U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Snake Ransomware hits Europe’s largest private hospital operator Fresenius during COVID-19 outbreak

Snake Ransomware operators launched a new campaign that has infected numerous companies worldwide including an health care organization. The operators behind the Snake Ransomware have launched a new campaign that targeted companies worldwide and that infected at least one organization in the healthcare industry over the last few days. In January experts observed a new […]

snake ransomware id-ransomware

Snake Ransomware operators launched a new campaign that has infected numerous companies worldwide including an health care organization.

The operators behind the Snake Ransomware have launched a new campaign that targeted companies worldwide and that infected at least one organization in the healthcare industry over the last few days.

In January experts observed a new wave of attacks that targeted organizations worldwide, experts from SentinelOne also discovered Snake Ransomware that was targeting processes and files associated with industrial control systems (ICS).

The activity of the gang was relatively quiet during the COVID-19 outbreak since May 4, when the ransomware operators launched a massive campaign that targeted organizations worldwide.

The spike in the attack associated with this specific threat is confirmed by data shared by the ransomware identification site ID Ransomware that demonstrates a massive jump in submissions to the service.

“Starting on May 4th, ransomware identification site, ID Ransomware, showed a massive jump in submissions after seeing a few here and there over the last couple of months.” reported BleepingComputer.

Snake Ransomware is suspected to have been employed in a ransomware attack that hit Fresenius Group, Europe’s largest hospital provider.

“Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues,” reported the popular investigator Brian Krebs.

Fresenius provides products and services for dialysis, hospitals, and inpatient and outpatient care, the products of the company are very important to cure patients affected by COVID-19 because many of them face kidney failure.

According to Krebs, this isn’t the first ransomware attack suffered by Fresenius, the company already paid $1.5 million to resume operations after a previous ransomware infection.

Snake ransomware operators, like other ones, also steal unencrypted files before encrypting the infected systems, then they threaten the victims to release the data if they don’t pay the ransom.

“As noted by MalwareHunterTeam, the ransom note named ‘Decrypt-Your-Files.txt’ from this week’s attacks, the Snake operators have added text stating that they will publish stolen databases and document if not paid within 48 hours.” reported BleepingComputer.

Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Facebook, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]