Hot for Security

MARCH 17, 2021

The Federal Bureau of Investigation has issued a flash alert warning of an increase in PYSA ransomware attacks targeting government entities, educational institutions, private companies and the healthcare sector in the US and the UK. Use multifactor authentication where possible. … hard drive, storage device, the cloud). and others.

Education 111

Education Healthcare Government Ransomware 111

Malwarebytes

JULY 10, 2022

State-sponsored North Korean threat actors have been targeting the US Healthcare and Public Health (HPH) sector for the past year using the Maui ransomware, according to a joint cybersecurity advisory (CSA) from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury. – CSA Alert (AA22-187A).

Healthcare 83

Healthcare Ransomware Encryption Firmware 83

Security Affairs

MAY 12, 2024

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.” ” reads the CSA.

Ransomware 113

Ransomware Hacking Healthcare Retail 113

SecureWorld News

JULY 7, 2022

United States government agencies recently released a joint Cybersecurity Advisory (CSA) providing information on how North Korean state-sponsored threat actors are actively using Maui ransomware to attack healthcare organizations. What is North Korea up to? Mitigations for Maui ransomware.

Healthcare 79

Healthcare Ransomware Encryption Government 79

SecureWorld News

SEPTEMBER 5, 2023

The exposed database, containing more than 17 billion records, has raised concerns about the security of sensitive healthcare provider information and negotiated rates for medical procedures. states, Cigna offers an array of healthcare insurance plans, including individual, family, employer-sponsored, Medicare, and Medicaid plans.

Backups 92

Backups Insurance Healthcare Data breaches 92

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020.

Ransomware 313

Ransomware Encryption Backups Manufacturing 313

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Use multi-factor authentication where possible.

Healthcare 103

Healthcare Ransomware Encryption Passwords 103

CyberSecurity Insiders

JUNE 1, 2023

However, it is not uncommon for ransomware gangs like LockBit and BlackByte to target healthcare organizations due to the high demand for the sensitive data they possess on the dark web. Law enforcement agencies worldwide have been intensifying their efforts to apprehend notorious ransomware gangs.

Ransomware 107

Ransomware Healthcare Insurance Backups 107

Malwarebytes

OCTOBER 11, 2023

Despite expending a lot of hot air on the subject, ransomware groups have shown time and again that they are absolutely not above targeting the healthcare sector. In the twelve months between October 2022 and September 2023, there were 213 known attacks against the healthcare sector, making it the ninth most attacked sector globally.

Antivirus 97

Antivirus Insurance Ransomware Healthcare 97

Malwarebytes

AUGUST 16, 2022

While anyone can fall victim to these threat actors, the FBI noted that this malware has been used to target a wide range of businesses and critical infrastructure organizations, including defense contractors, educational institutions, manufacturers, technology companies, and especially organizations in the healthcare and medical industries.

Ransomware 79

Ransomware Backups Passwords Authentication 79

Malwarebytes

JULY 31, 2023

The Register reports that healthcare workers are having to resort to pen and paper , alongside staff being warned of the potential for phishing attacks. While there is a backup system able to take MobiMed’s place “within 24 hours” of an attack, integration with other systems is not 100%.

Backups 84

Backups Healthcare Risk Technology 84

Security Affairs

MARCH 2, 2024

The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors. Phobos is also able to identify and delete data backups. Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019.

Ransomware 123

Ransomware Backups Healthcare Firewall 123

Webroot

MAY 6, 2024

For businesses, this means implementing a comprehensive incident response plan that includes secure, immutable backups and regular testing to ensure rapid recovery in the event of an attack. Multi-factor authentication (MFA) can add a vital layer of protection, and carefully inspect email addresses and links before taking any action.

Antivirus 84

Antivirus Education Cyber threats Phishing 84

Malwarebytes

JANUARY 9, 2024

According to those few groups, their cybercriminal actions would never include organizations actively involved in healthcare, such as hospitals. Unfortunately, we have seen these type of disruptions in healthcare before. Enable two-factor authentication (2FA). Create offsite, offline backups. Don’t get attacked twice.

