Security Affairs

SEPTEMBER 18, 2020

While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work. . ” reported El Pais.

Healthcare 363

Healthcare Agriculture Security Government 363

Security Affairs

MAY 3, 2024

“In the specific case of the compromised Ubiquiti EdgeRouters, we observed that a botnet operator has been installing backdoored SSH servers and a suite of scripts on the compromised devices for years without much attention from the security industry, allowing persistent access. ” reported Trend Micro.

Healthcare 315

Healthcare Phishing Mining e-Discovery 315

Security Affairs

JUNE 17, 2021

This week WebsitePlanet along with the researcher Jeremiah Fowler discovered an unsecured database, belonging to the US healthcare and pharmaceutical giant CVS Health, that was exposed online. The database was accessible to everyone without any type of authentication.

Search queries 360

Search queries Healthcare Archiving Passwords 360

Security Affairs

JANUARY 1, 2021

While the pandemic is spreading on a global scale, threat actors continue to target government organizations and entities in the pharmaceutical industry. The experts shared screenshots of the internal email where the portal link was shared, the login page for the portal to access the reports, and images of internal pages.

Healthcare 350

Healthcare Marketing Authentication Access 350

Security Affairs

MARCH 27, 2020

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. .

Healthcare 343

Healthcare Manufacturing Cybersecurity Retail 343

Security Affairs

MAY 20, 2019

Chronicle researchers while investigating the cyber attack that hit the Bayer pharmaceutical company in April. “In April 2019, reports emerged of an intrusion involving Winnti malware at a German Pharmaceutical company.” At the time the malware was used in the hack of a Vietnamese gaming company.

Healthcare 279

Healthcare Communications Libraries Access 279

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Monitor users’ web browsing habits; restrict access to sites with unfavorable content. Exercise caution when using removable media (e.g.,

Healthcare 350

Healthcare Passwords Government Systems administration 350

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. In recent attacks, the group was observed deploying the Clop ransomware into the networks of its victims.

Ransomware 353

Ransomware IT Healthcare Phishing 353

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. ” concludes the report. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare 361

Healthcare Financial Services Security Communications 361

Security Affairs

NOVEMBER 18, 2020

Targeted sectors include: Automotive Clothing Conglomerates Electronics Engineering General Trading Company Government Industrial Products Managed Service Providers Manufacturing Pharmaceutical Professional Services. The latest campaign has been active since mid-October in 2019 and appears to be still ongoing. ” Pierluigi Paganini.

Healthcare 321

Healthcare Archiving Cloud Manufacturing 321

Security Affairs

DECEMBER 18, 2020

Cybercrime organizations continue to be very active while pharmaceutical organizations are involved in the development of a COVID-19 vaccine and medicines to cure the infections. Threat actors continue to trade critical medical data in the Dark Web while organizations are involved in the response to the COVID-19 pandemic.

Phishing 363

Phishing Healthcare Sales Communications 363

Security Affairs

MARCH 25, 2020

Victims operate in the Banking/Finance, Construction, Defense Industrial Base, Government, Healthcare, High Technology, Higher Education, Legal, Manufacturing, Media, Non-profit, Oil & Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel, and Utility. .

Healthcare 363

Healthcare Education Manufacturing Government 363

Security Affairs

MARCH 11, 2022

ElasticSearch lacks a default authentication and authorization system – meaning the data must be put behind a firewall, or else run the risk of being freely accessed, modified or deleted by threat actors. Original Post @CyberNews. About the author Damien Black. Follow me on Twitter: @securityaffairs and Facebook.

Healthcare 270

Healthcare Authentication Access Risk 270

Security Affairs

DECEMBER 5, 2021

CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues Russian internet watchdog Roskomnadzor bans six more VPN services NginRAT – A stealth malware targets e-store hiding on Nginx servers Europol arrested 1800 money mules as part of an anti-money-laundering operation Mozilla fixes critical flaw in Network Security (..)

