CyberSecurityBoard
Sponsor Register Login

Beware of Bert: New ransomware group targets healthcare, tech firms | The Record from Recorded Future News

A new ransomware group has been breaching organizations across Asia, Europe, and the U.S., with victims reported in the healthcare, technology and event services sectors, researchers have found. The researchers also noted that Bert may have originated from the Linux variant of REvil, a notorious ransomware gang dismantled in 2021. The group, calling itself Bert, was first identified in April by researchers at cybersecurity firm Trend Micro, who detailed their findings in a report published Monday. Earlier in June, a Russian court sentenced several members of the REvil ransomware gang to five years in prison but released them immediately after the verdict, citing time already served in pre-trial detention. Although the initial access method remains unknown, analysts discovered a PowerShell script that disables security tools on victims' systems before downloading and executing the ransomware. Once inside a system, the malware drops a ransom note that reads: “Hello from Bert! Your network is hacked and files are encrypted,” followed by instructions for contacting the attackers to negotiate payment. The ransomware has infected both Windows and Linux systems, the researchers said. While no specific threat actor has been formally linked to the attacks, the use of Russian infrastructure may suggest ties to groups operating in or affiliated with the region. Researchers said the ransomware is actively being developed, with multiple variants already observed. Although REvil is no longer active, elements of its code appear to have been reused, the researchers said.

This Cyber News was published on therecord.media. Publication date: Mon, 07 Jul 2025 18:15:17 +0000


Cyber News related to Beware of Bert: New ransomware group targets healthcare, tech firms | The Record from Recorded Future News

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
10 months ago Cybersecuritynews.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
9 months ago Cybersecuritynews.com
Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
2 years ago Darkreading.com LockBit
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
1 year ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
1 year ago Techtarget.com
Beware of Bert: New ransomware group targets healthcare, tech firms | The Record from Recorded Future News - A new ransomware group has been breaching organizations across Asia, Europe, and the U.S., with victims reported in the healthcare, technology and event services sectors, researchers have found. The researchers also noted that Bert may have ...
6 months ago Therecord.media
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
1 year ago Securelist.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
1 year ago Darkreading.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
1 year ago Cybersecuritynews.com
BERT Ransomware Forcibly Shut Down ESXi Virtual Machines to Disrupt Recovery - A newly emerged ransomware group known as BERT has introduced a particularly disruptive capability that sets it apart from traditional ransomware operations: the ability to forcibly terminate ESXi virtual machines before encryption, significantly ...
6 months ago Cybersecuritynews.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
1 year ago Malwarebytes.com Rocke LockBit
How Cybersecurity for Law Firms has Changed - The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks. Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, ...
2 years ago Securityboulevard.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
1 year ago Cysecurity.news
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
1 year ago Therecord.media LockBit
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
2 years ago Therecord.media
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
1 year ago Bleepingcomputer.com
Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
2 years ago Bleepingcomputer.com DAIXIN
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
1 year ago Esecurityplanet.com Black Basta
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
2 years ago Darkreading.com LockBit
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
1 year ago Bleepingcomputer.com Medusa Cuba STORMOUS
Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
1 year ago Wired.com Ransomhub
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
2 years ago Helpnetsecurity.com
Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
1 year ago Cyberdefensemagazine.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)