It’s been a big month for US data privacy. Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up to eight. No private right of action in any of those, which means it’s up to the states to enforce the laws.
Related Posts
Megazord Ransomware Attacking Healthcare And Government Entities
Megazord Ransomware Attacking Healthcare And Government Entities
[[{“value”:”
Hackers primarily use ransomware to gain financial gain from their victims by blackmailing them for payments to recover their encrypted files and systems.
However, ransomware can also be weaponized as a destructive cyber weapon that creates confusion in critical infrastructures.
Megazord ransomware has been actively attacking healthcare and government entities.
Megazord Ransomware Attack
In addition, ransomware can also be deployed by some threat actors who steal data that is then sold on deep web markets or used for carrying out further extortions.
Certain hackers may be driven by political reasons to deploy ransomware against enemy countries or ideological enemies.
Megazord is a Rust-coded ransomware targeting healthcare, education, and government. Initial access originates from spear-phishing and exploiting vulnerabilities.
Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot
It uses RDP and IP scanners to detect lateral movement within victims. Post-compromise terminates processes and services before encrypting local data storage and files.
It primarily focuses attacks on critical sectors like healthcare.
Files encrypted with the “POWERRANGES” extension include a ransom note named “powerranges.txt” in each affected folder. The note directs victims to contact the threat actor via the TOX messenger using a unique Telegram channel link.
Various industries are indiscriminately targeted by Megazord operators, who seek initial entry through techniques such as spear phishing and exploiting vulnerabilities.
They utilize LOLBINS and existing infrastructure to extend their stay on a network using Remote Desktop Protocol (RDP), Advanced IP Scanner, and NET.EXE for moving laterally.
Megazord terminates numerous processes and services at execution to facilitate encryption done by separate CMD.EXE instances and looks for local virtual machines in an attempt to terminate them.
Apart from this, the Megazord shares several code similarities with Akira, which is why it is thought to be linked to Akira ransomware.
Moreover, the Symantec detection covers signatures like:-
File-Based
Ransom.Akira!g2
Trojan.Gen.MBT
W97M.Downloader
WS.Malware.1
Machine Learning-Based
Heur.AdvML.A!300
Heur.AdvML.B
Heur.AdvML.B!100
Heur.AdvML.B!200
Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.
The post Megazord Ransomware Attacking Healthcare And Government Entities appeared first on Cyber Security News.
“}]] Read More
Cyber Security News
Google Chrome’s organize tabs will automatically reorder tabs
Google Chrome’s organize tabs will automatically reorder tabs
In a bid to upgrade user experience, the Chrome team is developing an “Organise Tabs” feature, soon to be seen at the top left corner of the browser, adjacent to the tab search function. This new addition would be a natural extension of Tab Groups functionality. […] Read More
BleepingComputer
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
[[{“value”:”The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years.
Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam.
"Volt Typhoon’s choice of targets and pattern”}]] Read More
The Hacker News | #1 Trusted Cybersecurity News Site