Security 265

Security Healthcare Ransomware Libraries 265

Security Affairs

AUGUST 7, 2022

The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the author ‘Gwisin’ (ghost in Korean). Researchers warn of a new ransomware called GwisinLocker which is able to encrypt Windows and Linux ESXi servers. ” concludes the report published by Reversinglabs.

Ransomware 304

Ransomware Healthcare Encryption IT 304

Security Affairs

DECEMBER 6, 2020

A critical flaw in industrial automation systems opens to remote hack Crooks stole 800,000€ from ATMs in Italy with Black Box attack Operators behind Dark Caracal are still alive and operational Sopra Steria estimates financial Impact of ransomware attack could reach €50 Million Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer (..)

Security 269

Security Healthcare Ransomware Education 269

Security Affairs

NOVEMBER 1, 2021

The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. Both Remcos and NanoCore are used for information gathering, data exfiltration, surveillance, and control of the victims’ computers. . ” reads the analysis published by the experts. .

Healthcare 279

Healthcare Phishing Government Manufacturing 279

Security Affairs

DECEMBER 10, 2020

The threat actors used lures consisted of documents about Sinopharm International Corporation, a pharmaceutical company involved in the development of a COVID-19 vaccine and that is currently going through phase three clinical trials.

Phishing 308

Phishing Healthcare Military Data collection 308

Security Affairs

NOVEMBER 23, 2018

The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent wave of attacks aimed at many important US entities, such as military agencies, law enforcement, defense contractors , media companies and pharmaceutical companies.

Healthcare 276

Healthcare Phishing Military Security 276

Security Affairs

AUGUST 1, 2024

Pharmaceutical giant Cencora confirmed that the threat actors had access to personally identifiable information (PII) and protected health information (PHI) following the February 2024 cyberattack. Pharma company Cencora confirmed the theft of personal and health information following the February 2024 data breach.

Data breaches 315

Data breaches Ransomware Healthcare Cybersecurity 315

Krebs on Security

APRIL 18, 2022

” On April 13, Microsoft said it executed a legal sneak attack against Zloader , a remote access trojan and malware platform that multiple ransomware groups have used to deploy their malware inside victim networks. In June 2021, the HSE’s director general said the recovery costs for that attack were likely to exceed USD $600 million.

Ransomware 340

Ransomware Cybersecurity Healthcare Security 340

Krebs on Security

MAY 6, 2020

Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage, preventing them from accessing vital files and systems until a ransom is paid. Overall, Fresenius employs nearly 300,000 people across more than 100 countries, and is ranked 258th on the Forbes Global 2000.

Ransomware 363

Ransomware Healthcare Manufacturing Data breaches 363

Data Breach Today

OCTOBER 12, 2022

Alleged Conspiracy Involved Drug Sales Rep Accessing Patient Records A former doctor who practiced internal medicine in several states has pleaded guilty in a New Jersey federal court to criminal HIPAA violations in a case that also involved a pharmaceutical salesman and a larger alleged $2.5 million healthcare fraud conspiracy.

Healthcare 130

Healthcare Sales Access 130

Security Affairs

MAY 1, 2020

. “Another worrying development has been the increase in activities related to the distribution of child abuse material online and the conversations of potential offenders around the increased accessibility and vulnerability of children online due to isolation, less supervision and greater online exposure.”

Healthcare 344

Healthcare Ransomware Marketing Cybersecurity 344

Security Affairs

OCTOBER 3, 2020

The attackers primarily ran malicious ad campaigns, often in the form of advertising pharmaceutical pills and spam with fake celebrity endorsements.” A malware running on an infected endpoint could access cookie store if has the knowledge of its location in the various browsers.

Healthcare 321

Healthcare Paper Authentication Metadata 321

Security Affairs

SEPTEMBER 15, 2020

8 ] CVE-2019-11510 : Pulse Secure VPN Servers – CISA has conducted multiple incident response engagements at Federal Government and commercial entities where the threat actors exploited CVE-2019-11510—an arbitrary file reading vulnerability affecting Pulse Secure VPN appliances—to gain access to victim networks.

