesses are still being effected.  A Honda plant in Japan was the most recent victim of the WannaCry epidemic.  On June 18, 2017, the plant had to temporarily […]

Continue reading


Victim Pays $1M in Ransom After 153 Linux Servers Became Infected

Linux is not immune — 153 infections leading to 3,400 websites down The largest ransomware payout in history is taking place at this very moment.  Nayana, a web hosting company located in South Korea, was hit with ransomware on June 10th.  The ransomware variant, Erebus, successfully infiltrated 153 Linux servers, allowing the cyber criminals access […]

Continue reading


Streaming Services Pushed Offline After Ransomware Hit 

This is New — Ransomware Attacks Streaming Services Ransomware has hit schools, small businesses, large conglomerates, churches, and medical facilities — but now reports have been made that a California radio station has been hit.  KQED out of San Francisco was hit with ransomware late last week.  The unknown ransomware variant took down the radio’s […]

Continue reading


Midwestern Hospital Infected With Ransomware

Iowan Hospital Paralyzed by Ransomware On June 14, 2017 an unknown ransomware variant infected the Waverly Health Center, a hospital located in Waverly, Iowa.  Fortunately, the facility encrypts all of their patient data.  Therefore, the hackers were unable to obtain any of the patient’s personal information.  Although, the hackers were able to infect the systems, […]

Continue reading


Ransomware Attack Leads Hospitals to Suspend Emails

Unknown Ransomware Variant Infiltrates University College London The University College London (UCL) was hit with a ransomware attack yesterday afternoon.  After the UCL shared their systems had been infected, concerns were raised that another global ransomware attack, similar to WannaCry, was on its way.  Due to the strong ties between the UCL and the University […]

Continue reading


Apple Declines to Comment on Growing Malware Threats

Ransomware & Spyware Targets Apple’s Mac Computers With Apple’s market share growing, it is fair to assume cyber criminals will broaden their hacking horizons beyond Windows PCs.  Recently, ransomware was found targeting Mac computers.  Ransomware, or the malicious software that encrypts user data and demands payment in order for the user to regain access, has […]

Continue reading


The Top 10 Ransomware Myths Busted

Ransomware has become a popular topic over the last month.  The increased awareness to this growing cyber threat can likely be attributed to the WannaCry ransomware attack that hit worldwide in mid-May.  However, there are still several misconceptions regarding this form of malware. Top 10 Ransomware Myths Ransomware is just a virus. False – Ransomware […]

Continue reading


WanaCrypt0r Analysis Part II – SMB Exploit and Worm Component

Wanacrypt0r ransom screen

Introduction Part II of the WanaCrypt0r code analysis has arrived. We’re going to be starting out where we left off last time, which is with the Microsoft Windows MS17-010 Server Message Block (SMB) exploit/”worm component” that made the ransomware so dangerous by allowing it to spread to other vulnerable (not patched) systems on the network […]

Continue reading


98% of WannaCry Infections Occurred on Windows 7 Machines

Window XP Held Strong Against WannaCry – Despite Initial Reports The ransomware that took the world by storm in mid-May was found to be far less successful on Windows XP computers than originally thought.  WannaCry ransomware was believed to spread vigorously due to the outdated Windows XP operating system.  However, according to a recent study, […]

Continue reading


Why is the Healthcare Industry More Prone to Cyber-attacks?

Healthcare Industry – An Easy Target Over the past few days, we’ve seen a new ransomware called WannaCry or WannaCrypt wreak havoc across the globe, infecting hundreds of large corporations, such as FedEx, Telefonica, and Britain’s National Health Service (NHS). Though the ransomware continued to infect computers at a more subdued pace, many corporations are […]

Continue reading