Keytronic confirms data breach after ransomware gang leaks stolen files
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [...]
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [...]
NHS England revealed today that multiple London hospitals impacted by last week's Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs. [...]
Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by an employee who downloaded a malicious file onto a company device. [...]
All Patients, Employees Offered Credit Monitoring While Investigation ContinuesRansomware attackers stole files that potentially contain patient and employee data from seven of Ascension's 25,000 servers. The hackers gained access to the organization's network when an employee inadvertently downloaded a file containing malware, said the Missouri-based healthcare system.
Also: Ukraine Arrests Alleged Ransomware Developer; Patches Galore; and BurnoutThis week, feds counted cyber incidents; Ukraine made arrest; BlackBasta seemed to exploit flaw; 51 flaws in Patch Tuesday; SolarWinds, JetBrains patched flaws; Alan Turning Institute debunked paper on AI; Santander wants password changes; Christie's spoke of data breach and cyber pros face burnout.
The Toronto District School Board (TDSB) is warning that it suffered a ransomware attack on its software testing environment and is now investigating whether any personal information was exposed. [...]
U.S. food chain giant Panera Bread is notifying employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack. [...]
It's critical for CISOs to study what went wrong in major ransomware IT disruptions and breaches hitting the healthcare sector and to look closely within their own organizations for similar gaps or vulnerabilities, said Michael Prakhye, CISO of Adventist HealthCare.
28-year-old accused of major ransomware attacks across Europe An alleged cog in the Conti and LockBit ransomware machines is now in handcuffs after Ukrainian police raided his home this week.…
Healthcare firm Ascension said that ransomware attackers gained access to its systems after an employee accidently downloaded a malicious file
Ukrainian police appear to have arrested a cryptor specialist with links to major ransomware groups
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups
Symantec suggests Black Basta crew beat Microsoft to the patch The Black Basta ransomware gang may have exploited a now-patched Windows privilege escalation bug as a zero-day, according to Symantec's threat hunters.…
A study investigating the impact of ransomware attacks on hospitals and the ripple effect on nearby facilities is a call to action for policymakers to seriously address how those assaults can be better handled in the health sector, said researchers Rahi Abouk and David Powell.
As city officials continue to investigate, it's unclear which systems were affected and whether it was a ransomware attack.
Accused cybercriminal has special skills that helped Conti and LockBit ransomware evade detection, according to law enforcement.
The MOVEit breach and ransomware weren’t kind to the Feds last year The number of cybersecurity incidents reported by US federal agencies rose 9.9 percent year-on-year (YoY) in 2023 to a total of 32,211, per a new White House report, which also spilled the details on the most serious incidents suffered across the government.…
An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. [...]