Select Page
Slide 1

Weekly

Ransomware Roundup

May 27th - 31st, 2024

Oil Giant Shell Breached: Data of Thousands Leaked on BreachForums

Details allegedly describing a possible Shell data breach in May 2024 surfaced on the forum BreachForums, apparently disclosing records tied to about 80,000 consumers across nine nations. The reported stolen information involved names, addresses, login credentials, and loyalty point balances. Shell has yet to validate or comment on the cybersecurity event. Read more

Cencora Data Breach Exposes Patient Data from 11 Pharmaceutical Companies

A February 2024 cyber incident targeting Cencora, resulted in unauthorized access to their networks. This access allowed personal information belonging to individuals from 11 major drug companies to be stolen, including names, addresses, medical records, and prescriptions. Read more

Helsinki Data Breach Exposes Personal Details of Thousands

One of Finland's most significant data breaches saw an unknown perpetrator access a city system containing highly sensitive individual details for hundreds of thousands of Helsinki residents. The purloined cached material included identification numbers, home locations, and nationality records, putting people at risk of identification theft. The city administration was criticized for not promptly fixing a prior known exploited vulnerability. Read more

Pharmacy Benefit Manager Sav-Rx Data Breach Impacts 2.8 Million Americans

An investigation by the large pharmacy benefit provider Sav-Rx found that unauthorized third parties had gained access to non-clinical systems as early as October 2023, extracting files holding names, addresses, social security numbers, medical IDs and other personal data of about 2.8 million Americans. While misuse is unconfirmed so far, affected individuals received credit monitoring help. Read more

Man-in-the-Middle Attack: Cyberthreat Amidst Data Streams

Main-in-the-Middle (MitM) attacks allow threat actors to covertly intercept network traffic, undermining data security. As techniques like packet sniffing and SSL stripping become more advanced, companies need robust protections like encryption, MFA, and network monitoring combined with employee training. Read our blog to strengthen your defenses against modern MitM tactics. Read more

ShinyHunters Claim Ticketmaster Data Breach: Payment Data of 560 Million on Sale on Darkweb

The hacking group ShinyHunters took responsibility for infiltrating Ticketmaster systems and offering an enormous database comprising particulars of over 560 million global users available for sale on dark web forums. The allegedly records reportedly contained names, addresses, payment details, and additional individual information. Read more

Promo
Immutable Gateway to Azure or AWS for $2 per TB /month

File Gateway to Azure, AWS or any other S3 compatible cloud or StoneFly private cloud. Archive high volumes of data with immutable gateway for $2 per TB/month.

Connect to S3 cloud & map it to your servers, applications or Backup & DR systems. It supports multiple protocols including NFS, CIFS/SMB, and REST API.

Install StoneFly virtual Smart cloud Gateway on your hypervisor or get the hardware gateway appliance and use it as file cloud storage.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

May 20th - 24th, 2024

Banking Malware Grandoreiro is Back After Police Disruption to Target Banks Globally

The "Grandoreiro" banking trojan resurfaced in operations this March targeting over 1500 financial institutions in more than 60 countries. Utilizing new evasion techniques, the malware enables theft directly from customer accounts. Further analysis found that threat actors were aspiring for widespread international activities. Detections spiked significantly across continents from Europe to Asia and Africa. Read more

American Radio Relay League Cyberattack Disrupts Key Online Services

The American Radio Relay League, a prominent ham radio non-profit, recently fell victim to a cyberattack. An advanced malware variant infiltrated key systems disrupting critical online services including the Logbook of the World database for tracking operator contacts. Members still await status updates on the recovery efforts. Read more

Philippine National Police (PNP) Data Breached: Gun Related Transactions Shut Down

The Philippine National Police's Firearms and Explosives Office database was compromised, affecting the agency's online gun licensing system. The same actor responsible for an earlier breach of the PNP's Logistics Data Information Management System is suspected. As a precaution, all PNP systems providing frontline services were shut down while the investigation examines potential privacy implications and how to strengthen protections of citizens' sensitive data going forward. Read more

Western Sydney University (WSU) Data Breached: 7500 Students Affected

Western Sydney University disclosed unauthorized access to their Microsoft environment between May 2021-January 2022 impacted approximately 7500 students and employees. Some emails and files were viewed during the seven-month intrusion. Further investigation found student details with names, DOBs, emails were compromised when an excel sheet was accessed. Risk notification policies and tools are being reviewed to safeguard academic communities. Read more

Akira Ransomware: How It Works, Who It Targets, and How to Stay Safe

Akira ransomware is on the rise encrypting data and stealing sensitive information. This in-depth guide explains how Akira works, why it's a serious threat, and most importantly, how to fortify your defenses. Read more

Lockbit Ransomware Group Claims London Drugs Ransomware Attack

Canadian pharmacy chain London Drugs was hit by a Lockbit ransomware attack in late April that stole employee files. The cybercriminals originally demanded $8 million ransom, increasing to $25 million. London Drugs refused to pay and temporarily closed stores for recovery. Lockbit claims to have leaked data but the full breach impact remains unclear. Read more

Promo
Veeam License Renewal Can Qualify You for Protect Plus Plan

Introducing our Certified Enterprise Protect plus Plan for every Veeam Renewal due within next 6 months. This plan includes comprehensive planning, Monitoring, Testing, upgrade, optimization, training, Audit, Review and development of your Backup & Disaster Recovery policy and procedures plus best Immutable and Air-gapped security against Ransomware.

