Healthcare, Information Security, Malware and VPN

US HHS warns healthcare orgs of Royal Ransomware attacks

Security Affairs

DECEMBER 10, 2022

The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The Health and Human Services (HHS) is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. The malware changes the extension of the encrypted files to ‘.royal’. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Malware

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Security Affairs

NOVEMBER 8, 2023

The impacted hospitals are Bluewater Health , Chatham-Kent Health Alliance , Erie Shores HealthCare , Hôtel-Dieu Grace Healthcare , and Windsor Regional Hospital. The attackers also stole a “limited set” data from Erie Shoes HealthCare including 352 current and past employee social insurance numbers (SIN).

Ransomware

Ransomware Healthcare VPN Insurance

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN

VPN Cybercrime Ransomware Hacking

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries, including aerospace, healthcare and hospitality. Image: Mandiant.

Malware

Malware Software Technology Accountability

Daixin Team group claimed the hack of North Texas Municipal Water District

Security Affairs

NOVEMBER 28, 2023

businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server.

Hacking

Hacking VPN Ransomware Cybercrime

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Only use secure networks and avoid using public Wi-Fi networks.

Healthcare

Healthcare Ransomware Encryption Passwords

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 12, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches VPN Hacking Banking

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

Security Affairs newsletter Round 402 by Pierluigi Paganini

Security Affairs

JANUARY 15, 2023

Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4

Small Business

Small Business Password Management VPN Healthcare

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

Healthcare and Public Health sector with ransomware. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware

Ransomware VPN Cybercrime Accountability

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Healthcare Education

Security Affairs newsletter Round 403 by Pierluigi Paganini

Security Affairs

JANUARY 22, 2023

The Irish DPC fined WhatsApp €5.5M

Data breaches

Data breaches Retail Malware VPN

Fileless SockDetour backdoor targets U.S.-based defense contractors

Security Affairs

FEBRUARY 26, 2022

Researchers provided details about a stealthy custom malware dubbed SockDetour that targeted U.S.-based The attackers successfully compromised more than a dozen organizations across multiple industries, including technology, energy, healthcare, education, finance and defense. based defense contractors. based defense contractors.

Backups

Backups VPN Healthcare Malware

Hive Ransomware Tor leak site apparently seized by law enforcement

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike.

Hacking

Hacking VPN Advertising Financial Services

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report (MAR) that includes technical details about web shells employed by Iranian hackers. The malware used by the threat actors includes the ChunkyTuna, Tiny, and China Chopper web shells.

VPN

VPN Passwords Advertising Password Management

New Hive ransomware variant is written in Rust and use improved encryption method

Security Affairs

JULY 6, 2022

The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn. The group used a variety of attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials.

Encryption

Encryption Ransomware Cybercrime Malware

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

Early this year the group announced that it will no longer attack organizations in the healthcare industry, companies involved in the development and distribution of COVID-19 vaccines, and funeral service organizations. other than VPN gateways, mail ports, web ports).

Ransomware

Ransomware Healthcare Phishing Risk

The Top Five Habits of Cyber-Aware Employees

CyberSecurity Insiders

JULY 21, 2021

The vast majority of cyberattacks rely on social engineering – the deception and manipulation of victims to coerce them into either opening malware or voluntarily providing sensitive information. Know how to identify a phishing attack.

Social Engineering

Social Engineering Password Management Passwords Phishing

A member The Dark Overlord group sentenced to 5 years in prison

Security Affairs

SEPTEMBER 22, 2020

Victims of the group operated in several sectors, including in the healthcare, financial, legal, film, and others. Wyatt also admitted that he participated in the conspiracy by creating, validating, and maintaining communication, payment, and VPN accounts that were employed by The Dark Overlord in its attacks. On Monday, in a U.S.

Identity Theft

Identity Theft Accountability Hacking Advertising

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

Some of them like DoppelPaymer and Maze groups announced that they would no target healthcare organizations during the pandemic. Attackers are targeting organizations in the healthcare industry via malspam campaigns using malicious attachments.

