Hacking, Healthcare and Malware - Cyber Security Informer

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. Change Healthcare now provided an update to the U.S.

Data breaches

Data breaches Healthcare Cybercrime Insurance

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. A report in February 2022 from Sophos found Conti orchestrated a cyberattack against a Canadian healthcare provider in late 2021.

Healthcare

Healthcare Ransomware Cybersecurity Malware

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

The Change Healthcare data breach is worse than initially estimated: approximately 190 million people have been affected. The Change Healthcare data breach is worse than initially estimated, the incident has impacted 190 million people. The incident impacted thousands of pharmacies and healthcare providers.

Healthcare

Healthcare Data breaches Insurance Cybercrime

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

MARCH 14, 2025

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. This particular scam usually starts with a website popup that looks something like this: This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing

Phishing Malware Scams Passwords

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

The Last Watchdog

MARCH 24, 2025

24, 2025, CyberNewswire – – INE Security , a global provider of cybersecurity training and certification, today announced its initiative to spotlight the increasing cyber threats targeting healthcare institutions. Recent reports show healthcare has endured a record wave of cyber breaches. Cary, NC, Mar.

Healthcare

Healthcare Penetration Testing Education Cyber threats

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

The attack disrupted services at several Irish hospitals and resulted in the near complete shutdown of the HSE’s national and local networks, forcing the cancellation of many outpatient clinics and healthcare services. To get up to speed, I interviewed over a dozen of the healthcare security industry’s best and brightest minds.

Healthcare

Healthcare Ransomware Antivirus Hacking

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data. Ransomware attacks on U.S.

Hacking

Hacking Healthcare Backups Ransomware

Malware Infected Medical Equipment Shows Fake Tumors

Adam Levin

APRIL 9, 2019

Israeli cybersecurity researchers have created malware capable of showing fake cancerous growths on CT and MRI scans. The malware, called CT-GAN, served as a proof of concept to show the potential for hacking medical devices with fake medical news that was convincing enough to fool medical technicians.

Malware

Malware Healthcare Technology Ransomware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware)

Ransomware

Ransomware Hacking Social Engineering VPN

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. and New Jersey, as well as organizations in the healthcare and other sectors nationwide. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware

Ransomware Healthcare Hacking Malware

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Related: High-profile healthcare hacks in 2021. A cyber catastrophe may seem inevitable, but there are basic practices and actionable steps any healthcare organization can take to begin reducing the clear and present risk of being impacted by a cybersecurity event.

Healthcare

Healthcare Cyber Attacks Education Social Engineering

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime

Cybercrime Ransomware Healthcare Education

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

MARCH 10, 2025

Moonstone Sleet threat actors target financial and cyberespionage victims using trojanized software, custom malware, malicious games, and fake companies like StarGlow Ventures and C.C. The APT group has also spread malware via a fraudulent tank game (DeTankWar) and engaged in ransomware attacks using FakePenny.

Ransomware

Ransomware VPN Healthcare Malware

Memorial Hospital and Manor suffered a ransomware attack

Security Affairs

NOVEMBER 6, 2024

Memorial Hospital and Manor is a community hospital and healthcare facility that serves Decatur County and surrounding areas in southwest Georgia. It offers a range of healthcare services, including emergency care, inpatient and outpatient services, surgical care, and specialized medical services. Ransomware attacks on U.S.

Ransomware

Ransomware Healthcare Antivirus Data breaches

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

The Last Watchdog

DECEMBER 20, 2021

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Malware

Malware Phishing Technology Ransomware

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. The malware stole data and encrypted files to block remediation attempts.

Firewall

Firewall Hacking Malware Passwords

No company too small for Phobos ransomware gang, indictment reveals

Malwarebytes

DECEMBER 2, 2024

The government’s indictment against Ptitsyn should dispel any notion that ransomware gangs only target the largest, richest, most robust corporations on the planet, as one Phobos affiliate allegedly extorted a Maryland-based healthcare provider out of just $2,300—possibly the lowest payment ever recorded. Create offsite, offline backups.

Ransomware

Ransomware Backups Small Business Malware

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

Security Affairs

JULY 7, 2022

US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Government

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. hospitals and healthcare providers. hospitals and healthcare providers. SecurityAffairs – hacking, ransomware). ” reads the alert. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Cybercrime Advertising

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Attacks Aimed at Disrupting the Trickbot Botnet

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Ransomware

Ransomware Malware Healthcare Internet

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. Image: Microsoft.

Hacking

Hacking Cybercrime Ransomware Government

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.” reads the CSA.

Ransomware

Ransomware Telecommunications Healthcare Insurance

Healthcare provider Ardent Health Services disclosed a ransomware attack

Security Affairs

NOVEMBER 28, 2023

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. The healthcare provider disclosed that it has suffered a ransomware attack on November 23. .”

Healthcare

Healthcare Ransomware Technology Internet

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

MAY 13, 2020

The unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6 that impersonated a Magellan client,” The healthcare giant reported the incident to the US authorities and retained experts from cybersecurity firm Mandiant to help with the investigation into the cyber attack. Pierluigi Paganini.

Data breaches

Data breaches Healthcare Ransomware Identity Theft

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Meanwhile, ransomware attacks on healthcare providers will persist, targeting outdated systems and jeopardizing patient care, emphasizing the need for stronger defenses to protect critical services. The drivers are intensifying.

Cyber threats

Cyber threats CISO IoT Phishing

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. healthcare sector. The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors.

