Hacking, Healthcare and Malware - Cyber Security Informer

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. Change Healthcare now provided an update to the U.S.

Data breaches

Data breaches Healthcare Cybercrime Insurance

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. A report in February 2022 from Sophos found Conti orchestrated a cyberattack against a Canadian healthcare provider in late 2021.

Healthcare

Healthcare Ransomware Cybersecurity Malware

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

The Change Healthcare data breach is worse than initially estimated: approximately 190 million people have been affected. The Change Healthcare data breach is worse than initially estimated, the incident has impacted 190 million people. The incident impacted thousands of pharmacies and healthcare providers.

Healthcare

Healthcare Data breaches Insurance Cybercrime

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma’s Computer Crimes Act. The man is accused of having installed the malware on the hospital computers on August 6, 2024. . Anthony Hospital. ” reads the hospital’s statement. ” St.

Malware

Malware Cybersecurity Healthcare Media

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

MARCH 14, 2025

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. This particular scam usually starts with a website popup that looks something like this: This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing

Phishing Malware Scams Passwords

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

The Last Watchdog

MARCH 24, 2025

24, 2025, CyberNewswire – – INE Security , a global provider of cybersecurity training and certification, today announced its initiative to spotlight the increasing cyber threats targeting healthcare institutions. Recent reports show healthcare has endured a record wave of cyber breaches. Cary, NC, Mar.

Healthcare

Healthcare Penetration Testing Education Cyber threats

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. This launches the malware routine.” NailaoLocker ransomware is written in C++,the researchers said that the malware is not sophisticated and is poorly designed. ” continues the report.

Healthcare

Healthcare Ransomware VPN Malware

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data. Ransomware attacks on U.S.

Hacking

Hacking Healthcare Backups Ransomware

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Government Ransomware Hacking Manufacturing

Malware Infected Medical Equipment Shows Fake Tumors

Adam Levin

APRIL 9, 2019

Israeli cybersecurity researchers have created malware capable of showing fake cancerous growths on CT and MRI scans. The malware, called CT-GAN, served as a proof of concept to show the potential for hacking medical devices with fake medical news that was convincing enough to fool medical technicians.

Malware

Malware Healthcare Technology Ransomware

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. and New Jersey, as well as organizations in the healthcare and other sectors nationwide. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware

Ransomware Healthcare Hacking Malware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware)

Ransomware

Ransomware Hacking Social Engineering Manufacturing

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime

Cybercrime Ransomware Healthcare Education

Memorial Hospital and Manor suffered a ransomware attack

Security Affairs

NOVEMBER 6, 2024

Memorial Hospital and Manor is a community hospital and healthcare facility that serves Decatur County and surrounding areas in southwest Georgia. It offers a range of healthcare services, including emergency care, inpatient and outpatient services, surgical care, and specialized medical services. Ransomware attacks on U.S.

Ransomware

Ransomware Healthcare Antivirus Data breaches

No company too small for Phobos ransomware gang, indictment reveals

Malwarebytes

DECEMBER 2, 2024

The government’s indictment against Ptitsyn should dispel any notion that ransomware gangs only target the largest, richest, most robust corporations on the planet, as one Phobos affiliate allegedly extorted a Maryland-based healthcare provider out of just $2,300—possibly the lowest payment ever recorded. Create offsite, offline backups.

Ransomware

Ransomware Backups Small Business Malware

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. Image: Microsoft.

Hacking

Hacking Cybercrime Ransomware Government

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

MARCH 10, 2025

Moonstone Sleet threat actors target financial and cyberespionage victims using trojanized software, custom malware, malicious games, and fake companies like StarGlow Ventures and C.C. The APT group has also spread malware via a fraudulent tank game (DeTankWar) and engaged in ransomware attacks using FakePenny.

Ransomware

Ransomware Healthcare VPN Malware

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Government

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.” reads the CSA.

Ransomware

Ransomware Telecommunications Healthcare Insurance

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. hospitals and healthcare providers. hospitals and healthcare providers. SecurityAffairs – hacking, ransomware). ” reads the alert. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Cybercrime DNS

Attacks Aimed at Disrupting the Trickbot Botnet

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Ransomware

Ransomware Malware Healthcare Internet

Healthcare provider Ardent Health Services disclosed a ransomware attack

Security Affairs

NOVEMBER 28, 2023

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. The healthcare provider disclosed that it has suffered a ransomware attack on November 23. .”

Healthcare

Healthcare Ransomware Technology Internet

Healthcare organizations faced a 45% increase in attacks since November

Security Affairs

JANUARY 5, 2021

According to a new report published by Check Point, organizations in the healthcare industry have faced a 45% increase in attacks since November. Check Point researchers reported a surge in the number of attacks against organizations in the healthcare industry , +45% since November. SecurityAffairs – hacking, healthcare industry).

Healthcare

Healthcare Ransomware DDOS Cybercrime

North Korea-linked APT37 exploited IE zero-day in a recent attack

Security Affairs

OCTOBER 19, 2024

APT37 exploited this flaw to trick victims into downloading malware on their desktops with the toast ad program installed. The hackers targeted organizations in the chemicals, manufacturing, electronics, aerospace, healthcare, and automotive sectors. dll), allowing type confusion to occur.

Internet

Internet Internet Engineering Malware

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

healthcare providers surged in 2024, with 98 attacks compromising 117 million records. High-profile breaches include Change Healthcare (100M records), Summit Pathology (1.8M), OnePoint Patient Care (796K), and Boston Childrens Health Physicians (909K). Ransomware attacks on U.S.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. healthcare sector. The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors.

