Groups and Healthcare - Information Management Today

Pharmaceutical giant Cencora discloses a data breach

Security Affairs

FEBRUARY 28, 2024

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. Cencora, Inc.

Healthcare

Healthcare Data breaches Ransomware Insurance

Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition

Security Affairs

NOVEMBER 29, 2021

Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. “Supernus Pharmaceuticals, Inc.

Healthcare

Healthcare Ransomware Encryption Data breaches

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

Security Affairs

JUNE 9, 2023

This week, the Japanese pharmaceutical giant Eisai has taken its systems offline in response to a ransomware attack. Eisai is a Japanese pharmaceutical company with about 10,000 employees and more than $5 billion in revenue. At the time of this writing, no ransomware group has claimed responsibility for the ransomware attack.

Healthcare

Healthcare Ransomware Encryption Data breaches

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Alert: APT Groups Targeting COVID-19 Researchers

Data Breach Today

MAY 5, 2020

are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data. Password-Spraying' Campaigns Aimed at Stealing Research Data, US and UK Authorities Warn Authorities in the U.S.

Healthcare

Healthcare Passwords Security

Iranian Peach Sandstorm group behind recent password spray attacks

Security Affairs

SEPTEMBER 16, 2023

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. The cyber espionage activity attacks are aimed at organizations in the satellite, defense, and pharmaceutical sectors. South Korean, and Europe.

Passwords

Passwords Healthcare Authentication Access

Feds Warn Health Sector of Top Russia-Backed APT Groups

Data Breach Today

MAY 20, 2022

Alert Comes as Other Ransomware Assaults, Data Leaks Plague Medical Providers Federal authorities are alerting healthcare sector entities of threats posed by Russian state-sponsored cyber groups, including some linked to attacks on pharmaceutical and related firms. medical facilities.

Healthcare

Healthcare Ransomware

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t. The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. Victims of the group are located in North America, Europe, and Southeast Asia. . ” concludes the report.

Healthcare

Healthcare Phishing Government Manufacturing

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware

Ransomware Encryption Healthcare Insurance

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. ” reads the analysis published by Kaspersky.

Healthcare

Healthcare Phishing Passwords Ransomware

Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Security Affairs

DECEMBER 25, 2023

Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. South Korea, and Europe.

Healthcare

Healthcare Passwords Authentication Access

Iranian Hackers Gain Sophistication, Microsoft Warns

Data Breach Today

SEPTEMBER 15, 2023

Noisy 'Peach Sandstorm' Password Spraying Campaign Is Followed by Stealth Iranian state threat actor "Peach Sandstorm" is growing in sophistication, warns Microsoft in an alert about a campaign of password hacking targeting the satellite, defense and pharmaceutical sectors.

Healthcare

Healthcare Passwords

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. At least two companies operating in pharmaceutical and manufacturing sectors have been affected. At least two companies operating in pharmaceutical and manufacturing sectors have been affected.

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Google warned users of 33,015 nation-state attacks since January

Security Affairs

OCTOBER 17, 2020

Shane Huntley, Director at Google’s Threat Analysis Group (TAG), revealed that her team has shared its findings with the campaigns and the Federal Bureau of Investigation. Google sent 11,856 government-backed phishing warnings during Q1 2020, 11,023 in Q2 2020, and 10,136 in Q3 2020. Tbps, the largest DDoS attack of ever.

Healthcare

Healthcare Phishing Authentication Government

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

Security Affairs

MARCH 23, 2020

Operation Pangea took place between March 3 and 10, 2020, the authorities dismantled 37 organized crime groups attempting to illegally sell counterfeit surgical masks, unauthorised antiviral medications and the antimalarial chloroquine, Vitamin C, food supplements, painkillers, and antibiotics. link] — EC3 (@EC3Europol) March 23, 2020.

