![The Legend of Zelda: Breath of the Wild – Hawa Koth Shrine Walkthrough [HD 1080P]](https://techcratic.com/wp-content/uploads/2024/11/1731550802_maxresdefault-360x180.jpg)
![2024 Newest Tesla Supercharger to CCS1 Charging Adapter [Max 500A, 1000V] NACS to CCS…](https://techcratic.com/wp-content/uploads/2024/11/81YgGp7X9dL._AC_SL1500_-360x180.jpg)
Stu Sjouwerman
2024-10-11 08:37:00
blog.knowbe4.com
The Trinity ransomware gang is launching double-extortion attacks against organizations in the healthcare sector, according to an advisory from the US Department of Health and Human Services (HHS). The ransomware gains initial access via phishing emails or software vulnerabilities.
“Trinity ransomware was first seen around May 2024,” the advisory says.
“It is a type of malicious software that infiltrates systems through several attack vectors, including phishing emails, malicious websites, and exploitation of software vulnerabilities. Upon installation, Trinity ransomware begins gathering system details such as the number of processors, available threads, and connected drives to optimize its multi-threaded encryption operations.
Next, Trinity ransomware will attempt to escalate its privileges by impersonating the token of a legitimate process. This allows it to evade security protocols and protections. Additionally, Trinity ransomware performs network scanning and lateral movement, indicating its ability to spread and carry out attacks across multiple systems in a targeted network.”
Like many other organized ransomware groups, Trinity steals a copy of the victim’s data before encrypting it, in order to increase pressure on the victim to pay the ransom.
“Trinity ransomware employs a double extortion strategy,” HHS explains.
“This involves exfiltrating sensitive data from victims before encrypting it, and then threatening to publish the data if the ransom is not paid. This is a tactic increasingly seen across newer ransomware strains targeting critical industries, particularly healthcare.
There has been a total of seven Trinity ransomware victims identified to date. Of these, two victims have been identified as healthcare providers, one based in the United Kingdom, and the other a United States-based gastroenterology services provider, where Trinity claims to have access to 330 GB of the organization’s data.”
New-school security awareness training can give your organization an essential layer of defense against ransomware attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
The HHS has the story.
Support Techcratic
If you find value in Techcratic’s insights and articles, consider supporting us with Bitcoin. Your support helps me, as a solo operator, continue delivering high-quality content while managing all the technical aspects, from server maintenance to blog writing, future updates, and improvements. Support Innovation! Thank you.
Bitcoin Address:
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge
Please verify this address before sending funds.
Bitcoin QR Code
Simply scan the QR code below to support Techcratic.
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