Healthcare

Healthcare Ransomware Cybercrime Manufacturing

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Meanwhile, ransomware attacks on healthcare providers will persist, targeting outdated systems and jeopardizing patient care, emphasizing the need for stronger defenses to protect critical services. The drivers are intensifying.

Cyber threats

Cyber threats CISO IoT Phishing

Does Your Organization Have a Security.txt File?

Krebs on Security

SEPTEMBER 20, 2021

It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Having a security.txt file can make it easier for organizations to respond to active security threats. ” GET READY TO BE DELUGED.

Retail

Retail Healthcare Internet Internet

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital is a not-for-profit community healthcare facility located in Newburyport, Massachusetts. On January 19, the Money Messageransomware gang added the healthcare organization to its Tor leak site claiming the theft of 600GB of sensitive data, including PII and diagnoses.

Data breaches

Data breaches Insurance Healthcare Ransomware

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” healthcare organizations. Last month, the U.S. “The Venus group has problems getting paid,” Holden said. “They are targeting a lot of U.S.

Healthcare

Healthcare Backups Ransomware Insurance

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries, including aerospace, healthcare and hospitality. Image: Mandiant.

Malware

Malware Software Technology Accountability

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

The malware then disables default protections to prevent accidental encryption and uses the ‘-UsedSpaceOnly’ flag for faster encryption of only occupied disk space. Bitdefender observed an attack on a healthcare organization, where threat actors encrypted Windows 10, Windows 11, and Windows Server devices, including backups.

Ransomware

Ransomware Encryption Passwords Backups

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini

Malware

Malware IoT Healthcare Cryptocurrency

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Hacking Malware Encryption

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

The threat actors exploited vulnerabilities in networking devices used by businesses to gain a foothold by installing custom malware. Sophos researchers speculate the attack was part of an intelligence-gathering campaign aimed at developing malware for network devices.

Firmware

Firmware Government Firewall Malware

US HHS warns healthcare orgs of Royal Ransomware attacks

Security Affairs

DECEMBER 10, 2022

The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The Health and Human Services (HHS) is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. The malware changes the extension of the encrypted files to ‘.royal’. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Malware

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. This alert aims at organizations in the healthcare sector because ALPHV Blackcat affiliates have been observed primarily targeting this sector.

Healthcare

Healthcare Ransomware Government Insurance

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Security Affairs

NOVEMBER 18, 2024

The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Insurance Encryption Healthcare

Malware news trending on Google

CyberSecurity Insiders

FEBRUARY 2, 2022

The first news that is related to malicious software and is trending heavily on Google is related to SolarMarker malware that can steal credentials and act as a backdoor for other cyber attacks. Third is the news related to 2FA Authenticator that is seen distributing malware. In practical, the said application is working as promoted.

Malware

Malware Cryptocurrency Authentication Healthcare

A New Ransomware Was Linked to FIN8 Hacking Group

Heimadal Security

JANUARY 19, 2022

FIN8 is a financially motivated malicious actor who has been observed attacking financial institutions for numerous years, notably by deploying POS malware capable of stealing credit card information. The post A New Ransomware Was Linked to FIN8 Hacking Group appeared first on Heimdal Security Blog.

Hacking

Hacking Ransomware Healthcare Phishing

Everest ransomware group’s Tor leak site offline after a defacement

Security Affairs

APRIL 8, 2025

The Tor leak site of the Everest ransomware group went offline after being hacked and defaced over the weekend. The Everest ransomware gangs darknet site went offline after being hacked and defaced, with victim listings replaced by the following message. ” reads the threat actor profile issued by the U.S.

Ransomware

Ransomware Healthcare Hacking Scams

Change Healthcare data breach impacted over 100 million people

Conti’s Ransomware Toll on the Healthcare Industry

Trending Sources

Change Healthcare data breach exposed the private data of over half the U.S.

CEO of cybersecurity firm charged with installing malware on hospital systems

ClickFix: How to Infect Your PC in Three Easy Steps

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

NailaoLocker ransomware targets EU healthcare-related entities

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Rhysida Ransomware gang claims the hack of the Government of Peru

Malware Infected Medical Equipment Shows Fake Tumors

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Cloak ransomware group hacked the Virginia Attorney General’s Office

Russian Phobos ransomware operator faces cybercrime charges

Memorial Hospital and Manor suffered a ransomware attack

No company too small for Phobos ransomware gang, indictment reveals

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Black Basta ransomware gang hit BT Group

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Attacks Aimed at Disrupting the Trickbot Botnet

Healthcare provider Ardent Health Services disclosed a ransomware attack

Healthcare organizations faced a 45% increase in attacks since November

North Korea-linked APT37 exploited IE zero-day in a recent attack

South African telecom provider Cell C disclosed a data breach following a cyberattack

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Does Your Organization Have a Security.txt File?

2023 Anna Jaques Hospital data breach impacted over 310,000 people

New Ransom Payment Schemes Target Executives, Telemedicine

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Carbanak malware returned in ransomware attacks

3CX Breach Was a Double Supply Chain Compromise

Bitdefender released a decryptor for the ShrinkLocker ransomware

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

US HHS warns healthcare orgs of Royal Ransomware attacks

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Malware news trending on Google

A New Ransomware Was Linked to FIN8 Hacking Group

Everest ransomware group’s Tor leak site offline after a defacement

Stay Connected