amvinfe2d ago

๐’๐ข๐ง๐ ๐ข๐ง๐  ๐‘๐ข๐ฏ๐ž๐ซ ๐‡๐ž๐š๐ฅ๐ญ๐ก ๐’๐ฒ๐ฌ๐ญ๐ž๐ฆ: ๐๐ž๐ญ๐ฐ๐ž๐ž๐ง ๐‘๐š๐ง๐ฌ๐จ๐ฆ๐ฐ๐š๐ซ๐ž, ๐‹๐ž๐ ๐š๐ฅ ๐ƒ๐ข๐ฌ๐ฉ๐ฎ๐ญ๐ž๐ฌ, ๐š๐ง๐ ๐‘๐ž๐œ๐ฎ๐ซ๐ซ๐ข๐ง๐  ๐•๐ฎ๐ฅ๐ง๐ž๐ซ๐š๐›๐ข๐ฅ๐ข๐ญ๐ข๐ž๐ฌ

Just over two years after the devastating ransomware attack attributed to the Rhysida group, Singing River Health System (SRHS) has once again fallen victim to cybercrime. This time, the Anubis ransomware group has claimed responsibility for compromising the healthcare organizationโ€™s IT systems, stating that it stole sensitive data belonging to patients and employees before encrypting the infrastructure.

https://www.suspectfile.com/singing-river-health-system-between-ransomware-legal-disputes-and-recurring-vulnerabilities/

#Anubis #Data_Breach #HIPAA #PII #PHI #Ransomware #Rhysida #Singing #SRHS

RedPacket SecurityMay 25

[RHYSIDA] - Ransomware Victim: IDS Group - https://www.redpacketsecurity.com/rhysida-ransomware-victim-ids-group/

#rhysida #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[RHYSIDA] - Ransomware Victim: IDS Group - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security
RansomLookMay 25
New post from #Rhysida : Ids Group
More at : https://www.ransomlook.io/group/Rhysida #Ransomware
Rhysida ยท RansomLook

Open ransomware intelligence โ€” groups, markets, actors, crypto, stats.

Marcel SIneM(S)USMay 25
IT-Vorfall: Cybergang #Rhysida erpresst Stadt #Stuttgart | Security https://www.heise.de/news/Cybergang-Rhysida-behauptet-Datenklau-bei-Stadt-Stuttgart-11301736.html #CyberCrime
IT-Vorfall: Cybergang Rhysida erpresst Stadt Stuttgart

Die kriminelle Vereinigung Rhysida behauptet, bei der Stadt Stuttgart umfangreiche Dokumente aus der IT geklaut zu haben und will Lรถsegeld.

heise online
OTX BotMay 21

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware-signing-as-a-service (MSaaS) business used by cybercriminals to distribute malicious code, including ransomware. The actor abuses Microsoft Artifact Signing to generate fraudulent code-signing certificates, allowing malware to evade security controls. Fox Tempest created over a thousand certificates and established hundreds of Azure tenants to support operations. Microsoft revoked over one thousand certificates and disrupted the service in May 2026 through the Digital Crimes Unit. The operation enabled ransomware deployment including Rhysida by threat actors like Vanilla Tempest, and distributed malware families including Oyster, Lumma Stealer, and Vidar. The MSaaS was available through signspace[.]cloud, charging between $5000-$9000 USD. Attacks impacted healthcare, education, government, and financial services sectors globally.

Pulse ID: 6a0ca3690196d40952527b96
Pulse Link: https://otx.alienvault.com/pulse/6a0ca3690196d40952527b96
Pulse Author: AlienVault
Created: 2026-05-19 17:52:41

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Azure #Cloud #CyberSecurity #Education #Government #Healthcare #InfoSec #LummaStealer #Malware #Microsoft #OTX #OpenThreatExchange #RAT #RansomWare #Rhysida #Vidar #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
RansomLookMay 19
New post from #Rhysida : Landeshauptstadt Stuttgart
More at : https://www.ransomlook.io/group/Rhysida #Ransomware
Rhysida ยท RansomLook

Open ransomware intelligence โ€” groups, markets, actors, crypto, stats.

RedPacket SecurityMay 19

[RHYSIDA] - Ransomware Victim: Landeshauptstadt Stuttgart - https://www.redpacketsecurity.com/rhysida-ransomware-victim-landeshauptstadt-stuttgart/

#rhysida #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[RHYSIDA] - Ransomware Victim: Landeshauptstadt Stuttgart - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security
RedPacket SecurityMay 15

[RHYSIDA] - Ransomware Victim: Tower View Primary School - https://www.redpacketsecurity.com/rhysida-ransomware-victim-tower-view-primary-school/

#rhysida #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[RHYSIDA] - Ransomware Victim: Tower View Primary School - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security
RansomLookMay 15
New post from #Rhysida : Tower View Primary School
More at : https://www.ransomlook.io/group/Rhysida #Ransomware
Rhysida ยท RansomLook

Open ransomware intelligence โ€” groups, markets, actors, crypto, stats.

Show threadDysruptionHubMay 6
@verisizintisi there's nothing in that post that indicates a Rhysida claim. #Rhysida #CherryHealth #DataBreach @PogoWasRight