Government 263

Government Energy and Utilities Healthcare Access 263

Security Affairs

JUNE 26, 2022

However, the victimology, the short lifespan of each ransomware family employed in the attacks, and access to malware used by nation-state actors suggest that the main motivation of the group may be intellectual property theft or cyberespionage. The victims include pharmaceutical companies in Brazil and the U.S.,

Ransomware 246

Ransomware Healthcare Manufacturing Encryption 246

Krebs on Security

JUNE 1, 2023

Fitis’s real-life identity was exposed in 2010 after two of the biggest sponsors of pharmaceutical spam went to war with each other, and large volumes of internal documents, emails and chat records seized from both spam empires were leaked to this author. At least my laptop is sure of it.” Image: Archive.org.

Healthcare 304

Healthcare Passwords Sales Ransomware 304

The Guardian Data Protection

SEPTEMBER 17, 2018

‘Each application would be assessed on its own merits,’ senators told Pharmaceutical companies will be allowed to apply for data from the controversial My Health Record system, a Senate committee hearing has been told.

Access 76

Access Healthcare IT 76

Security Affairs

DECEMBER 21, 2018

Department of Energy’s Lawrence Berkeley National Laboratory. “Finally, the APT10 Group compromised more than 40 computers in order to steal sensitive data belonging to the Navy, including the names, Social Security numbers, dates of birth, salary information, personal phone numbers, and email addresses of more than 100,000 Navy personnel.”

Computer and Electronics 271

Computer and Electronics Healthcare Manufacturing Government 271

Data Breach Today

MAY 4, 2018

Case Involved Unauthorized Access to Patient Records A former Massachusetts gynecologist has been convicted in a rare case involving a criminal HIPAA violation. The case was tied to providing a pharmaceutical salesperson access to patients' medical records.

Healthcare 113

Healthcare Access 113

Security Affairs

APRIL 7, 2020

According to experts from Group-IB, Russian-speaking threat actors targeted at least two companies in Western Europe in the pharmaceutical and manufacturing industries. PeterM from Sophos confirmed that he is aware of a US health care provider that was hit with the Ryuk ransomware a couple of weeks ago.

Ransomware 305

Ransomware Healthcare Manufacturing Passwords 305

Security Affairs

JULY 22, 2020

The duo targeted organizations in multiple industries, including high tech manufacturing, medical device, civil, and industrial engineering, business, educational, gaming software, solar energy, pharmaceuticals and defense. The hackers also targeted insecure default configurations in common popular applications. ” concludes the DoJ.

Healthcare 259

Healthcare Government Manufacturing Access 259

Security Affairs

NOVEMBER 19, 2018

The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent wave of attacks aimed at many important US entities, such as military agencies, law enforcement, defense contractors , media companies and pharmaceutical companies. cybersecurity firm FireEye.

Healthcare 249

Healthcare Phishing Military Cybersecurity 249

Security Affairs

JULY 5, 2023

42% of incidents reported targeted hospitals, while health authorities, bodies and agencies accounted for 14%, and the pharmaceutical industry for 9%. According to the report, organizations in the European health sector experienced a significant number of incidents, with healthcare providers accounting for 53% of the total incidents.

Ransomware 246

Ransomware Healthcare Cybersecurity Security 246

Krebs on Security

AUGUST 5, 2024

. “For the longest time, they didn’t even want to cause a big headline, but they probably felt compelled to create that leaks site because they wanted to show they were serious and that they were going to post victim data and make it accessible.” Companies losing vast amounts of data will pay these high ransoms.”

Ransomware 268

Ransomware Healthcare Insurance Cybersecurity 268

OpenText Information Management

NOVEMBER 10, 2020

With the shift to remote work environments, Life Sciences organizations need a way to provide their workers with secure and compliant access to highly regulated content that is stored on-premises. appeared first on OpenText Blogs.

Healthcare 109

Healthcare Access Security Content services 109