Articles tagged "Ransomware"

Found 289 articles

The Payouts King ransomware has been discovered using the QEMU emulator to create hidden virtual machines on compromised systems, allowing it to bypass standard endpoint security measures. This technique enables attackers to maintain control over infected devices without detection. The malicious software sets up a reverse SSH backdoor, which can facilitate further exploitation or data theft. Organizations using vulnerable systems may find themselves at risk of data breaches or operational disruptions as this ransomware evolves. This incident emphasizes the need for enhanced security measures that can detect and mitigate such sophisticated attacks.

Read Original

Cookeville Regional Medical Center in Tennessee suffered a significant ransomware attack that compromised the data of approximately 337,917 individuals. The attack, attributed to the Rhysida hacking group, resulted in the theft of around 500GB of sensitive information from the hospital's systems. This breach raises serious concerns about patient privacy and data security in healthcare settings. The stolen data could include personal health information, which could be exploited for identity theft or other malicious purposes. Affected individuals may need to monitor their accounts closely and remain vigilant against potential phishing attempts or fraud.

Read Original

Cookeville Medical Center in Tennessee has informed over 337,000 patients about a ransomware attack that occurred in July 2025. The attack, attributed to the Rhysida ransomware group, compromised sensitive personal data, raising concerns about patient privacy and security. The medical center is taking steps to mitigate the impact, but the breach highlights the ongoing risks facing healthcare organizations. Patients are advised to monitor their accounts for unusual activity and to remain vigilant against potential phishing attempts that may arise as a result of the breach. This incident serves as a reminder of the vulnerabilities in the healthcare sector, where sensitive information is often targeted by cybercriminals.

Read Original

Autovista has confirmed that it has suffered a ransomware attack that is disrupting its applications, which are essential for automotive companies. These applications help businesses track asset values, market trends, and overall costs associated with vehicle ownership. The attack is affecting systems in both Europe and Australia, raising concerns among its clients who rely on this data for decision-making. The implications of this attack could lead to significant operational challenges for those companies that depend on Autovista's insights. As the situation develops, it will be important for affected businesses to assess their own cybersecurity measures and prepare for potential impacts on their operations.

Read Original
Actively Exploited

Cookeville Regional Medical Center in Tennessee experienced a significant data breach last year when the Rhysida ransomware group infiltrated its systems and stole approximately 500GB of sensitive data. This breach has affected around 337,000 patients, raising serious concerns about the privacy and security of their personal and medical information. Such incidents not only compromise individual data but also highlight vulnerabilities within healthcare systems, which are often targeted due to their sensitive data. The implications of this breach extend beyond the immediate risk to patients; it underscores the need for healthcare organizations to strengthen their cybersecurity measures to protect against similar attacks in the future.

Read Original

Autovista, a company specializing in automotive data analysis, has fallen victim to a ransomware attack. The company is currently collaborating with external cybersecurity experts to investigate the breach and assess the damage. While specific details about the attack and the extent of the data compromised have not been disclosed, ransomware incidents can have serious implications, potentially leading to data loss and operational disruptions. This incident raises concerns about the security of sensitive automotive data, which is crucial for manufacturers, dealers, and consumers alike. As the investigation unfolds, it will be important for the industry to monitor the situation closely and understand the vulnerabilities that allowed this attack to occur.

Read Original
Actively Exploited

According to Halcyon, ransomware attacks targeting automotive manufacturers have surged, now making up over 40% of all cyber-attacks against the sector. This increase marks a significant rise in cyber threats faced by carmakers, as attackers increasingly exploit vulnerabilities in automotive systems. The implications are serious, as these attacks can disrupt production, compromise sensitive customer data, and potentially jeopardize vehicle safety. As the automotive industry continues to integrate more technology into their vehicles, the risk of ransomware attacks is likely to grow, prompting manufacturers to bolster their cybersecurity measures. Companies in the automotive sector need to prioritize security to protect against these escalating threats.

Read Original

A new ransomware strain called JanaWare is targeting users in Turkey, focusing on home users and small to medium-sized businesses. The attackers are primarily spreading the malware through phishing emails that contain malicious Java archive files. This method of infection allows them to infiltrate systems quietly, posing a significant risk to individuals and organizations that may not have robust cybersecurity measures in place. The low-value, high-volume nature of these attacks suggests that the perpetrators are likely looking to maximize their reach rather than targeting high-profile victims. As more users fall prey to these phishing attempts, it raises concerns about the overall security posture of smaller businesses that may lack the resources to defend against such threats.