Healthcare

Healthcare Sales IT Security

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

MAY 3, 2024

The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet , called Moobot , used by the APT28 group is still active and is also used by cyber criminal organizations. ” reported Trend Micro. ” reported Trend Micro.

Healthcare

Healthcare Phishing Mining e-Discovery

Ransomware threat landscape Jan-Apr 2024: insights and challenges

Security Affairs

JUNE 24, 2024

In the first four months of 2024, 204 criminal groups were monitored globally for ransomware activities. Additionally, during this period, 25 new criminal groups emerged and were added to the monitoring list by Ransomfeed. Italy, in particular, faced specific challenges in cybersecurity during this critical period.

Ransomware

Ransomware Healthcare Cybersecurity Government

China-linked Winnti APT targets South Korean Gaming firm

Security Affairs

APRIL 22, 2020

China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. a South Korean video game company.”

Healthcare

Healthcare Communications IT Security

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

Security Affairs

OCTOBER 17, 2022

The business of Omiya Kasei is divided into four major areas, manufacturing and designing chemical and industrial products, designing electronic materials, pharmaceutical development, and factory manufacturing. Oomiya is focused on designing and manufacturing microelectronics and facility system equipment.

Manufacturing

Manufacturing Healthcare Ransomware Communications

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Healthcare

Healthcare Phishing Archiving Education

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware

Ransomware IT Healthcare Phishing

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. . The APT10 is well-resourced cyberespionage group that employed multiple tools and sophisticated techniques in its attacks.

Healthcare

Healthcare Archiving Cloud Manufacturing

Chinese hackers stole info from Spanish centers working on Covid19 vaccine

Security Affairs

SEPTEMBER 18, 2020

While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work. . ” reported El Pais.

Healthcare

Healthcare Agriculture Security Government

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Security Affairs

DECEMBER 5, 2020

“North Korean hackers have targeted at least six pharmaceutical companies in the U.S., “Then we’re going to have the group of people who just decide that ‘well I don’t want the world to have a vaccine’ “For us, inside, it’s really not much of a difference.”

Healthcare

Healthcare Information Security IT Security

CERT-FR warns of Lockean ransomware attacks against French companies

Security Affairs

NOVEMBER 4, 2021

CERT-France warns of a new ransomware group named Lockean that is behind a series of attacks against French organizations over the past 2 years. “First observed in June 2020, this group named Lockean is thought to have affiliated with several Ransomware-as-a-Service (RaaS) including DoppelPaymer, Maze, Prolock, Egregor and Sodinokibi.

Ransomware

Ransomware Healthcare Phishing IT

Pharma Giant Cencora confirmed the theft of personal and health information

Security Affairs

AUGUST 1, 2024

Pharmaceutical giant Cencora confirmed that the threat actors had access to personally identifiable information (PII) and protected health information (PHI) following the February 2024 cyberattack. In May, Cencora subsidiary Lash Group announced that a security incident impacted individuals’ personal information.

Data breaches

Data breaches Ransomware Healthcare Cybersecurity

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing

Phishing Healthcare Military Data collection

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Security Affairs

MAY 22, 2020

The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. ” concludes ESET.

Healthcare

Healthcare Encryption Passwords IT

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

MAY 6, 2020

’s National Cyber Security Centre warning that so-called “advanced persistent threat” groups — state-sponsored hacking teams — are actively targeting organizations involved in both national and international COVID-19 responses.

Ransomware

Ransomware Healthcare Manufacturing Data breaches

German firms BASF, Siemens, Henkel hit by cyber attacks

Security Affairs

JULY 25, 2019

A new wave of cyber attacks carried out by a China-linked APT group hit German blue-chip companies BASF, Siemens, Henkel and others. German media reported that the cyber attacks were launched by China-linked cyberespionage group. The gang is financially-motivated and was mostly involved in cyber espionage campaigns.