Healthcare

Healthcare Ransomware Cybercrime Manufacturing

Healthcare – Patient or Perpetrator? – The Cybercriminals Within

Security Affairs

NOVEMBER 8, 2021

The healthcare industry might be known for the work it does to treat patients. With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover, the healthcare industry collects unique data, known as Protected Health Information (PHI), which is extremely valuable.

Healthcare

Healthcare Identity Theft Digital transformation Data collection

Does Your Organization Have a Security.txt File?

Krebs on Security

SEPTEMBER 20, 2021

It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Having a security.txt file can make it easier for organizations to respond to active security threats. ” GET READY TO BE DELUGED.

Retail

Retail Healthcare Internet Internet

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital is a not-for-profit community healthcare facility located in Newburyport, Massachusetts. On January 19, the Money Messageransomware gang added the healthcare organization to its Tor leak site claiming the theft of 600GB of sensitive data, including PII and diagnoses.

Data breaches

Data breaches Insurance Healthcare Ransomware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware

Ransomware Hacking Encryption Penetration Testing

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” healthcare organizations. Last month, the U.S. “The Venus group has problems getting paid,” Holden said. “They are targeting a lot of U.S.

Healthcare

Healthcare Backups Ransomware Insurance

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries, including aerospace, healthcare and hospitality. Image: Mandiant.

Malware

Malware Software Technology Accountability

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Hacking Malware Encryption

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini

Malware

Malware IoT Healthcare Cryptocurrency

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

The malware then disables default protections to prevent accidental encryption and uses the ‘-UsedSpaceOnly’ flag for faster encryption of only occupied disk space. Bitdefender observed an attack on a healthcare organization, where threat actors encrypted Windows 10, Windows 11, and Windows Server devices, including backups.

Ransomware

Ransomware Encryption Passwords Backups

Gootkit Loader campaign targets Australian Healthcare Industry

Security Affairs

JANUARY 11, 2023

Threat actors are targeting organizations in the Australian healthcare sector with the Gootkit malware loader. Trend Micro researchers warn that Gootkit Loader is actively targeting the Australian healthcare industry. Threat actors also used healthcare providers across Australia. SecurityAffairs – hacking, malware).

Healthcare

Healthcare Media Malware Hacking

Malware news trending on Google

CyberSecurity Insiders

FEBRUARY 2, 2022

The first news that is related to malicious software and is trending heavily on Google is related to SolarMarker malware that can steal credentials and act as a backdoor for other cyber attacks. Third is the news related to 2FA Authenticator that is seen distributing malware. In practical, the said application is working as promoted.

Malware

Malware Cryptocurrency Authentication Healthcare

US HHS warns healthcare orgs of Royal Ransomware attacks

Security Affairs

DECEMBER 10, 2022

The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The Health and Human Services (HHS) is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. The malware changes the extension of the encrypted files to ‘.royal’. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Encryption Malware

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. This alert aims at organizations in the healthcare sector because ALPHV Blackcat affiliates have been observed primarily targeting this sector.

Healthcare

Healthcare Ransomware Government Insurance

A New Ransomware Was Linked to FIN8 Hacking Group

Heimadal Security

JANUARY 19, 2022

FIN8 is a financially motivated malicious actor who has been observed attacking financial institutions for numerous years, notably by deploying POS malware capable of stealing credit card information. The post A New Ransomware Was Linked to FIN8 Hacking Group appeared first on Heimdal Security Blog.

Hacking

Hacking Ransomware Healthcare Phishing

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

The threat actors exploited vulnerabilities in networking devices used by businesses to gain a foothold by installing custom malware. Sophos researchers speculate the attack was part of an intelligence-gathering campaign aimed at developing malware for network devices.

Firmware

Firmware Government Firewall Malware

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Security Affairs

NOVEMBER 18, 2024

The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Insurance Encryption Healthcare

Change Healthcare data breach impacted over 100 million people

Conti’s Ransomware Toll on the Healthcare Industry

Trending Sources

Change Healthcare data breach exposed the private data of over half the U.S.

ClickFix: How to Infect Your PC in Three Easy Steps

News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches

Inside Ireland’s Public Healthcare Ransomware Scare

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Malware Infected Medical Equipment Shows Fake Tumors

Cloak ransomware group hacked the Virginia Attorney General’s Office

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Russian Phobos ransomware operator faces cybercrime charges

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Memorial Hospital and Manor suffered a ransomware attack

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

Chinese national charged for hacking thousands of Sophos firewalls

No company too small for Phobos ransomware gang, indictment reveals

North Korea-linked APTs use Maui Ransomware to target the Healthcare industry

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Attacks Aimed at Disrupting the Trickbot Botnet

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Black Basta ransomware gang hit BT Group

Healthcare provider Ardent Health Services disclosed a ransomware attack

Healthcare giant Magellan Health discloses data breach after ransomware attack

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Healthcare – Patient or Perpetrator? – The Cybercriminals Within

Does Your Organization Have a Security.txt File?

2023 Anna Jaques Hospital data breach impacted over 310,000 people

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

New Ransom Payment Schemes Target Executives, Telemedicine

Carbanak malware returned in ransomware attacks

3CX Breach Was a Double Supply Chain Compromise

Cuba ransomware gang hacked 49 US critical infrastructure organizations

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12

Bitdefender released a decryptor for the ShrinkLocker ransomware

Gootkit Loader campaign targets Australian Healthcare Industry

Malware news trending on Google

US HHS warns healthcare orgs of Royal Ransomware attacks

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

A New Ransomware Was Linked to FIN8 Hacking Group

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Stay Connected