Cyber Security Threats

Stay informed about the ever-evolving landscape of cyber threats. Explore the latest developments in malware, ransomware, and zero-day vulnerabilities, and learn how to protect your digital assets from these risks.

$950,000 Paid by Heritage Valley Health System to Resolve Alleged HIPAA Violations

The 3-hospital health system has over 50 doctor clinics and numerous community satellite services in eastern Ohio, Pennsylvania, and the panhandle of West Virginia. In 2017, Heritage Valley was impacted by a worldwide malware attack. … Read more

Ransomware Group Exposes 300 Million Patients’ Data

The Qilin ransomware group, believed to be Russian, uploaded to its dark web leak site the information stolen during the attack on Synnovis because of non-payment of the $50 million ransom demand. On June 3, … Read more

Healthcare Cybersecurity Awareness Training Course Launched by ComplianceJunction

ComplianceJunction has created a new training course for healthcare organizations to allow them to raise employee awareness of the common cyber threats that provide hackers with access to healthcare networks and employee, patient, and client … Read more

How to Identify Phishing Emails

Investigations of cyberattacks and data breaches often reveal the initial access vector to be a phishing email. Phishing provides threat actors with a foothold from where they can achieve an organziation-wide compromise, so teaching employees … Read more

Liability for Cyber Incidents

The rapid digitisation of every aspect of our lives has led to an ever-increasing risk of cyber incidents for all types of business. Significant financial losses, disruptions to operations, damage to reputation, and legal consequences … Read more

BreachForums, Major Personal Data Sales Platform, Seized by the FBI

On May 15, 2024, the FBI, in collaboration with international law enforcement agencies, seized the notorious cybercrime forum BreachForums. This action marks a severe blow to a site that has been a major marketplace for … Read more

Rabotnik, a Ukrainian hacker affiliated with REvil Ransomware Group, sentenced to 13 years in prison

On May 1st, a Texas court sentenced Yaroslav Vasinskyi, also known as “Rabotnik,” to over 13 years in prison, marking a significant chapter in the global efforts to dismantle the REvil ransomware group. At just … Read more

LightSpy Malware: An Hidden Threat to iPhone Users

A sophisticated spyware attack has been uncovered, targeting certain iPhones. After Apple issued a warning, cybersecurity experts were able to trace the origins of the LightSpy malware, revealing a highly advanced spyware with potential links … Read more

Unite Here Data Breach And Lurie Children’s Hospital Cyberattack

791,000 People Affected by UNITE HERE Data Breach The labor Union, UNITE HERE, located in New York has 300,000 working individuals all over the United States and Canada. It recently filed a breach report to … Read more

Anonymous Leak Reveals China’s Cyber Operations

Documents purporting to have been stolen from a subcontractor of China’s Ministry of Public Security have been published on GitHub. These commercial documents (whose authenticity, impossible to confirm completely, is nevertheless highly probable, given their … Read more

A Global Offensive Neutralized The LockBit Ransomware Group

The LockBit ransomware group, identified as one of the most prolific cybercriminal organizations, has been neutralized through a coordinated international law enforcement effort. Emerging in 2020, LockBit quickly ascended to infamy by deploying a ransomware-as-a-service … Read more

US Federal Authorities Announced the Takedown of Warzone RAT Malware Service

The US Department of Justice (DoJ) recently announced the takedown of the Warzone RAT malware service as part of a coordinated international response to cybercrime. This malware, known for allowing unauthorized remote access to victims’ … Read more

FBI Targets Chinese KV Botnet in Cybersecurity Crackdown

FBI says a December 2023 court-authorized operation has successfully dismantled the KV Botnet, a network of infected routers controlled by the Chinese hacker group Volt Typhoon. This botnet was a critical tool for Volt Typhoon, … Read more

Patch for Fortra GoAnywhere Critical Vulnerability and Unauthorized Remote Access Using the ScreenConnect Tool

Fortra has announced a critical vulnerability identified in its GoAnywhere Managed File Transfer (MFT) solution and also issued a patch. Vulnerability CVE-2024-0204 is an authentication bypass bug caused by a path traversal weakness. An unauthenticated … Read more

A Cybersecurity Vulnerability in TeamViewer used for Ransomware Attacks

TeamViewer, the world famous remote access tool, has emerged as a significant vulnerability in the cybersecurity landscape. Recent investigations have highlighted its exploitation in deploying ransomware, particularly the notorious LockBit 3.0. These incidents underscore an … Read more

Unauthorized Use of Software and Cloud Services is a Major Security Risk

Many businesses concentrate on technical measures to protect them against cyberattacks. They invest in firewalls, multifactor authentication, advanced email security solutions, and web filters to block attacks at source, yet often neglect the human factor … Read more

Urgent Action Needed on Citrix Bleed Vulnerability as Ransomware Attacks Increase

