A threat group likely from Eastern Europe, dubbed Unfurling Hemlock, has been distributing hundreds of thousands of malware samples worldwide through compressed “cabinet files”. Each file contains multiple pieces of malware, acting as a sort of ‘cluster bomb’. Some samples also include obfuscators and tools to disable Windows Defender. The group seems to be paid per infection, possibly distributing malware for other unrelated campaigns. Over half of the targets were based in the US.
![](https://healsecurity.com/wp-content/uploads/2024/07/south-africa-lab-still-reeling-from-ransomware-attack-2048x1075.jpg)
South Africa Lab Still Reeling from Ransomware Attack
South Africa’s National Health Laboratory Service (NHLS) is still recovering from a ransomware attack in June that disrupted its systems and deleted backups. The intrusion