Most Recent Episode
Change Healthcare Extorted Again, Malvertising Targets IT, GitHub Scams on Developers: Navigating Cybersecurity Minefields Today we unravel the second ransomware extortion of Change Healthcare by RansomHub, the cunning malvertising campaign targeting IT pros with malware-laden ads for PuTTY and FileZilla, and the deceptive tactics on GitHub fooling developers into downloadi
Today we unravel the second ransomware extortion of Change Healthcare by RansomHub, the cunning malvertising campaign targeting IT pros with malware-laden ads for PuTTY and FileZilla, and the deceptive tactics on GitHub fooling developers into downloading malware. Discover protective strategies and engage with expert insights on bolstering defenses against these evolving cyber threats.
Original URLs:
https://www.securityweek.com/second-ransomware-group-extorting-change-healthcare/
https://www.helpnetsecurity.com/2024/04/10/malvertising-putty-filezilla/
https://thehackernews.com/2024/04/beware-githubs-fake-popularity-scam.html
https://www.bleepingcomputer.com/news/security/malicious-visual-studio-projects-on-github-push-keyzetsu-malware/
Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/
Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/
Logo Design by https://www.zackgraber.com/
Tags: cybersecurity, ransomware, malvertising, GitHub scams, Change Healthcare, IT professionals, data protection, cybercrime, malware, software development
Search Phrases:
How to protect against ransomware attacks
Strategies to combat malvertising campaigns
Tips for IT professionals on avoiding malicious ads
Safeguarding software development from GitHub scams
Change Healthcare ransomware extortion case study
Cybersecurity advice for IT administrators
Dealing with malware in system utilities ads
Best practices for data protection in healthcare
Understanding cybercrime tactics on GitHub
Preventing repeated ransomware extortions
Transcript:
Transition (Long) 2
Welcome back to the Daily Decrypt.
Change Healthcare falls victim to a second ransomware extortion in just a month, now at the hands of the Emergent Ransom Hub Group, wielding over 4 terabytes of sensitive data stolen in the February 2024 cyberattack. Which comes as a result from the Black Cat Exit Scam.
Next, we're turning over to a new malvertising campaign where searching for essential utilities for IT professionals like Putty and Filezilla leads to malware laden ads, and you all know what I'm going to say about this. Don't click Google Ads. And finally, GitHub becomes a battlefield as cybercriminals exploit its search functionality to trick developers into downloading repositories full of malware. How can developers ensure the repositories they download from GitHub are safe and not just traps set by cybercriminals?
All right, so at the end of February of this year, you may remember that Change Healthcare, which is a subsidiary of UnitedHealthcare, was the victim of a ransomware attack by
the notorious and since disbanded ransomware group named Black Cat. Well, Change Healthcare finds itself in the crosshairs of a ransomware extortion scheme for the second time in just over a month, coming from a new ransomware group called Ransom Hub. There hasn't been a second attack.
But this is believed to be a result of the exit scam that Black Cat pulled,
where they kept all of the ransom payment that Change Healthcare had made.
Allegedly, Optum, which is a subsidiary of Change Healthcare, paid Black Cat 22 million in ransom after the attack. Black Cat then pulled an apparent exit scam and disappeared without paying the affiliate who carried out the attack.
And according to Qualys Cyber Threat Director Ken Dunham, it's not uncommon for
companies that give in and pay these ransoms
to quickly become additional targets or soft targets where their information is extorted again and again and again. Paying and giving into these ransomware artists might seem like a quick fix to your problems, but once you've proven that you will and can pay, they're gonna come after you again. The data doesn't just disappear or get deleted.
It's very valuable, and in this case it's worth 22 million dollars, so even if the attackers say they're gonna delete it, mayb
GUID: https://dailydecrypt.news/?post_type=podcast&p=527
Release Date: 11/04/2024, 06:08:00
