Security Affairs

JULY 7, 2022

US authorities have issued a joint advisory warning of North Korea-linked APTs using Maui ransomware in attacks against the Healthcare sector. Treasury Department issued a joint advisory that warn of North-Korea-linked threat actors using Maui ransomware in attacks aimed at organizations in the Healthcare sector. Pierluigi Paganini.

Healthcare 139

Healthcare Ransomware Encryption Government 139

CyberSecurity Insiders

MAY 4, 2023

The Crown Princess Mary Cancer Center is the healthcare facility that is in discussion and federal government agencies are trying to contain the incident on the servers of the facility, which is part of the Sydney West Cancer Network. The post Information Security News headlines trending on Google appeared first on Cybersecurity Insiders.

Information Security 99

Information Security Healthcare Social Engineering Ransomware 99

Security Affairs

NOVEMBER 28, 2023

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. The healthcare provider disclosed that it has suffered a ransomware attack on November 23. .”

Healthcare 131

Healthcare Ransomware Technology Internet 131

Security Affairs

MARCH 21, 2020

Orange Cyberdefense’s Epidemiology Lab has published a report on cyberattacks targeting the healthcare sector. While COVID-19 infections around the world are exploding, cyber threat actors are trying to capitalise on this global health crisis by creating malwares or launching attacks with a COVID-19 theme. Read the report here.

Healthcare 131

Healthcare Advertising Cyber threats Cybercrime 131

Security Affairs

NOVEMBER 8, 2021

The healthcare industry might be known for the work it does to treat patients. With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover, the healthcare industry collects unique data, known as Protected Health Information (PHI), which is extremely valuable.

Healthcare 118

Healthcare Identity Theft Digital transformation Data collection 118

Security Affairs

JUNE 24, 2020

In the attacks observed by Symantec, the REvil ransomware operators used the Cobalt Strike penetration testing toolkit to deploy their malware. The attack was successful in three cases against companies from the services, food, and healthcare industry sectors. ” reads the analysis published by Symantec. Pierluigi Paganini.

Healthcare 131

Healthcare Ransomware Penetration Testing Advertising 131

Krebs on Security

NOVEMBER 7, 2019

Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes. Or how many hospitals and practices experienced delays in getting test results back needed to make critical healthcare decisions.

Data breaches 275

Data breaches Healthcare Ransomware Cyber threats 275

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini

Malware 124

Malware IoT Healthcare Cryptocurrency 124

Security Affairs

NOVEMBER 19, 2024

Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries, including aerospace, healthcare and hospitality. Image: Mandiant.

Malware 328

Malware Software Technology Accountability 328

Security Affairs

DECEMBER 4, 2024

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. reads the CSA.

Ransomware 124

Ransomware Telecommunications Healthcare Insurance 124

Security Affairs

JANUARY 11, 2023

Threat actors are targeting organizations in the Australian healthcare sector with the Gootkit malware loader. Trend Micro researchers warn that Gootkit Loader is actively targeting the Australian healthcare industry. Threat actors also used healthcare providers across Australia. SecurityAffairs – hacking, malware).

Healthcare 98

Healthcare Media Malware Hacking 98

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 136

Malware Ransomware Banking Healthcare 136

Security Affairs

DECEMBER 10, 2022

The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The Health and Human Services (HHS) is aware of attacks against the Healthcare and Public Healthcare (HPH) sector. The malware changes the extension of the encrypted files to ‘.royal’. Pierluigi Paganini.

Healthcare 103

Healthcare Ransomware Encryption Malware 103

Krebs on Security

MARCH 1, 2022

National Security Agency (NSA) began a weeks-long operation in which it seized control over the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. Conti is one of several cybercrime groups that has regularly used Trickbot to deploy malware. 428 hospitals.”

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Security Affairs

AUGUST 27, 2020

REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. Healthcare organizations are a privileged target of hackers due to the sensitive data they manage. The organization operates over 40 healthcare facilities with over 400 employees working across all their centers. .

Healthcare 120

Healthcare Ransomware Advertising Cyber Risk 120

Security Affairs

FEBRUARY 28, 2024

healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. This alert aims at organizations in the healthcare sector because ALPHV Blackcat affiliates have been observed primarily targeting this sector.

Healthcare 135

Healthcare Ransomware Government Insurance 135

Security Affairs

DECEMBER 8, 2024

The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients. Anna Jaques Hospital is a not-for-profit community healthcare facility located in Newburyport, Massachusetts. On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital.

Data breaches 115

Data breaches Insurance Healthcare Ransomware 115

Security Affairs

NOVEMBER 2, 2024

The threat actors exploited vulnerabilities in networking devices used by businesses to gain a foothold by installing custom malware. Sophos researchers speculate the attack was part of an intelligence-gathering campaign aimed at developing malware for network devices.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

SEPTEMBER 15, 2022

The FBI has issued an alert about threat actors targeting healthcare payment processors in an attempt to hijack the payments. The Federal Bureau of Investigation (FBI) has issued an alert about cyber attacks against healthcare payment processors to redirect victim payments. million payments. ” reads the alert.