Every Veeam Renewal can also qualify you for remarkable $500 discount off the list price on any new purchase of StoneFly Immutable and Air-Gapped Veeam Backup Appliance.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

May 13th - 17th, 2024

Christie's Website Breached Just Before Mega Auction Week

Christie's suffered a compromising data breach shortly before a monumental auction. Hackers breached customer credentials, potentially accessing names, addresses, phone numbers, purchase histories and more of wealthy bidders seeking valuable artworks worth hundreds of millions. The hack exposed customers and valuable assets to significant fraud risks. Read more

Black Basta Ransomware Targets Ascension Healthcare: Feds Issue Warning

The FBI issued an alert warning healthcare organizations of the Black Basta ransomware used in an attack on Ascension, one of the largest nonprofit health systems in the US. The ransomware encrypted critical systems, severely disrupting medical services at hospitals across multiple states. Attackers demanded ransom payments to restore access to records, negatively impacting appointment scheduling and requiring ambulance diversions amid the disruption. Read more

Rockford Public Schools Ransomware Attack Encrypted and Stole Student Data

A ransomware attack crippled Rockford Public Schools, encrypting essential files and systems. With technologies offline, classes were cancelled or moved online. Stolen sensitive data like grades, health records and test scores placed learning in jeopardy and required extensive remediation work. Read more

Santander Bank Data Breach Exposes Customer and Employee Details

Spanish banking giant Santander notified authorities of a serious data breach exposing confidential records. A third party compromise enabled access to personal data of clients and employees in Spain, Chile and Uruguay, including names, IDs, addresses, account activity and payroll details. Thousands potentially faced identity theft and fraud risks. Read more

Zero Trust: Enterprise Security for Ransomware Protection

As ransomware poses an increasing threat, traditional network security is no longer sufficient. Zero Trust architecture is a holistic cybersecurity model based on continuous verification without assumptions of trust. Zero Trust provides a robust foundation for protecting critical enterprise assets and data. Learn how StoneFly solutions can help integrate ZTA in your organization’s cybersecurity strategy. Read more

Nissan Data Breach Exposes Social Security Numbers of Over 53000 Employees

A probe into a November 2023 Nissan cyberattack revealed hijacked VPN credentials enabled unauthorized access. While initially believing only less sensitive data was at risk, Nissan discovered Social Security numbers and additional personal records of over 53,000 past and present staff were in fact compromised in the security breach. Read more

Promo
128TB Veeam, Rubrik, Commvault Immutable & Air-gapped Backup & DR Appliance $9,995

128TB Veeam, Rubrik, Commvault Fully automated Immutable and Air-gapped Backup & DR Appliance with object lockdown, file lockdown, incremental and full snapshots, replication, and instant multi-VM recovery for $9,995.

It is 2U, 8 Bay Rackmount unit fully populated with 8x16TB Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 1TB NVMe SSD for virtualization, Dual 10Gb RJ-45 Ports, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller.

Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.

For demos and details, contact us.

Slide 1

Weekly

Ransomware Roundup

May 6th - 10th, 2024

Ascension Healthcare Takes Systems Offline after Major Cyberattack

Non-profit healthcare network Ascension took clinical systems offline after detecting unusual activity due to a major cyberattack, disrupting operations across its 140 US hospitals. The incident is still under Mandiant investigation to assess full impacts on the millions of patients served and Ascension's recovery timelines. Read more

Dell Data Breached: 49 Million Records on Sale on Dark Web

Dell confirmed a data breach impacting 49 million customers globally. A threat actor gained access to Dell customer databases and attempted to sell stolen information, including names, addresses and purchase details, on hacking forums. While no financial data was taken, experts warn of targeted phishing using physical addresses. Read more

UK’s MoD Breached: China Hacked Ministry of Defence

The UK Ministry of Defense (MoD) fell victim to a major data breach exposing the personal details of over 270,000 armed forces after a payroll system was hacked. While salaries were paid, restoration of backed-up systems after the infiltration of sophisticated ransomware remains an ongoing process. Read more

City of Wichita Ransomware Attack Causes Major Disruptions

The City of Wichita in Kansas fell victim to a ransomware attack in late 2023 encrypting critical data and shutting down internal systems and public services like online bill payments and emergency dispatch. The ransomware gang 'Babuk Locker' demanded ransom as the city underwent lengthy recovery efforts restoring systems from backups. Read more

Zero Trust: Enterprise Security for Ransomware Protection

As ransomware poses an increasing threat, traditional network security is no longer sufficient. Zero Trust architecture is a holistic cybersecurity model based on continuous verification without assumptions of trust. Zero Trust provides a robust foundation for protecting critical enterprise assets and data. Learn how StoneFly solutions can help integrate ZTA in your organization’s cybersecurity strategy. Read more

Android Malware Attacks Finland's Banking Customers

Finnish authorities warned of an Android banking malware campaign that was using SMS phishing and vishing calls to trick victims into installing a fake antivirus application, which was actually banking malware dubbed "Vultur". This malware provided remote access and was used to transfer over €102,000 out of one victim's bank account without authorization. Authorities urged vigilance against such social engineering attacks. Read more

Promo
Veeam License Renewal Can Qualify You for Protect Plus Plan

Introducing our Certified Enterprise Protect plus Plan for every Veeam Renewal due within next 6 months. This plan includes comprehensive planning, Monitoring, Testing, upgrade, optimization, training, Audit, Review and development of your Backup & Disaster Recovery policy and procedures plus best Immutable and Air-gapped security against Ransomware.

Every Veeam Renewal can also qualify you for remarkable $500 discount off the list price on any new purchase of StoneFly Immutable and Air-Gapped Veeam Backup Appliance.

For demos and details, contact us.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email