Ransomware 76

Ransomware Passwords Backups Healthcare 76

Security Affairs

FEBRUARY 10, 2023

North Korea-linked APT groups conduct ransomware attacks against healthcare and critical infrastructure facilities to fund its activities. Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S.

Ransomware 80

Ransomware Healthcare Cryptocurrency Government 80

Thales Cloud Protection & Licensing

MAY 23, 2022

Although the attack against Colonial Pipeline deservedly gained news attention, ransomware attacks have increasingly disrupted the sectors of food, healthcare and transportation. This is certainly an option for organizations with well-defined backup and remediation processes. Healthcare sector. Attacks against the food sector.

Healthcare 126

Healthcare Ransomware Authentication Threat Reports 126

Malwarebytes

JUNE 1, 2022

This is a common feature of healthcare compromises. Perhaps records after that date have all made the leap to digital status only, with no backups available. Maybe there are backups, but those have been encrypted by ransomware too. ” At the very least, 2 Factor Authentication (2FA) is needed here.

Ransomware 118

Ransomware Backups Encryption Authentication 118

Security Affairs

DECEMBER 17, 2020

Early this month, Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet that multiple ransomware gangs are cold-calling victims if they don’t pay the ransom and attempt to restore from backups. Patch operating systems, software, firmware, and endpoints.

Ransomware 139

Ransomware Backups Firmware Accountability 139

Malwarebytes

DECEMBER 13, 2023

The top stories of the month include ALPHV’s shutdown, an increased focus on the healthcare sector, and high-profile attacks on Toyota, Boeing, and more using a Citrix Bleed vulnerability (CVE-2023-4966). In other news, attacks on the healthcare sector last month reached an all-time high at 38 total attacks.

Ransomware 82

Ransomware Healthcare Encryption Backups 82

Malwarebytes

OCTOBER 26, 2022

The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) have issued a joint advisory about DAIXIN Team, a fledgling ransomware and data exfiltration group that has been targeting US healthcare. Require two-factor authentication (2FA) on remote desktops and VPNs.

Ransomware 73

Ransomware Healthcare Phishing VPN 73

Security Affairs

JANUARY 17, 2022

” The CPU will address critical vulnerabilities in Oracle Essbase, Graph Server and Client, Secure Backup, Communications Applications, Communications, Construction and Engineering, Enterprise Manager, Financial Services Applications, Fusion Middleware, Insurance Applications, PeopleSoft, Support Tools, and Utilities Applications.

Big data 104

Big data Financial Services Retail Insurance 104

Security Affairs

OCTOBER 19, 2021

BlackMatter ransomware operators announced that they will not target healthcare organizations, critical infrastructure, organizations in the defense industry, and non-profit companies. The experts noticed that BlackMatter operators wipe or reformat backup data stores and appliances instead of encrypting backup systems.

Ransomware 112

Ransomware Backups Encryption Cybercrime 112

Krebs on Security

DECEMBER 13, 2021

On May 10, one of the hospitals detected malicious activity on its Microsoft Windows Domain Controller, a critical “keys to the kingdom” component of any Windows enterprise network that manages user authentication and network access. The number of appointments in some areas dropped by up to 80 percent.”

Healthcare 267

Healthcare Ransomware Antivirus Software 267

Malwarebytes

JULY 24, 2023

” While that is good news from a healthcare perspective, the ransomware operators did obtain something of value. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Create offsite, offline backups. Don’t get attacked twice.

Ransomware 81

Ransomware Computers and Electronics Passwords Identity Theft 81

Security Affairs

OCTOBER 22, 2022

Healthcare and Public Health sector with ransomware. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. Require phishing-resistant MFA for as many services as possible—particularly for webmail, VPNs, accounts that access critical systems, and privileged accounts that manage backups.

