Related Families: Babuk
Verticals Targeted: Healthcare, Finance, Insurance
RA World Ransomware Targets Healthcare Entities
Mar 18, 2024 2:36:58 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Babuk, Latin America, RA World
Phobos Targeting Critical Infrastructure
Mar 15, 2024 2:49:12 PM / by The Hivemind posted in Threat Bulletin, Government, Critical Infrastructure, Ransomware, Healthcare, Energy, Education, Phobos, Emergency Services
Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare
Executive Summary
CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.
Rhysida On The Rampage
Nov 27, 2023 1:24:03 PM / by The Hivemind posted in Government, Healthcare, Technology, Education, Manufacturing, Various
Verticals Targeted: Education, Government, Manufacturing, Technology, Healthcare, Various
Executive Summary
New Rhysida activity has prompted the release of a joint cybersecurity advisory providing additional details on the ransomware group’s TTPs and operations.
Rhysida and LockBit Observed Targeting the Healthcare Vertical
Aug 14, 2023 2:34:16 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, Healthcare, SILENTKILL, Rhysida
Related Families: Rhysida, SILENTKILL, LockBit
Verticals Targeted: Healthcare
Ransomware Threats to the Healthcare Vertical
Aug 11, 2023 1:34:43 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare
Verticals Targeted: Healthcare
YoroTrooper Targeting Energy & Government Entities
Mar 24, 2023 2:58:36 PM / by The Hivemind posted in Threat Bulletin, Government, Healthcare, YoroTrooper, CIS, Energy
Related Families: Custom Python tools, AveMaria, Warzone RAT, LodaRAT, Stink
Verticals Targeted: Energy, Government, Healthcare
Executive Summary
YoroTrooper is a threat actor group observed targeting energy and government entities and an EU healthcare organization. Although YoroTrooper uses commodity and open-source tools, most of their final payloads are custom developed.
Recent Threats to the Healthcare Vertical
Nov 14, 2022 12:49:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Healthcare, Data Theft, Extortion, Data Leak
Verticals Targeted: Healthcare
Executive Summary
Multiple incidents in the last few months highlight the ongoing threats to the Healthcare vertical. These incidents have included data leaks, data theft and extortion, ransomware, and other cyber attacks.
Recent Ransomware Threats to Healthcare
Jul 21, 2022 1:27:35 PM / by PolySwarm Tech Team posted in Threat Bulletin, North Korea, Ransomware, Iran, IcedID, Healthcare, Maui, Quantum, Hospital
Executive Summary
Multiple ransomware families have been used to target the healthcare vertical in the past year. In this report, we cover recently reported attacks on the healthcare vertical leveraging Maui and Quantum ransomware families.