Ransomware groups are exploiting a critical vulnerability identified in NetScaler ADS (earlier known as Citrix ADC) and NetScaler Gateway (Citrix Gateway) devices, referred to as Citrix Bleed. On October 10, 2023, Citrix released a security … Read more

Advisories on Critical ownCloud Vulnerabilities, Critical FortiSIEM Vulnerability and Emotet Malware Threat

HC3 Alerts HPH Sector Regarding Critical FortiSIEM Vulnerability and Ongoing Emotet Malware Threat The Health Sector Cybersecurity Coordination Center (HC3) has alerted healthcare companies that utilize Fortinet’s FortiSIEM platform to fix a critical vulnerability that … Read more

Malvertising Campaign Leads to Cactus Ransomware Attack

There are many ways that cybercriminals gain access to business networks, including phishing attacks and exploiting unpatched vulnerabilities. Many businesses now provide security awareness training to employees to improve phishing awareness, but it is also … Read more

Sentinel Event Alert and State of External Exposure Management

Joint Commission Issues Guidance on Ensuring Patient Safety After a Cyberattack The Joint Commission has published a Sentinel Event Alert offering guidance on keeping patient safety after a cyberattack. There has been an increase in … Read more

Email Sextortion Scams are on the Rise

Email is commonly used by threat actors for initial contact with victims and while most attacks attempt to steal credentials or distribute malware distribution, another type of scam has been steadily increasing. Sextortion scams have … Read more

Vulnerabilities Found in 1,900 Citrix NetScaler Devices and Limited Use of Generative AI by Malicious Actors

Malicious Actors Still Limit the Use of Generative AI It is feared that malicious actors will take advantage of generative AI to support their malicious pursuits; nevertheless, the use of generative AI by malicious actors … Read more

Cybercriminals Turn to Web Browsing to Deliver Ransomware

Ransomware attacks have increased significantly in 2023 and the file encrypting malware is now used in around 20% of cyberattacks. Ransomware is used to encrypt business-critical files to prevent access, and a ransom demand is … Read more

Top Industries Targeted by Cyber Threat Actors and 2022’s Most Often Exploited Vulnerabilities

Top Targets for Cyber Threat Actors According to Blackberry’s most recent Global Threat Intelligence Report, the two most attacked sectors are healthcare and financial services. The information for the report was gathered between March and … Read more

Search Engine Ads Abused to Gain Initial Access to Business Networks

Employees are being targeted in a new malvertising campaign that uses Google and Bing Ads offering a variety of trojanized installers for software solutions such as AnyDesk, Cisco AnyConnect VPN, and WinSCP. These campaigns deliver … Read more

New MOVEit Zero-Day Vulnerability, Critical Vulnerability in VMware Aria Operations for Networks, and CISCO AnyConnect Secure Vulnerability

Progress Software Alerts of New MOVEit Zero-Day Vulnerability – Quick Action Necessary Progress Software has released an alert concerning a new vulnerability identified in its MOVEit Transfer file transfer software program. It is an exploit … Read more

Malicious Ads and Phishing Emails Used to Distribute RomCom Malware

RomCom malware is being distributed via a range of websites that claim to offer downloads of popular software solutions such as AstraChat, GIMP, Go To Meeting, and ChatGPT, and traffic is being sent to those … Read more

Threat Actors Increasingly Using Google Ads for Malware Distribution

Malicious actors are abusing Google Ads to drive traffic to malicious websites where malware is downloaded, and abuse of Google Ads for malware distribution is increasing. Google places its Ad blocks at the top of … Read more

Major Phishing Campaign Targets Facebook Credentials

While many phishing scams target Microsoft 365 credentials due to the usefulness of the accounts and the data they hold, social media credentials are also highly prized. If a phisher is able to steal Facebook … Read more

Increase in Adversary-in-the-Middle Phishing Attacks That Allow MFA to be Bypassed

Security experts have long recommended that multi-factor authentication be implemented to protect against phishing attacks and for good reason. Single-factor authentication – a password – provides a degree of protection against unauthorized account access; however, … Read more

Data Breaches Reported by Dental Health Management Solutions, Nursing Rehab Centre, The Chautauqua Center, Northeast Surgical Group, and White Bird Clinic

Dental Health Management Solutions Alerted Patients About Historic Data Breach Dental Health Management Solutions (DHMS) based in Cedar Park, TX provides the military/government and private individuals with dental services. It recently reported the exposure of … Read more

HPH Sector Warned Against Clop Cyberattacks and MedusaLocker Ransomware Attacks

At the beginning of February, attackers exploited a zero-day vulnerability (CVE-2023-0669) found in Fortra’s GoAnywhere MFT secure file transfer software on over 130 companies, which include a few companies in the healthcare sector, for instance, … Read more

Cyber Attacks on VMware ESXi Servers, Sharp HealthCare, Regal Medical Group, and Southeast Colorado Hospital District

