"US Health Dept Warns of Venus Ransomware Targeting Healthcare Orgs"

The US Department of Health and Human Services (HHS) has issued a warning about Venus Ransomware attacks targeting healthcare organizations in the country. HHS' security team also mentions at least one incident in which Venus Ransomware was deployed on the networks of a US healthcare organization. According to the Health Sector Cybersecurity Coordination Center (HC3), there is no known data leak site that Venus Ransomware threat actors are using. Venus Ransomware was discovered in mid-August 2022 and has since spread across the networks of dozens of corporate victims around the world. The threat actors behind the Venus Ransomware attacks are known for encrypting Windows devices by hacking into victims' publicly exposed Remote Desktop services. The ransomware will delete event logs, Shadow Copy Volumes, and disable Data Execution Prevention on compromised endpoints, in addition to terminating database services and Office apps. Venus Ransomware has been relatively active since August, with new submissions uploaded to ID Ransomware daily. Previous alerts have warned of threat actors using the Maui and Zeppelin ransomware payloads in attacks on Healthcare and Public Health (HPH) organizations. This article continues to discuss healthcare organizations being targeted by Venus Ransomware attacks and other ransomware operations targeting healthcare organizations across the US this year.

Bleeping Computer reports "US Health Dept Warns of Venus Ransomware Targeting Healthcare Orgs"