Ransomware 68

Ransomware VPN Cybercrime Accountability 68

Security Affairs

SEPTEMBER 5, 2020

The ProLock ransomware was employed in attacks against organizations worldwide from multiple sectors including construction, finance, healthcare, and legal. In March, threat actors behind PwndLocker changed the name of their malware to ProLock, immediately after security firm Emsisoft released a free decryptor tool.

Ransomware 131

Ransomware Advertising Malware Backups 131

eSecurity Planet

JUNE 30, 2023

Lace Tempest (Storm-0950, overlaps w/ FIN11, TA505) authenticates as the user with the highest privileges to exfiltrate files,” Microsoft notes. The group has targeted pharmaceutical companies and other healthcare institutions during the COVID-19 pandemic. Memorial Day holiday.

Ransomware 97

Ransomware Backups Passwords Software 97

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Backup and encryption.

Backups 141

Backups Ransomware Firewall Malware 141

Approachable Cyber Threats

JANUARY 24, 2022

What is Multi-factor Authentication (MFA)?” A password is one “factor” or step for authenticating or proving your identity as the owner of an account, and while password-based authentication alone is a good start, you should opt for an additional layer of protection where available. Let’s dive in! So what are your options?

Authentication 98

Authentication Passwords Accountability Mobile 98

Malwarebytes

JULY 20, 2022

Malwarebytes recently reported on the North Korean APT that targets US healthcare sector with Maui ransomware. Although Maui may be a little different from run-of-the-mill ransomware, the steps to protect against it are not: Maintain offsite, offline backups of data and test them regularly. Create a cybersecurity response plan.

Ransomware 89

Ransomware Cryptocurrency Healthcare Firmware 89

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada.

Ransomware 86

Ransomware Encryption Firmware Backups 86

Security Affairs

MAY 13, 2021

Early this year the group announced that it will no longer attack organizations in the healthcare industry, companies involved in the development and distribution of COVID-19 vaccines, and funeral service organizations. Require multi-factor authentication for remote access to OT and IT networks. Organize OT assets into logical zones.

Ransomware 109

Ransomware Healthcare Phishing Risk 109

Malwarebytes

MARCH 13, 2023

Some of these organizations are considered vital infrastructure such as local governments, financial companies, healthcare organizations, energy firms, and technology manufacturers. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Don’t get attacked twice.

Ransomware 82

Ransomware Backups Internet Internet 82

Centraleyes

JANUARY 21, 2024

Essential entities ” span sectors such as energy, healthcare, transport, and water. .” The NIS2 framework exerts influence over a broad spectrum, encompassing EU entities with a workforce of at least 50 individuals or revenue surpassing €10 million, particularly those crucial to societal functions.

Cybersecurity 110

Cybersecurity Energy and Utilities Cyber threats Risk 110

Spinone

AUGUST 14, 2020

Healthcare providers and their business associates have to comply with the HIPAA privacy rule. HIPAA Compliance Checklist Medical and healthcare organizations use cloud services like G Suite and Office 365 for communicating with patients and storing their data—that’s why compliance in the cloud is worth the highest attention.

Encryption 52

Encryption Backups Healthcare Data breaches 52

Security Affairs

OCTOBER 31, 2022

The spread of this ransomware was considered to be the worst cyber attack in terms of contamination rate and scope, putting public offices and companies (especially healthcare facilities) out of operation. Only the registration of this domain subsequently created the condition (kill swich) for the malware to stop spreading.

Malware 97

Malware Computers and Electronics Encryption Ransomware 97

Webroot

OCTOBER 22, 2021

The most common way we see ransomware affecting organizations – government municipalities, healthcare and education institutions – is through a breach. Two-factor authentication. However, education is critical to maintaining a business’ security posture, especially when it comes to ransomware. Document your procedures.

VPN 111

VPN Penetration Testing Education Security Awareness 111