Date Reported: 2024-04-16 Country: France (FRA) Victim: Hôpital Simone Veil | Simone Veil Hospital | ch-cannes.fr Additional Information:
The Simone Veil Hospital in Cannes experienced a computer blackout since Tuesday,…Tag: HOSPITAL
Summary: Global law firm Orrick Herrington & Sutcliffe has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm after a cyberattack compromised …
Update as of April 15:
The Blackjack hacker group reached out to Team82 following publication of this blog with some updates, in particular around Team82’s contention—based on our initial research …
ESET researchers have discovered an active espionage campaign targeting Android users with apps primarily posing as messaging services. While these apps offer functional services as bait, they are bundled with …
Victim: Paducah Dermatology Country : US Actor: medusa Source: http://medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onion/detail?id=53474aff274038ebe3af8d31ca13b88b Discovered: 2024-04-08 08:39:00.870218
Description: Paducah Dermatology is a hospital & health care company. Paducah Dermatology corporate office is located in …
Date Reported: 2024-03-31 Country: USA Victim: NorthBay VacaValley Hospital | northbay.org Additional Information:
The NorthBay VacaValley Hospital in Vacaville had to turn away patients due to a cyberattack that caused…____________________ Summary : The federal government is proposing financial incentives and penalties to encourage the health sector to improve cybersecurity, but industry groups are divided on the effectiveness of this …
Article Summary: 🔹 The American Hospital Association is advocating for Change Healthcare to be solely responsible for notifying patients in the event of a breach. 🔹 HHS OCR is investigating …
Federal authorities are warning healthcare sector entities about email bomb attacks, which can overwhelm inboxes and servers. (Image: Getty)
Read More
Imagine a hospital’s email system suddenly filled with thousands of spam …
Whether you want to call them “catfishing,” “pig butchering” or just good ‘old-fashioned “social engineering,” romance scams have been around forever.
I was first introduced to them through the …
Healthcare , HIPAA/HITECH , Industry Specific
Facing AHA Lawsuit, HHS Tempers 2022 Warning About Tracking IP Addresses, Other PHI Marianne Kolbasuk McGee (HealthInfoSec) • March 19, 2024
HHS…NHS Dumfries and Galloway, part of the Scottish healthcare system, announced on Friday it was the target “of a focused and ongoing cyber attack.”
The nature of the incident has …
The cyberattack’s widespread destruction underscores how threat actors can do significant damage by targeting a relatively unknown vendor that serves a vital operational function behind the scenes.
The AlphV ransomware…
Read More
Authored by ZePeng Chen and Wenfeng Yu
McAfee Mobile Research Team has observed an active scam malware campaign targeting Android users in India. This malware has gone through three stages. …
PRESS RELEASE
NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ —Claroty, the cyber-physical systems (CPS) protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning …
PRESS RELEASE
NEW YORK and ORLANDO, Fla. — March 12, 2024 — Claroty, the cyber-physical systems (CPS) protection company, today announced at the annual HIMSS24 conference the release of the…
The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the …
Healthcare has long been a primary target for ransomware attacks. This is not changing and is not likely to change. Claroty/Team82’s State of CPS Security – Healthcare 2023 discusses the …
In a recent cybersecurity incident, UnitedHealth Group revealed that its tech unit, Change Healthcare, fell victim to a cyberattack orchestrated by the infamous ransomware gang, Blackcat. The attack, which disrupted…
Read More
Optum’s Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system.
United …
Nation-state cyber threat groups are once again turning to USBs to compromise highly guarded government organizations and critical infrastructure facilities.
Having fallen out of fashion for some time, and certainly …
Change Healthcare breach
There is evidence that the ransomware group behind the Change Healthcare breach, which has caused chaos for hospitals and pharmacies attempting to handle prescriptions, may have received …
Minnesota hospitals are facing financial challenges due to a recent cyberattack on a subsidiary of UnitedHealth Group, based in Minnetonka. Patient care and medication availability remain stable, but hospitals are…
Read More
I-Soon’s commercial offering reveals that their main issue is processing collected data, not breaching their targets in the first place. Their products leverage deep learning to help them sort and…
Read More
Originating in the latter part of 2023, this Ransomware-as-a-Service (RaaS) operation has drawn attention due to its technical lineage and operational tactics resembling those of the notorious Hive ransomware group. …
Hospitals around the country are at risk for attacks like the one that is crippling operations at a children’s hospital, and some say the government is doing too little prevent …
In recent months, the Malek Team, a hacker group with alleged links to Iran, has escalated its cyber offensive against key Israeli institutions, marking a significant uptick in digital threats …
This post is also available in: 日本語 (Japanese)
Executive SummaryUnit 42 researchers have been tracking the BianLian ransomware group, which has been in the top 10 of the most …
Authors: Christopher Kim, Randy McEoin
Executive Summary
Read More
While cybercriminals are often portrayed as gangs of hackers or lone brilliant coders, more often they buy and sell goods and services as …
For the latest discoveries in cyber research for the week of 1st January, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) …
Key Takeaways
SolarMarker uses process injection to run the hVNC and data staging payload.
The actors behind SolarMarker primarily utilize .NET for the majority of their payloads, with the notable…
Read More
Estimated reading time: 5 minutes
Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. …
Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. MedusaLocker employs AES and RSA …
The Budworm advanced persistent threat (APT) group continues to actively develop its toolset. Most recently, the Threat Hunter Team in Symantec, part of Broadcom, discovered Budworm using an updated version of one …
Executive Summary
Read More
eSentire, a top global Managed Detection and Response (MDR) security services provider, intercepted and shut down three separate ransomware attacks launched by affiliates of the notorious, Russia-linked LockBit …
In this blogpost, ESET researchers take a look at Spacecolon, a small toolset used to deploy variants of the Scarab ransomware to victims all over the world. It probably finds …
In early 2023, the Check Point Incident Response Team (CPIRT) team investigated a malware incident at a European healthcare institution involving a set of tools mentioned in the Avast report in late…
Read More
By Securonix Threat Labs, Threat Research: D. Iuzvyk, T. Peck, O. Kolesnikov
TL;DRAn unusual attack/phishing campaign delivering malware while using meme-filled code and complex obfuscation methods continues dropping Xworm …
Executive Summary
Read More
On 21st March 2023, EclecticIQ researchers detected a spearphishing email targeting the healthcare industry in Poland. The spoofed email was designed to appear as legitimately sent from …
By Max Kersten · April 13, 2023
The underground intelligence was obtained by N07_4_B07.
Another day, another ransomware-as-a-service (RaaS) provider, or so it seems. We’ve observed the “Read The Manual” …
MedusaLocker ransomware has been active since September 2019. MedusaLocker actors typically gain access to victims’ networks by exploiting vulnerabilities in Remote Desktop Protocol (RDP).
Once Threat Actors (TAs) gain access …
Executive Summary
On January 3, local media reported that a major U.S. city’s housing authority had suffered a ransomware attack. The LockBit ransomware group, which has made false claims in…Written by Jon DiMaggio.
Table of Contents
I gotta story to tell…
The LockBit ransomware gang is one of the most notorious organized cybercrime syndicates that exists today. The gang …
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate …
ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups
cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The results of this research, along with evidence gained …