Responsible Cyber

NOVEMBER 23, 2024

Industries most affected by these breaches include healthcare, finance, and retail, where sensitive data is routinely shared with vendors for operational efficiency. The healthcare sector has been particularly hard-hit, accounting for over 30% of the total breaches.

Risk

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. This makes it accessible to a worldwide network of criminals.

Data breaches

SecureList

NOVEMBER 29, 2024

Tropic Trooper spies on government entities in the Middle East The threat actor Tropic Trooper, active since 2011, has historically targeted government, healthcare, transportation and high-tech sectors in Taiwan, the Philippines and Hong Kong. This approach allows the group to more effectively deliver and disguise the malicious payload.

Energy and Utilities

SecureList

DECEMBER 9, 2024

This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. This information was disseminated, making the vulnerable systems high-visibility targets for threat actors, especially as Fortinet products are commonly found in government, healthcare, and other critical sectors.

Internet

SecureWorld News

OCTOBER 13, 2024

Industries from healthcare and education to construction and even sports have begun experimenting with AI and VR in siloed functions, with products ranging from immersive learning material to cutting-edge home renovation tools and play-at-home golf simulation systems.

Artificial Intelligence

SecureWorld News

JULY 1, 2025

The opening months of 2025 have been sobering for anyone who depends on electricity, water, transport, or healthcare, which is to say, everyone. Generative AI sustains sophisticated, multi-channel social engineering for phishing campaigns to gain access privileges to critical infrastructure. In February, U.S.

Social Engineering

Security Affairs

DECEMBER 1, 2024

Soldier Major cybercrime operation nets 1,006 suspects UK hospital network postpones procedures after cyberattack Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government Rockstar 2FA: A Driving (..)

Cybercrime

SecureList

NOVEMBER 28, 2024

The group’s targets have traditionally been in government, as well as the healthcare, transportation and high-tech industries located in Taiwan, the Philippines, and Hong Kong. Tropic Trooper (aka KeyBoy and Pirate Panda) is an APT group operating since 2011.

Malware

Jane Frankland

JANUARY 12, 2025

Sectors like energy, healthcare, transportation, utilities, and financial systems are increasingly at risk because they are integral to national security and daily life. These groups are also shifting toward more human-centric exploits , like social engineering and insider assistance. But it doesnt stop there.

Cybersecurity

Security Boulevard

MARCH 20, 2025

The surge was fueled by ChatGPT, Microsoft Copilot, Grammarly, and other generative AI tools, which accounted for the majority of AI-related traffic from known applications. Figure 1: Top AI applications by transaction volume Enterprises blocked a large proportion of AI transactions: 59.9%

Social Engineering

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year. By August 2024, RansomHub had breached at least 210 victims across various critical U.S.

Malware

SecureWorld News

DECEMBER 27, 2024

Ransomware Targets Critical Infrastructure: Ransomware attacks will increasingly focus on critical infrastructure, including healthcare, utilities, and transportation, leading to potentially catastrophic consequences. Identity theft will evolve: Stolen identities will fuel new fraud schemes, like creating crypto accounts in victims names.

Cybersecurity

Trend Micro

JULY 2, 2025

More generally, organisations should consider updating security strategy to account for the elevated threat from AI-powered attacks. Continuously monitoring, assessing, and updating AI models to check for and remediate vulnerabilities, and improve accuracy, performance and reliability.

Cyber Risk

SecureWorld News

JUNE 3, 2025

Alarmingly, the database also held sensitive data from banking institutions, healthcare providers, and government portals. Here are some potential impacts: Credential stuffing attacks : Cybercriminals can use the stolen credentials to gain unauthorized access to other accounts where users have reused passwords.

Malware

The State of Security

SEPTEMBER 16, 2022

Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. The post FBI warns of criminals attacking healthcare payment processors appeared first on The State of Security.

Healthcare

Security Through Education

JANUARY 4, 2023

Social engineering has become a larger threat to the healthcare industry in recent years. In a 2022 report they state that they have “received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments.” So, what exactly is social engineering?

Social Engineering

Krebs on Security

AUGUST 19, 2021

“According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Hassold wrote. All lines of business except for: – Healthcare. Open our letter at your email.

Ransomware

CyberSecurity Insiders

MARCH 25, 2023

Health-ISAC, a nonprofit, private sector, member-driven organization, has released its annual cyber threat report on current and emerging threat activity in the healthcare industry, in collaboration with Booz Allen Hamilton Cyber Threat Intelligence.

Cyber threats

Security Affairs

SEPTEMBER 18, 2023

Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 accounts of its cloud customers were compromised as a result of an SMS-based social engineering attack.

