Elizabeth Hernandez

Photo of author
Elizabeth Hernandez is a news writer on Defensorum. Elizabeth is an experienced journalist who has worked on many publications for several years. Elizabeth writers about compliance and the related areas of IT security breaches. Elizabeth's has focus on data privacy and secure handling of personal information. Elizabeth has a postgraduate degree in journalism. Elizabeth Hernandez is the editor of HIPAAZone. https://twitter.com/ElizabethHzone
UMC Health System Ransomware Attack

UMC Health System Hit by Ransomware Attack

In late September 2024, the UMC Health System in Lubbock, Texas, suffered a ransomware attack that greatly affected its IT infrastructure. The attack forced the health system to divert ambulances and patients to other hospitals as its systems were offline. … Read more

Linux CUPS Printing System Expose Network Risks

Vulnerabilities in Linux CUPS Printing System Expose Network Risks

Linux systems have recently come under threat due to a set of Remote Code Execution (RCE) vulnerabilities identified in the Common Unix Printing System (CUPS). These vulnerabilities, classified as severe, have the potential to enable unauthorized attackers to run arbitrary … Read more

Minimum Cybersecurity Standards Proposed in Healthcare Bill

A new bill known as the “Health Infrastructure Security and Accountability Act of 2024,” has been introduced to the U.S. Senate to strengthen cybersecurity standards for healthcare information systems. This legislative proposal aims to implement strict security protocols across the … Read more

Ransomware Attacks Hybrid Cloud Security

Storm-0501 Threatens Hybrid Cloud Security with Ransomware Attacks

The financially motivated cybercriminal group known as Storm-0501 is targeting U.S. industries, including government, manufacturing, transportation, and law enforcement, through ransomware attacks on hybrid cloud environments. Microsoft has detailed how this group’s multi-stage attack campaigns compromise on-premises systems, steal credentials, … Read more

Chinese Cyber Threats to US Infrastructure

New Bill Tackles Chinese Cyber Threats to US Infrastructure

The U.S. House Homeland Security Committee has introduced new legislation aimed at strengthening the nation’s cybersecurity defences against threats from China. This bill establishes an interagency task force to assess the risks by state-sponsored cyber actors, including groups like Volt … Read more

Lessons from Suffolk County’s Ransomware Attack

In September 2022, Suffolk County, New York, became the victim of a ransomware attack carried out by the AlphV/BlackCat group. This incident crippled government services for months, disrupted emergency operations, and cost the county over $25 million in remediation. A … Read more

Change Healthcare Data Breach Latest Update

In February 2024, Change Healthcare suffered a ransomware attack that exposed sensitive personal and medical data. This breach affected millions of Americans, potentially impacting up to one-third of the U.S. population. By mid-July 2024, Change Healthcare began sending notification letters … Read more

NISTs New Guidelines for Digital Identity Security

The National Institute of Standards and Technology (NIST) has released the second public draft of its updated Digital Identity Guidelines, aiming to improve the way people verify their identity online. The updated guidance focuses on both traditional identification methods, such … Read more

OCR Issue Advice on Importance of Facility Access Controls in Latest Cybersecurity Newsletter

The Office for Civil Rights (OCR) has issued a reminder to all HIPAA-regulated entities through its latest cybersecurity newsletter. Facility Access Controls are not a formality, they are a necessary aspect in securing electronic protected health information (ePHI). As cyber … Read more

The Hidden Security Threat in Contactless Key Cards

A security flaw has been discovered in millions of contactless key cards used worldwide for office and hotel access. French cybersecurity firm Quarkslab has identified a hardware backdoor in chips manufactured by Shanghai Fudan Microelectronics Group, a leading supplier of … Read more

Flawed NetSuite Setup Leaves Customer Data Exposed

Thousands of Oracle NetSuite SuiteCommerce sites have been found vulnerable to exposing sensitive customer data due to misconfigured access controls on Custom Record Types (CRTs). This issue emanates from user misconfigurations rather than a flaw in NetSuite, potentially exposing personal … Read more

Global Disruption from CrowdStrike Falcon Sensor Update

An incident involving CrowdStrike’s Falcon Sensor software recently led to a global crash of millions of Windows devices. The root cause analysis conducted by CrowdStrike traces the issue back to a problematic content update, pointing to the requirement of testing … Read more

Understanding HIPAA Training Requirements

Understanding HIPAA Training Requirements The Health Insurance Portability and Accountability Act (HIPAA) training requirements ensure that healthcare organizations and their business associates comply with the regulations designed to protect the privacy and security of Protected Health Information (PHI). Familiarizing yourself … Read more

MOVEit Hack Impacts Delta Dental of California and Pan-American Life Insurance Group

MOVEit Hack Impacts 7 Million People from Delta Dental of California Delta Dental of California reported that it suffered from a mass exploitation conducted by the Clop hacking group of a zero-day vulnerability identified in the MOVEit Transfer solution by … Read more

Unauthorized Use of Software and Cloud Services is a Major Security Risk

Many businesses concentrate on technical measures to protect them against cyberattacks. They invest in firewalls, multifactor authentication, advanced email security solutions, and web filters to block attacks at source, yet often neglect the human factor and do not provide adequate … Read more

