The Acronis Threat Research Unit has examined a new version of the Proton ransomware family called Zola. Like earlier variants, Zola checks for admin privileges and prompts users to run the executable file if the check fails. If not halted by a kill switch, it checks for a Persian keyboard layout, generates a unique victim ID, and deletes shadow copies to prevent recovery. The encryption scheme has switched from elliptic-curve cryptography (ECC) and Advanced Encryption Standard (AES) to the ChaCha20 scheme.

Yale New Haven Health data breach affected over 5.5M people
Over 5.5 million people were affected by a data breach involving an “unauthorized third party” on Yale New Haven Health’s network (YNHHS) on March 8.