Security Boulevard

AUGUST 5, 2025

There’s no such thing as a routine day in healthcare IT anymore. While clinicians focus on saving lives, cybersecurity teams are fighting their own battles behind the scenes—battles against credential thieves, ransomware disruptions, phishing attacks and supply chain vulnerabilities that can knock entire hospital systems offline.

Healthcare

Security Affairs

APRIL 13, 2025

They continue to monitor for potential data misuse and urge vigilance against fraud, phishing, and identity theft. healthcare providers surged in 2024, with 98 attacks compromising 117 million records. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders.

Data breaches

Security Affairs

NOVEMBER 19, 2024

“According to the indictment, Ptitsyn facilitated the worldwide use of a dangerous ransomware strain to target corporations and various organizations, including government agencies, healthcare facilities, educational institutions, and critical infrastructure.

Cybercrime

Hacker's King

DECEMBER 16, 2024

In 2023, major ransomware incidents targeted healthcare providers, educational institutions, and large corporations. Phishing and Social Engineering : Phishing remains a popular attack method, leveraging emails, fake websites, and social media to deceive users into providing sensitive information.

Cyber Attacks

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business

SecureWorld News

FEBRUARY 20, 2025

Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts. Cybersecurity awareness and incident response Train employees to recognize phishing attempts and social engineering. Patching and vulnerability management Apply timely security updates to operating systems, software, and firmware.

Ransomware

Hacker's King

OCTOBER 19, 2024

Data breaches, ransomware attacks, and phishing schemes have become common occurrences, affecting everything from small businesses to multinational corporations. Whether it's financial institutions, healthcare providers, or e-commerce platforms, organizations are prime targets for hackers seeking sensitive data or financial gain.

Cybersecurity

IT Security Guru

FEBRUARY 25, 2025

Initial Compromise: Malefactors first gain access to the victims credentials through phishing, brute force attacks, or dark web marketplaces. Many organisations, including financial institutions and healthcare providers, have fallen victim to MFA fatigue attacks.

Social Engineering

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” ” reads a report published by Halcyon.

Ransomware

SecureWorld News

AUGUST 6, 2025

The most common uses were AI-generated phishing (37%) and deepfake impersonation attacks (35%), according to the report. "As The most frequent attack vector was phishing, accounting for 16% of all breaches. The flipside is the bad actors using it as offensive weaponry. Attackers are not far behind. million and $4.91

Data breaches

eSecurity Planet

OCTOBER 15, 2024

While American Water has not disclosed the exact method of attack, such incidents often involve tactics like ransomware or phishing , where hackers gain access to sensitive systems and either steal or encrypt data, demanding a ransom in return for restoring access.

Cybersecurity

Centraleyes

DECEMBER 16, 2024

Current cybersecurity trends show that attackers are now targeting critical infrastructure, healthcare, and financial services, leading to massive disruptions. We are seeing increased use of AI to automate attacks, including malware generation and phishing campaigns.

Cybersecurity

SecureWorld News

APRIL 10, 2025

Organizationsparticularly those in critical sectors such as energy, healthcare, and financerely on CISA for guidance on emerging threats and best practices. Innovation and collaboration impact: Reduced internal capacity may spur CISA to lean more heavily on technology and external partnerships to uphold national security standards.

Energy and Utilities

Thales Cloud Protection & Licensing

MARCH 18, 2025

Robust Authentication Offers phishing-resistant MFA options (e.g., Contingency Planning Offers scalability to handle sudden increases in authentication requests during emergencies or crisis situations, ensuring uninterrupted access to critical healthcare systems. FIDO2 devices, smart cards) to prevent unauthorized access to ePHI.

Healthcare

SecureWorld News

JUNE 9, 2025

Additionally, a distributed workforce, ranging from remote maintenance technicians to cabin crews, multiplies entry points for social-engineering tactics like phishing. Employee training is paramount as staff awareness can thwart phishing and social-engineering attempts before any significant damage occurs.

Cybersecurity

Malwarebytes

APRIL 24, 2025

Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.

Insurance

Responsible Cyber

NOVEMBER 23, 2024

Industries most affected by these breaches include healthcare, finance, and retail, where sensitive data is routinely shared with vendors for operational efficiency. The healthcare sector has been particularly hard-hit, accounting for over 30% of the total breaches.

Risk

Security Affairs

JULY 26, 2025

The BlackSuit ransomware targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. The BlackSuit actors gain initial access to victim networks through several methods, including Phishing campaigns, Remote Desktop Protocol (RDP) (Used in about 13.3%

Ransomware

SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The attack starts with phishing emails purporting to be a court order or summons from an institution in Colombia’s judicial system.

Energy and Utilities

Security Affairs

DECEMBER 6, 2024

Healthcare company Atrium Health disclosed a data breach that impacted 585,000 individuals. Atrium Health recently disclosed another incident , in April attackers accessed employee email accounts via phishing attacks. The company notified the US Department of Health and Human Services (HHS). added Atrium Health.