Accountability

Security Affairs

SEPTEMBER 15, 2022

The FBI has issued an alert about threat actors targeting healthcare payment processors in an attempt to hijack the payments. The Federal Bureau of Investigation (FBI) has issued an alert about cyber attacks against healthcare payment processors to redirect victim payments. million payments. ” reads the alert.

Healthcare

Malwarebytes

JUNE 15, 2022

At least 69,000 people have been impacted by a data breach at Kaiser Permanente, a long-running managed healthcare consortium. The latest in a long-running series of healthcare attacks, the road to stolen data began on April 5 this year with an email compromise. The lurking menace of social engineering.

Healthcare

Security Affairs

APRIL 8, 2024

Department of Health and Human Services (HHS) warns of attacks against IT help desks across the Healthcare and Public Health (HPH) sector. Department of Health and Human Services (HHS) reported that threat actors are carrying out attacks against IT help desks across the Healthcare and Public Health (HPH) sector. bank accounts.”

Social Engineering

eSecurity Planet

MAY 30, 2024

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. IT should never be the top expense for a healthcare organization. The costs, affected patients, and consequences continue to be tallied.

Healthcare

Krebs on Security

OCTOBER 2, 2023

These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners to phishing and other social engineering attacks. The PMI portion forms part of each new meeting URL created by that account, such as: zoom.us/j/5551112222

Encryption

Malwarebytes

FEBRUARY 28, 2024

In an updated #StopRansomware security advisory , the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as Blackcat.

Healthcare

Krebs on Security

APRIL 20, 2023

3CX says it has more than 600,000 customers and 12 million users in a broad range of industries, including aerospace, healthcare and hospitality. In many cases, the phony profiles spoofed chief information security officers at major corporations , and some attracted quite a few connections before their accounts were terminated.

Malware

SecureWorld News

JANUARY 4, 2022

The healthcare sector continues to be a high priority target for malicious threat actors, as it has been throughout the pandemic. Broward Health, a large healthcare system in South Florida, disclosed a data breach that impacts more than 1.3 million of its patients. million of its patients.

Data breaches

CyberSecurity Insiders

OCTOBER 25, 2022

Cyberattacks are rapidly overwhelming the healthcare sector. Both large and small healthcare providers continue to be a tantalizing target for repeated ransomware attacks due to limited security budgets that lead to an overall weakened cyber defense system. By Tom Neclerio , Vice President of Professional Services at SilverSky.

Healthcare

Krebs on Security

APRIL 30, 2020

A screen shot from a user account at “Snowden,” a long-running reshipping mule service. It stands to reason that the virus outbreak might depress cybercriminal demand for “dumps,” or stolen account data that can be used to create physical counterfeit credit cards.

Cybercrime

SecureWorld News

SEPTEMBER 30, 2024

Initially focused on government and industrial sectors, the group has recently turned its attention to healthcare , which poses significant risks due to the sensitive nature of medical data and the potential for disruptions to life-saving operations. Increase employee training on recognizing phishing and other social engineering attacks.

Ransomware

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Social Engineering

Malwarebytes

JULY 19, 2022

In a nutshell, it’s an extensive form of information theft, the likes of which could result in someone’s identity being fully stolen and their financial and other online accounts being taken over. PayPal phishing sites are a dime a dozen due to the number of people and companies using it as another form of payment method.

Phishing

Security Boulevard

SEPTEMBER 15, 2022

Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. The post FBI warns of criminals attacking healthcare payment processors appeared first on The State of Security.

Healthcare

Security Affairs

FEBRUARY 8, 2024

Healthcare Spending: From 2020 to 2025, the healthcare sector plans to spend $125 billion on cyber security to tackle its vulnerability. Generative AI Impact : Generative AI will have a big role in cyber security, especially in areas like email protection and fighting social engineering attacks.

Social Engineering

Security Affairs

NOVEMBER 3, 2023

The attackers gained access to Okta’s customer support system by leveraging a service account stored in the system itself. The service account was granted permissions to view and update customer support cases. “The username and password of the service account had been saved into the employee’s personal Google account. .

Data breaches

Responsible Cyber

NOVEMBER 17, 2024

Image Source: AI Generated Recent data breaches have exposed sensitive information from millions of customers across healthcare, financial services, and technology sectors. UnitedHealth Group Change Healthcare Incident The February 2024 ransomware attack on Change Healthcare emerged as the largest healthcare data breach in U.S.

Data breaches

The Last Watchdog

DECEMBER 12, 2023

Moving ahead, it’s crucial for SMBs, municipalities and healthcare institutions to prioritize. S ameer Malhotra , CEO, TrueFort : Malhotra Software supply chain attacks will continue to place more responsibility and accountability on DevSecOps teams. I really feel as though the bad guys have the upper hand.

Cybersecurity