Read Original
Critical
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

ViperTunnel is a new backdoor malware linked to the DragonForce ransomware, specifically targeting businesses that operate on Windows servers in the US and the UK. This Python-based malware allows attackers to gain unauthorized access to systems, which can lead to data theft or further exploitation. Companies utilizing Windows server environments should be particularly vigilant, as the malware poses a significant risk to their operations and data security. The emergence of ViperTunnel highlights the ongoing challenges businesses face in protecting their networks from evolving ransomware threats. Organizations are urged to implement strong security measures and regularly update their systems to fend off such attacks.

Read Original
Actively Exploited

In March 2026, cybersecurity researchers from Check Point reported a significant concentration of ransomware attacks, with nearly half attributed to three specific groups. Qilin led the charge, responsible for 20% of the 672 attacks. Following them was Akira, accounting for 12%, and Dragonforce RaaS, which was linked to 8% of the incidents. This concentrated activity raises alarms for businesses and organizations, as it indicates that a small number of groups are driving a large portion of ransomware incidents. Companies need to bolster their defenses against these specific threats to protect their data and systems.

Read Original

ChipSoft, a prominent Dutch healthcare IT firm, experienced a ransomware attack that led to the shutdown of its HiX platform, impacting numerous hospitals and healthcare providers across the Netherlands and Belgium. This incident has disrupted access to electronic health records (EHR) for both medical staff and patients, raising concerns about patient care and data security. As a major provider of EHR systems, ChipSoft's services are critical for managing patient information and facilitating healthcare operations. The attack underscores the vulnerability of healthcare systems to cyber threats, which can have serious implications for patient safety and operational continuity. Authorities and healthcare organizations are now tasked with addressing the fallout and restoring services as quickly as possible.

Read Original
Actively Exploited

In March, three ransomware groups—Qilin, Akira, and Dragonforce—were responsible for a significant portion of cyberattacks, accounting for 40% of the 672 ransomware incidents reported, according to research from Check Point. This spike emphasizes the ongoing challenge organizations face from these malicious actors. The rise in activity from these specific gangs suggests a concentrated threat that could impact various sectors, as ransomware continues to be a lucrative avenue for cybercriminals. Companies and users need to stay vigilant and enhance their cybersecurity measures to protect against potential attacks. This situation serves as a reminder of the importance of regular system updates and employee training on recognizing phishing attempts, which are often the gateway for these types of attacks.

Read Original

ChipSoft, a Dutch healthcare software provider, has been hit by a ransomware attack that has disrupted its online services. The attack forced the company to take its website and digital services offline, affecting both patients and healthcare providers who rely on their systems for medical information and services. This incident raises concerns about the security of healthcare IT systems, especially as they handle sensitive patient data. The downtime could lead to delays in patient care and disrupt operations for healthcare professionals. As ransomware attacks continue to pose a significant threat to the healthcare sector, this incident serves as a reminder of the vulnerabilities present in digital health infrastructure.

Read Original

On April 7, 2026, ChipSoft, a healthcare software vendor based in the Netherlands, suffered a ransomware attack that has been confirmed by Z-CERT, the country's computer emergency response team for the healthcare sector. This incident raises serious concerns about the security of healthcare data, as ransomware attacks can disrupt medical services and compromise sensitive patient information. The attack's timing is particularly alarming given the essential role that healthcare software plays in patient care and operations. Authorities are likely working to assess the full impact of the breach and to assist affected healthcare providers in managing the fallout. This incident underscores the ongoing vulnerabilities in the healthcare sector regarding cybersecurity threats.

Read Original
Actively Exploited

Google's threat intelligence team has identified a new extortion group known as UNC6783, which appears to be linked to the Raccoon persona. This group is specifically targeting Business Process Outsourcing (BPO) companies and helpdesk services, indicating a shift in focus towards sectors that handle sensitive customer data. The group's tactics may involve ransomware or other extortion methods, which poses significant risks to affected organizations. Companies in the BPO sector should be vigilant and enhance their security measures to protect against potential breaches and data leaks. As this threat evolves, understanding the methods and motivations behind it will be crucial for businesses in these industries.

Read Original
PreviousPage 8 of 20Next