Data breaches

IT Security Guru

NOVEMBER 1, 2024

Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information. Bioterrorism, the deliberate spread of viruses, bacteria, or other pathogens, can cripple a nation by overwhelming healthcare systems, creating widespread panic, and causing substantial economic harm.

Technology

The Last Watchdog

DECEMBER 18, 2024

And industries like healthcare face persistent targeting due to their outdated systems and high-value data. Government initiatives and awareness campaigns will educate users on phishing and malware threats.

Cybersecurity

SecureWorld News

APRIL 23, 2025

As the report starkly states: "The three primary ways in which attackers access an organization are stolen credentials, phishing and exploitation of vulnerabilitiesacross every single industry." Phishing accounted for nearly 25% of all breaches. Healthcare: Insider threats and error-related breaches dominate. Speed matters.

CISO

SecureWorld News

NOVEMBER 13, 2024

As of August 2023, it's estimated that around 40 million individuals and more than 2,500 businesses were affected across various sectors, including healthcare, government, finance, and education. However, anyone caught in these breaches could be a target of a phishing attack designed to exploit deeper knowledge of their organization.

Data breaches

SecureWorld News

MAY 16, 2025

The group seems to be comprised of British and American teenagers based upon those arrested so far, but they operate with uncanny stealth and accuracy, defeating mafia-level cybersecurity defenses in many cases," said Richard Staynings , Board Member and International Healthcare Cybersecurity Leader; Teaching Professor, University of Denver.

Retail

SecureWorld News

APRIL 14, 2025

With these insights, security personnel know which attack vectors to watch more closely, how to orchestrate the defenses, and what new phishing and social engineering trends to warn employees about. It helps prioritize risks, organize protection efforts, and allocate resources more flexibly to address the most pressing threats first.

Media

SecureWorld News

JUNE 19, 2025

cybersecurity groups—including the IT‑ISAC and Food & Ag‑ISAC— issued advisories warning that Iranian-affiliated threat actors may retaliate globally, targeting American companies across sectors like energy, finance, healthcare, and logistics. cyber advisories warn of spillover On the same day, major U.S.

Internet

eSecurity Planet

FEBRUARY 24, 2025

healthcare providers and U.K.-based Some members argue over whether to use targeted phishing or mass spam campaigns, while others vent frustrations about leadership. Training employees on phishing awareness , a common ransomware entry point. Their targets have included major U.S. based Capita, among others. Executes attacks.

Ransomware

Webroot

MARCH 3, 2025

Medical identity theft Medical identity theft happens when someone steals or uses your personal information like your name, Social Security number, or Medicare details, to get healthcare in your name. Beware before you share Phishing scams Avoid clicking on malicious links in emails and social media.

Consumer Protection

SecureWorld News

MAY 14, 2025

Top cybercrime categories: Phishing/spoofing: 193,407 complaints Extortion: 86,415 complaints Personal data breaches: 64,882 complaints Cryptocurrency-related scams: Nearly 150,000 complaints involved cryptocurrency, accounting for $9.3 Key findings in the report include: Record-breaking financial losses: Total reported losses reached $16.6

Cybercrime

Malwarebytes

MAY 27, 2025

They often arrive via phishing emails, malicious websites, or bundled with cracked software. The stolen credentials fuel credential stuffing attacks (where an attacker uses reused logins stolen from one service to access another), account takeovers, identity theft, corporate espionage, and targeted phishing campaigns.

Identity Theft

SecureWorld News

JULY 1, 2025

The opening months of 2025 have been sobering for anyone who depends on electricity, water, transport, or healthcare, which is to say, everyone. Generative AI sustains sophisticated, multi-channel social engineering for phishing campaigns to gain access privileges to critical infrastructure. In February, U.S.

Social Engineering

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. This makes it accessible to a worldwide network of criminals.

Data breaches

SecureWorld News

FEBRUARY 4, 2025

Notably, 2024 was unprecedentedly precarious with the second largest in history National Public Data breach and the biggest healthcare data breach to date with the massive attack on Change Healthcare. Cybercrime has been steadily on the rise for the past years. Nearly 3 billion records were stolen in the U.S., Canada, and the U.K.,

Marketing

Security Boulevard

APRIL 15, 2025

What began as a trickle of spammy messages has evolved into a sophisticated and dangerous phishing campaign. The Smishing Triad, an active cybercriminal group, is behind a surge of SMS-based phishing attacks (smishing) targeting organizations across sectorsfrom healthcare to logistics to finance. Their focus?

Healthcare

Security Affairs

JANUARY 19, 2025

CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog Inexperienced actors developed the FunkSec ransomware using AI tools Credit Card Skimmer campaign targets WordPress via database injection Microsoft took legal action against crooks who developed a tool to abuse its AI-based services Pro-Russia hackers (..)

Spyware

SecureList

NOVEMBER 28, 2024

Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails. In this most recent campaign, the actor uses spear-phishing emails, embedding a JavaScript loader as the initial infection vector.

Malware