Ransomware

Ransomware Data breaches Healthcare Advertising

Security Affairs newsletter Round 340

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware

Spyware Data breaches Ransomware Retail

Phishing: What Everyone in Your Organization Needs to Know

NopSec

FEBRUARY 15, 2017

Phishing is a standard method of delivering malware, including ransomware. Nearly Everyone You might assume that attackers are going primarily after high-value industries such as healthcare, finance, and government. Consider the example of Massachusetts-based health care provider Partners Healthcare System, Inc.,

Phishing

Phishing Social Engineering Engineering Healthcare

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Email Threats: More than 75% of targeted attacks start with an email, delivering 94% of malware. Healthcare Spending: From 2020 to 2025, the healthcare sector plans to spend $125 billion on cyber security to tackle its vulnerability. Market Size: The AI cyber security market was worth around $17.4

Social Engineering

Social Engineering Cyber Attacks Cyber Insurance IoT

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Hacking Engineering Manufacturing

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Hacking

Hacking Ransomware Manufacturing Healthcare

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Cyber Attacks Manufacturing Healthcare

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Encryption VPN Manufacturing

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Security Affairs

NOVEMBER 18, 2022

The authorities reported that from June 2021 through at least November 2022, threat actors employed the Hive ransomware in attacks aimed at a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware VPN Manufacturing Healthcare

US DoJ charges Iranian hackers for attacks on US satellite companies

Security Affairs

SEPTEMBER 18, 2020

According to a recently published CISA’s report , Iranian hackers from an unnamed APT group are employing several known web shells, in attacks on IT, government, healthcare, financial, and insurance organizations across the United States. The malware used by the threat actors includes the ChunkyTuna, Tiny, and China Chopper web shells.

Hacking

Hacking Identity Theft VPN Accountability

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Well-known malware families are involved in the biggest and most wide-reaching campaigns. Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. According to our research , this malware affected almost 20 business sectors.

Ransomware

Ransomware Encryption Malware Cybercrime

Cisco’s CISO of the Month – Esmond Kane

Cisco Security

JUNE 25, 2021

I learned on the job, fighting malware outbreaks, working my way up from the Helpdesk at the same time the whole planet was embracing the internet to radically transform business. In future years, Healthcare will be measured in pre and post pandemic terms. What has been the impact of the pandemic?

CISO

CISO Healthcare InfoSec Computers and Electronics

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

The top five most frequently attacked industries include manufacturing (94 victims), retail (51 victims), state agencies (39 victims), healthcare (38 victims), and construction (30 victims). The main ways to gain access to corporate networks include brute-force attacks on remote access interfaces (RDP, SSH, VPN), malware (e.g.,

Banking

Banking Ransomware Phishing Marketing

Cyber Security Informer

US HHS warns healthcare orgs of Royal Ransomware attacks

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Trending Sources

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

3CX Breach Was a Double Supply Chain Compromise

Daixin Team group claimed the hack of North Texas Municipal Water District

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs newsletter Round 402 by Pierluigi Paganini

Daixin Team targets health organizations with ransomware, US agencies warn

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs newsletter Round 403 by Pierluigi Paganini

Fileless SockDetour backdoor targets U.S.-based defense contractors

Hive Ransomware Tor leak site apparently seized by law enforcement

Iran-linked APT group Pioneer Kitten sells access to hacked networks

US CISA report shares details on web shells used by Iranian hackers

New Hive ransomware variant is written in Rust and use improved encryption method

French authorities arrested a Russian national for his role in the Hive ransomware operation

US CISA and FBI publish joint alert on DarkSide ransomware

The Top Five Habits of Cyber-Aware Employees

A member The Dark Overlord group sentenced to 5 years in prison

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs newsletter Round 340

Phishing: What Everyone in Your Organization Needs to Know

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Rhysida ransomware gang claimed China Energy hack

Rhysida ransomware group hacked Abdali Hospital in Jordan

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware gang is auctioning data stolen from the British Library

Researchers released a free decryption tool for the Rhysida Ransomware

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

US DoJ charges Iranian hackers for attacks on US satellite companies

Ransomware world in 2021: who, how and why

Cisco’s CISO of the Month – Esmond Kane

Group-IB Hi-Tech Crime Trends 2020/2021 report

Stay Connected