Latest news with #LorenzoFranceschiBicchierai
TechCrunch
4 days ago
- Health
- TechCrunch
Ransomware gang claims responsibility for Kettering Health hack
A ransomware gang claimed responsibility for the hack on Kettering Health, a network of hospitals, clinics, and medical centers in Ohio. The healthcare system is still recovering two weeks after the ransomware attack forced it to shut down all its computer systems. Interlock, a relatively new ransomware group that has targeted healthcare organizations in the U.S. since September 2024, published a post on its official dark web site, claiming to have stolen more than 940 gigabytes of data from Kettering Health. CNN first reported on May 20 that Interlock was behind the breach on Kettering Health. At the time, however, Interlock had not publicly taken credit. Usually, that can mean the cybercriminals are attempting to extort a ransom from their victims, threatening to release stolen data. The fact that Interlock has now come forward could indicate that the negotiations have gone nowhere. Contact Us Do you have more information about Kettering Health's ransomware incident? Or other ransomware attacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about Kettering Health's ransomware incident? Or other ransomware attacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . Kettering Health's senior vice president of emergency operations, John Weimer, previously told local media that the healthcare company had not paid the hackers a ransom. TK, a spokesperson for Kettering Health, did not provide comment when reached by TechCrunch on Wednesday. Interlock did not respond to a request for comment sent to an email address listed on its dark web site. A brief review of some of the files Interlock published on its dark web site appears to show the hackers were able to steal an array of data from Kettering Health's internal network, including: private health information, such as patient names, patient numbers, and clinical summaries written by doctors, which include categories such as mental status, medications, health concerns, and other categories of patient data. Other stolen data includes employee data and the contents of shared drives. Techcrunch event Save now through June 4 for TechCrunch Sessions: AI Save $300 on your ticket to TC Sessions: AI—and get 50% off a second. Hear from leaders at OpenAI, Anthropic, Khosla Ventures, and more during a full day of expert insights, hands-on workshops, and high-impact networking. These low-rate deals disappear when the doors open on June 5. Exhibit at TechCrunch Sessions: AI Secure your spot at TC Sessions: AI and show 1,200+ decision-makers what you've built — without the big spend. Available through May 9 or while tables last. Berkeley, CA | REGISTER NOW One of the folders contains documents, such as background files, polygraphs, and other private identifying information of police officers with Kettering Health Police Department. On Monday, Kettering Health published an update on the cyberattack, saying the company was able to restore 'core components' of its electronic health record system, which is provided by Epic, a healthcare software company. The company said this was 'a major milestone in our broader restoration efforts and a vital step toward returning to normal operations,' that allows it to 'to update and access electronic health records, facilitate communication across care teams, and coordinate patient care with greater speed and clarity.'
TechCrunch
5 days ago
- Business
- TechCrunch
Phone chipmaker Qualcomm fixes three zero-days exploited by hackers
Chipmaker giant Qualcomm released patches on Monday fixing a series of vulnerabilities in dozens of chips, including three zero-days that the company said may be in use as part of hacking campaigns. Qualcomm cited Google's Threat Analysis Group, or TAG, which investigates government-backed cyberattacks, saying the three flaws 'may be under limited, targeted exploitation.' According to the company's bulletin, Google's Android security team reported the three zero-days (CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038) to Qualcomm in February. Zero-days are security vulnerabilities that are not known to the software or hardware maker at the time of their discovery, making them extremely valuable for cybercriminals and government hackers. Because of Android's open source and distributed nature, it's now up to device manufacturers to apply the patches provided by Qualcomm, which means some devices may still be vulnerable for several more weeks, despite the fact that there are patches available. Contact Us Do you have more information about these Qualcomm zero-days? Or other zero-day exploits or zero-day makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about these Qualcomm zero-days? Or other zero-day exploits or zero-day makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . Qualcomm said in the bulletin that the patches 'have been made available to [device makers] in May together with a strong recommendation to deploy the update on affected devices as soon as possible.' Google spokesperson Ed Fernandez told TechCrunch that the company's Pixel devices are not affected by these Qualcomm vulnerabilities. When reached by TechCrunch, a spokesperson for Google's TAG did not immediately provide more information about these vulnerabilities, and the circumstances in which TAG found them. Qualcomm did not respond to a request for comment. Chipsets found in mobile devices are frequent targets for hackers and zero-day exploit developers because chips generally have wide access to the rest of the operating system, which means hackers can jump from there to other parts of the device that may hold sensitive data. In the last few months, there have been documented cases of exploitation against Qualcomm chipsets. Last year, Amnesty International identified a Qualcomm zero-day that was being used by Serbian authorities, likely by using phone unlocking tool maker Cellebrite.
TechCrunch
6 days ago
- Business
- TechCrunch
NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous'
In May, a jury ruled that spyware maker NSO Group must pay $167 million in damages to WhatsApp for a 2019 hacking campaign that targeted more than 1,400 people. Calling the damages ruling 'outrageous,' 'blatantly unlawful,' and 'unconstitutionally excessive,' NSO Group now wants the judge overseeing the case to reduce the amount, or order a new trial. On Thursday, the company filed a motion for a new trial or a 'remittitur,' which is a procedure that allows a court to reduce an excessive verdict. Contact Us Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about NSO Group, or other spyware companies? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . The filing was first reported by legal news outlets Law360 and MLex. In the court filing, NSO Group's lawyers said that the 'outrageous punitive award exceeds the maximum lawful punitive damages award in this case by many orders of magnitude.' The lawyers argued that the amount ordered in punitive damages — the $167 million — violates limits that say the jury should not award damages 'greater than four times compensatory damages,' which were $444,719 in this case. The lawyers also argued that the jury's award is 'unlawful because it reflects the improper desire to bankrupt NSO out of general hostility toward its business activities other than the limited conduct for which punitive damages could be awarded in this case.' WhatsApp spokesperson Margarita Franklin told TechCrunch in a statement that WhatsApp will keep fighting the case. Techcrunch event Save now through June 4 for TechCrunch Sessions: AI Save $300 on your ticket to TC Sessions: AI—and get 50% off a second. Hear from leaders at OpenAI, Anthropic, Khosla Ventures, and more during a full day of expert insights, hands-on workshops, and high-impact networking. These low-rate deals disappear when the doors open on June 5. Exhibit at TechCrunch Sessions: AI Secure your spot at TC Sessions: AI and show 1,200+ decision-makers what you've built — without the big spend. Available through May 9 or while tables last. Berkeley, CA | REGISTER NOW 'For the past six years, NSO has tried to avoid accountability at every turn. This is another expected attempt to claim impunity, in response to a strong message from the jury of U.S. citizens deciding to punish NSO for its 2019 illegal attack against an American company and its users,' said Franklin. 'We'll respond to the court as we continue to pursue a permanent injunction against NSO to prevent this spyware firm from targeting WhatsApp and our users ever again.' NSO Group also said in its court filing that the amount awarded in damages 'grossly exceeds NSO's ability to pay,' and 'reflects an improper desire to punish NSO.' During the trial, NSO Group already argued that it is in dire straits financially.