Malvertising Campaign Leads to Cactus Ransomware Attack

There are many ways that cybercriminals gain access to business networks, including phishing attacks and exploiting unpatched vulnerabilities. Many businesses now provide security awareness training to employees to improve phishing awareness, but it is also important to teach the workforce … Read more

Email Sextortion Scams are on the Rise

Email is commonly used by threat actors for initial contact with victims and while most attacks attempt to steal credentials or distribute malware distribution, another type of scam has been steadily increasing. Sextortion scams have increased by 178% year over … Read more

Cybercriminals Turn to Web Browsing to Deliver Ransomware

Ransomware attacks have increased significantly in 2023 and the file encrypting malware is now used in around 20% of cyberattacks. Ransomware is used to encrypt business-critical files to prevent access, and a ransom demand is issued for the keys to … Read more

Search Engine Ads Abused to Gain Initial Access to Business Networks

Employees are being targeted in a new malvertising campaign that uses Google and Bing Ads offering a variety of trojanized installers for software solutions such as AnyDesk, Cisco AnyConnect VPN, and WinSCP. These campaigns deliver malware that establishes initial access … Read more

Malicious Ads and Phishing Emails Used to Distribute RomCom Malware

RomCom malware is being distributed via a range of websites that claim to offer downloads of popular software solutions such as AstraChat, GIMP, Go To Meeting, and ChatGPT, and traffic is being sent to those websites by malicious Google Ads … Read more

Threat Actors Increasingly Using Google Ads for Malware Distribution

Malicious actors are abusing Google Ads to drive traffic to malicious websites where malware is downloaded, and abuse of Google Ads for malware distribution is increasing. Google places its Ad blocks at the top of the page, so the adverts … Read more

Major Phishing Campaign Targets Facebook Credentials

While many phishing scams target Microsoft 365 credentials due to the usefulness of the accounts and the data they hold, social media credentials are also highly prized. If a phisher is able to steal Facebook credentials, they can gain access … Read more

Increase in Adversary-in-the-Middle Phishing Attacks That Allow MFA to be Bypassed

Security experts have long recommended that multi-factor authentication be implemented to protect against phishing attacks and for good reason. Single-factor authentication – a password – provides a degree of protection against unauthorized account access; however, with modern GPUs, it is … Read more

Cybercriminals Turn to Malvertising for Malware Distribution Now Microsoft Blocks Macros

Now that Microsoft has started blocking macros in Office documents delivered via the Internet, distributing malware via email has become more difficult and hackers have been forced to change their tactics, techniques, and procedures. This has been seen in phishing … Read more

2022 Phishing Trends and the Outlook for 2023

Several new phishing trends were evident in 2022 as cybercriminals changed their tactics for stealing credentials and distributing malware. The same tried and tested techniques were used in many phishing campaigns, including delivery failure notifications, fictitious charges to accounts, security … Read more

Relatively Simple Smishing Attack Compromised 130 Organizations

Phishing can take many forms and while email phishing is by far the most common way that threat actors phish for sensitive information and distribute malware, other forms of phishing are increasingly being used in attacks on businesses. Cybercriminals are … Read more

Tardigrade Malware Used in Targeted Attacks on Vaccine Manufacturers and Biomedical Firms

Biomedical firms and their partners are being targeted by an Advanced Persistent Threat (APT) actor in a campaign that delivers Tardigrade malware. Initial analyses of Tardigrade malware suggest it is a sophisticated threat from the SmokeLoader malware family. SmokeLoader is … Read more

SharkBot: A Dangerous New Android Banking Trojan Targeting European and US Banks

A new Android banking Trojan named SharkBot has been identified that has capabilities that go beyond most mobile banking Trojans. This new Android malware stands out due to its use of an Automatic Transfer System (ATS) technique that allows it … Read more

Rockingham School District Emotet Malware Infection Cost $314,000 to Address

In November 2018 the Rockingham school district in North Carolina suffered an Emotet malware infection that cost a massive $314,000 to resolve. The malware was delivered using spam emails, which were sent to multiple users’ inboxes. The attack included an often-used … Read more

Two New Ransomware-as-a-Service Operations Emerge: BlackMatter and Haron

Following the ransomware attacks on critical infrastructure in the United States, several ransomware-as-a-service operations went quiet. The attacks attracted a lot of heat for ransomware gangs and several groups responded by either implementing new restrictions on the types of entities … Read more

Safari Scareware Targets Porn Viewers

A flaw in the mobile Safari browser has been targeted by cybercriminals and used to extort money from people who have previously used their mobile device to access pornography or other illegal content. The Safari scareware stops the user from … Read more

Ransomware Mitigations to Protect Your Business

It has been a particularly bad year for ransomware attacks on businesses. Many of the attacked businesses have been unprepared for a ransomware attack and did not implement sufficient ransomware mitigations. Had proactive steps been taken, many of the attacks … Read more