Healthcare 98

Healthcare Social Engineering Accountability Passwords 98

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 115

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 115

Security Affairs

NOVEMBER 13, 2024

The malware then disables default protections to prevent accidental encryption and uses the ‘-UsedSpaceOnly’ flag for faster encryption of only occupied disk space. Bitdefender observed an attack on a healthcare organization, where threat actors encrypted Windows 10, Windows 11, and Windows Server devices, including backups.

Ransomware 121

Ransomware Encryption Passwords Backups 121

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. In August 2020, Guardicore Labs researchers published a detailed analysis of the threat, at the time the malware infected over 500 servers in the U.S. ” reads the report published by Akamai.

Education 102

Education Healthcare Government Malware 102

Security Affairs

JANUARY 31, 2023

The Pro-Russia group Killnet is launching a series of DDoS attacks against the websites of US healthcare organizations and hospitals. The Pro-Russia group Killnet launched a series of DDoS attacks against US healthcare organizations and hospitals. In the last week, the pro-Russia group intensified its activity.

Healthcare 98

Healthcare DDOS Cyber Attacks Banking 98

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Only use secure networks and avoid using public Wi-Fi networks.

Healthcare 130

Healthcare Ransomware Encryption Passwords 130

Security Affairs

DECEMBER 27, 2023

St Vincent’s Health Australia, the largest Australian healthcare provider, suffered a data breach after a cyber attack. St Vincent’s Health Australia is the largest non-profit healthcare provider in the country, The healthcare system was hit by a cyberattack that resulted in a data breach.

Healthcare 105

Healthcare Data breaches Government Cyber Attacks 105

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing 145

Phishing Malware Government Small Business 145

Security Affairs

MARCH 12, 2025

“The botnet exploits this vulnerability by injecting a payload that downloads and executes a cleartext shell dropper named dropbpb.sh, responsible for downloading the malware binaries and executing them on the compromised device.” 70) via HTTP on port 81. It processes encrypted data over a RAW socket, limiting further analysis.

IoT 72

IoT Malware Encryption DDOS 72

Security Affairs

DECEMBER 21, 2024

Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy on June 20 for his role in the NetWalker ransomware attacks against organizations worldwide, including healthcare during COVID-19. The man admitted to extorting 1,595 bitcoin (~$21.5M) in ransom payments. ” reads the press release published by DoJ.

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

Security Affairs

DECEMBER 12, 2023

Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang -based malware families. Two of these malware strains are remote access trojans (RATs), respectively tracked as NineRAT and “DLRAT” The former relies on Telegram bots and channels for C2 communications.

Malware 129

Malware Data collection Manufacturing Healthcare 129

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families which is greater than 500 (41%).

Malware 128

Malware Cyber threats Advertising Telecommunications 128

Security Affairs

NOVEMBER 18, 2024

The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The experts believe that the attackers also copied some of those files.

Ransomware 123

Ransomware Insurance Encryption Healthcare 123

Malwarebytes

FEBRUARY 22, 2023

In December, 2022, the Office of Information Security and Health Sector Cybersecurity Coordination Center issued an extensive Analyst Note which identified BlackCat as a "relatively new but highly-capable" ransomware threat to health care providers. million in previous cybersecurity attacks against the healthcare sector.

Healthcare 97

Healthcare Ransomware Backups DDOS 97

CyberSecurity Insiders

JANUARY 14, 2022

“Information security analyst” tops the U.S. The list ranks the 100 best jobs across 17 sectors including business, healthcare and technology, taking into account factors such as growth potential, salary and work-life balance. News & World Report 2022 Best Jobs list. Tough Contenders.

Cybersecurity 142

Cybersecurity Healthcare Information Security CISO 142

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” . “Cloak primarily targets small to medium-sized businesses in Europe, with Germany as a key focus. ” reads a report published by Halcyon.

Ransomware 101

Ransomware Hacking Social Engineering VPN 101

Security Affairs

JULY 29, 2020

Billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue, dubbed BootHole, that can be exploited to install a stealthy malware. According to researchers from the firmware security firm Eclypsium, which discovered the issue, the BootHole flaw affects any operating system that uses GRUB2 with Secure Boot.

Malware 124

Malware Advertising Firmware Healthcare 124

Security Affairs

MARCH 23, 2025

The researchers observed overlaps that include Crowdoor Loader and SparrowDoor malware. UAT-5918 mainly targets Taiwan’s telecom, healthcare, IT, and critical infrastructure sectors. The researchers noticed that tools are usually downloaded as archives and extracted before execution.

Backups 67

Backups Healthcare Accountability Malware 67