Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022.
Threat Advisories and Alerts
North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations
North Korea state-sponsored cyber actors are infecting the systems of U.S. healthcare organizations with Maui ransomware. The malware encrypts the servers of healthcare services—which can freeze up their electronic health care records, diagnostic services, imaging services and other critical functions—disrupting their operations for prolonged periods. Why are healthcare organizations targets? They are more likely to pay ransoms. According to Sophos' State of Ransomware in Healthcare 2022 report, 61% of healthcare organizations agreed to pay, which is a rate 15% higher than the global average.
Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-187a
MedusaLocker ransomware strikes again
The MedusaLocker ransomware, which was first seen in September 2019, has again been observed this past May. The ransomware predominately infects victims’ networks through vulnerabilities in Remote Desktop Protocol, but also may gain entry via phishing campaigns in which the malware is attached to emails. Like typical ransomware, files are encrypted upon infection and a note provides instruction to pay the ransom. MedusaLocker seems to operate as a Ransomware-as-a-Service, as the ransom payments appear to be split between the developer and affiliate.
Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-181a
Emerging Threats and Research
Cybercriminals Masquerade as Security Companies in Sophisticated Phishing Campaign
Last Friday, the American cybersecurity company CrowdStrike detected ..
Support the originator by clicking the read the rest link below.