Warnings Issued Following Spike in Ransomware Attacks on Schools

The disruption to learning from a pandemic that has lasted more than a year is bad enough, but many schools have experienced even more disruption just as many have opened their gates and allowed students back into classrooms.  The SARS-CoV-2 … Read more

Gootloader Malware Delivery Framework Uses SEO Poisoning to Deliver Multiple Malware Variants

There has been an increase in the use of a JavaScript-based infection framework known as Gootloader for delivering malware payloads. Gootloader, as the name suggests, has been used to deliver the Gootkit banking Trojan, but also REvil ransomware, Cobalt Strike, … Read more

U.S. Treasury Hit by Email Hacks

Compromised email accounts take place many times around the world every day of the week and it is estimated that 2.5 billion accounts were hacked during 2019 which equates to 6.85 million accounts being hacked every day. Cybercriminals are always … Read more

Vulnerability in VMWare Virtual Workspaces Attacked by Russian State-Sponsored CyberCriminals

The U.S. National Security Agency (NSA) has released a cybersecurity advisory alert informing the public that Russian state-sponsored hackers are focusing on a flaw in VMWare virtual workspaces used to support remote working. The flaw, labelled as CVE-2020-4006, is present … Read more

APT32 and TA416 APT Groups Delivering New MacOS and Windows Malware Variants

The Advanced Persistent Threat (APT) group APT32 – aka OceanLotus – is conducting a malware campaign targeting Apple MacOS users. APT32 is a nation-state hacking group that primarily targets foreign companies operating in Vietnam. The data exfiltrated by the hackers … Read more

IRS Phishing Spoof Involving Request for Outstanding Tax Payment Discovered

A recent phishing campaign has been discovered that deceived the US Internal Revenue Service (IRS) and tells recipients that their are facing immediate legal action to take back a huge tax repayment. These emails are expertly written and demand immediate … Read more

Best Practices for Managed Services Providers to Adopt to Prevent Cyberattacks

Managed Service Providers are an attractive target for cybercriminals. If a threat actor succeeds in gaining access to an MSP’s network, they can use the same remote management tools that MSPs use to conduct attacks on the MSPs clients. Many … Read more

500k PCs Infected with Cryptocurrency Mining Malware in 12 Hours by Dofoil Trojan

A huge campaign distributing the Dofoil Trojan has been discovered by Microsoft. The campaign has already witnessed almost half a million PCs infected with the malware in less than 12 hours. The Dofoil Trojan is otherwise referred to as Smoke … Read more

Cybersecurity Challenges for Remote Working

It is fair to say that more people are now working from home than ever before and the number is growing rapidly due to the coronavirus pandemic. Here we explore some of the key cybersecurity challenges for remote working and … Read more

How to Prevent a Man in the Middle Attack

You will no doubt have heard of a man in the middle (MiTM) attack. Here we define this attack method, explain how a MiTM attack occurs, and show you how to prevent a man in the middle attack and keep … Read more

Tips to Avoid Holiday Season Spam Email Campaigns

In the rush to buy Christmas gifts online, security awareness often is disregarded and hackers are waiting to take advantage. Hidden among the countless emails sent by retailers to inform past customers of the most recent special offers and deals … Read more

Spam Campaigns Delivering Marap and Loki Bot Malware with ICO and IQY Files

A spam email campaign is being conducted focusing on targeting corporate email accounts to share Loki Bot malware. Loki Bot malware is a data stealer capable of obtaining passwords stored in browsers, obtaining email account passwords, FTP client logins, cryptocurrency … Read more

Email Spam and Botnet Infection Levels Quantified

Although many reports seem to indicate that email spam is dropping, email spam and botnet infection is still a major danger for most U.S organizations and people – with criminal practices netting hacking gangs billions of dollars every year. Estimating … Read more

Threat of Exposure & Multiple Malware Infections being Combined with Sextortion Scams

Sextortion scams have proven popular with hackers in 2019. A well-composed email and an email list are all that is necessary. The latter can easily be bought for next to nothing via darknet marketplaces and hacking forums. Next to no … Read more

Anatova Ransomware: A Serious New Malware Threat for 2019

Anatova ransomware is a new cryptoransomware variant that appears to have been released on January 1, 2019. It is stealthy, can infect network shares, has already been used in attacks in many countries around the world. It could well prove … Read more

How Small Businesses Can Improve Wi-Fi Security

Hackers are taking advantage of poor Wi-Fi security to attack small businesses. This post covers simple steps to take to improve Wi-Fi security to block cyberattacks. Small businesses can implement a robust firewall to protect against cyberattacks, but the Wi-Fi … Read more

10 Cybersecurity Tips for Small Businesses

Hackers are increasingly targeting small businesses. These 10 cybersecurity tips for small businesses can be implemented to improve security, prevent successful cyberattacks, and avoid costly data breaches. Many small business owners misguidedly think that their company is too small to … Read more

Mongolock Ransomware Deletes Files and Demands Ransom

A new form of MongoLock ransomware is actively being used in a global campaign. A 0.1 BTC ransom is demanded, although file recovery may not be possible. The ransomware immediately deletes files and formats backup drives and a recoverable copy … Read more