The French Computer Emergency Response Team (CERT-FR) issued a warning regarding a persistent ransomware campaign attacking VMware ESXi hypervisors without patching against the critical heap-overflow vulnerability monitored as CVE-2021-21974. VMware released a patch on February … Read more

Cybercriminals Turn to Malvertising for Malware Distribution Now Microsoft Blocks Macros

Now that Microsoft has started blocking macros in Office documents delivered via the Internet, distributing malware via email has become more difficult and hackers have been forced to change their tactics, techniques, and procedures. This … Read more

2022 Phishing Trends and the Outlook for 2023

Several new phishing trends were evident in 2022 as cybercriminals changed their tactics for stealing credentials and distributing malware. The same tried and tested techniques were used in many phishing campaigns, including delivery failure notifications, … Read more

HPH Sector Cautioned About Pro-Russian Hacktivist Group’s DDoS Attacks

The healthcare and public health (HPH) industry has been cautioned regarding the likelihood of cyberattacks conducted by a pro-Russian hacktivist gang called KillNet, after a new cyberattack on a U.S. healthcare group. KillNet started its … Read more

Automation Can Aid Network Defenders to Accomplish More Quickly and Be Ahead of Hackers

Automation reduces expenses and enhances productivity. It is vital in cybersecurity just like in manufacturing. A lot of labor-intensive security work may be automated to enable network defenders to accomplish more quicker, such as port … Read more

Healthcare Sector Impending Risk Due to Cuba Ransomware Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity warning concerning the Cuba Ransomware and have provided information on the tactics, techniques, and procedures (TTPs) … Read more

Data Exposed at Alta Forest Products, Hilario Marilao, M.D, and Three Rivers Provider Network

Alta Forest Products based in Chehalis, WA has encountered a cyberattack where the protected health information (PHI) of around 2,100 Alta Forest Products Health and Welfare Plan members was compromised. The company detected the security … Read more

CISA Wants Companies to Use Phishing-Resistant Multifactor Authentication

MFA is one of the most essential steps to take to stop unauthorized account access; on the other hand, it doesn’t give total security and certain types of MFA could be circumvented. Any type of … Read more

Hacking Incidents and Improper Disposal Incidents Reported

Hacking Incident at Country Doctor Community Clinic, WA On October 19, 2022, Country Doctor Community Clinic based in Seattle, WA reported that attackers had acquired access to its digital system and viewed and likely acquired … Read more

Wisconsin Department of Health Services, Detroit Health Department, and Smith, Gambrell & Russell, LLP Announce Data Breaches

Wisconsin Department of Health Services Reports Accidental Disclosure of PHI through Email The Wisconsin Department of Health Services (DHS) has just announced that there was an accidental disclosure of protected health information (PHI) via its … Read more

Cyberattack on FMC Services, Kaye-Smith and Johnson Memorial Hospital

FMC (Family Medicine Centers) Services based in Amarillo, TX recently reported a hacking incident it discovered and blocked on July 26, 2022. A third-party cybersecurity company conducted a forensic investigation to find out the nature … Read more

Healthcare Companies Targeted by Monkeypox Phishing Campaign

An alert was given to the healthcare and public health (HPH) industry regarding a Monkeypox phishing campaign directed at U.S. healthcare companies that tries to steal Office 365, Gmail, and other email account credentials. Monkeypox … Read more

Henderson & Walton Women’s Center & Genesis Health Care Inc. Report Data Breaches

Henderson & Walton Women’s Center (HWWC) based in Birmingham, AL lately advised 34,306 patients about the potential compromise of some of their protected health information (PHI) due to a hacker getting access to an employee’s … Read more

Relatively Simple Smishing Attack Compromised 130 Organizations

Phishing can take many forms and while email phishing is by far the most common way that threat actors phish for sensitive information and distribute malware, other forms of phishing are increasingly being used in … Read more

LastPass Data Breach Results in Source Code Theft

LastPass, the company offering the most widely used password management solution worldwide, reported a cyberattack and security breach. As per LastPass, there are close to 30 million users of its password manager tool globally, which … Read more

Data Breaches at Healthback Holdings, City of Newport, and OrthoArizona

Healthback Holdings has begun sending notifications to 21,114 persons regarding the likely access and theft of some of their protected health information (PHI) by unauthorized individuals. The Oklahoma City home health provider noticed odd activity … Read more

Data Breaches Announced by Blue Cross and Blue Shield of Massachusetts and Blue Shield of California

Blue Cross and Blue Shield of Massachusetts (BCBSofMA) has lately affirmed that a data breach at a business associate led to the compromise of the protected health information (PHI) of several of its health plan … Read more

Cyber Safety Review Board Claims Log4j Vulnerabilities Very Prevalent and Will Remain for Years

The Cyber Safety Review Board (CSRB), started by President Biden last February 2022, has released a report about the Log4j vulnerability (CVE-2021-44228) as well as linked vulnerabilities that were identified at the end of 2021. … Read more

12310 Next