Healthcare

Healthcare Security IT Information Security

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Security Affairs

JANUARY 9, 2023

Resecurity detailed the increasing tensions between different influence groups behind illegal marketplaces in Dark Web – attacking each other, performing DDoS attacks and trying to abuse the reputation of competitors to capture a bigger market share. Resecurity noticed a sharp increase in demand for prescription pharmaceuticals.

Healthcare

Healthcare Marketing Communications Sales

GwisinLocker ransomware exclusively targets South Korea

Security Affairs

AUGUST 7, 2022

The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the author ‘Gwisin’ (ghost in Korean). The victims of the Linux GwisinLocker variant are required to log into a portal operated by the group to get in contact with the crooks. . Pierluigi Paganini.

Ransomware

Ransomware Healthcare Encryption IT

Security Affairs newsletter Round 292

Security Affairs

DECEMBER 6, 2020

Pierluigi Paganini. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 292 appeared first on Security Affairs.

Security

Security Healthcare Ransomware Education

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. National Security Agency (NSA). alone by October 2020.

Ransomware

Ransomware Cybersecurity Healthcare Security

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. In addition, the group leveraged some custom tools for network reconnaissance. About Group-IB.

Ransomware

Ransomware Education Manufacturing Healthcare

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Do not add users to the local administrators group unless required. Enforce a strong password policy and implement regular password changes.

Healthcare

Healthcare Passwords Government Systems administration

Low-Drama ‘Dark Angels’ Reap Record Ransoms

Krebs on Security

AUGUST 5, 2024

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. ThreatLabz found Dark Angels has conducted some of the largest ransomware attacks to date, and yet little is known about the group.

Ransomware

Ransomware Healthcare Insurance Cybersecurity

Winnti APT continues to target game developers in Russia and abroad

Security Affairs

JANUARY 15, 2021

Experts attribute the attacks to the China-linked Winnti APT group (aka APT41 ) and reported that the attackers used a previously undocumented backdoor in the attacks. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007.

Healthcare

Healthcare Archiving Information Security Security

Interpol warns that crooks are increasingly targeting hospitals

Security Affairs

APRIL 7, 2020

Some of them like DoppelPaymer and Maze groups announced that they would no target healthcare organizations during the pandemic. The gang behind the Ryuk ransomware goes against the tide and continues to target the hospitals, the group never responded to the questions of BleepingComputer researchers. reported BleepingComputer.

Ransomware

Ransomware Healthcare Manufacturing Passwords

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

Security Affairs

JUNE 26, 2022

Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The victims include pharmaceutical companies in Brazil and the U.S., and an aerospace and defense division of an Indian conglomerate.

Ransomware

Ransomware Healthcare Manufacturing Encryption

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt.

Healthcare

Healthcare Security Ransomware Data breaches

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. Image: Archive.org.

Healthcare

Healthcare Passwords Sales Ransomware

Lazarus Group Seeks Intelligence Related to COVID-19

Dark Reading

DECEMBER 23, 2020

Researchers attribute attacks targeting a pharmaceutical company and a government ministry related to COVID-19 response.

Healthcare

Healthcare Government

2 Vendors Among BlackCat's Alleged Recent Ransomware Victims

Data Breach Today

JANUARY 23, 2023

Group Lists EHR Provider, Pharmaceutical Services Firm on Leak Site An electronic health records vendor and a pharmacy management services firm are purportedly among the latest healthcare sector victims of ransomware-as-a-service group BlackCat, also known as Alphv.

Ransomware

Ransomware Healthcare

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security.

Government

Government Energy and Utilities Healthcare Access

Pharmaceutical giant Cencora discloses a data breach

Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition

Webinars

Trending Sources

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

Webinars

Alert: APT Groups Targeting COVID-19 Researchers

Iranian Peach Sandstorm group behind recent password spray attacks

Feds Warn Health Sector of Top Russia-Backed APT Groups

Balikbayan Foxes group spoofs Philippine gov to spread RATs

New RA Group ransomware gang is the latest group using leaked Babuk source code

North Korea-linked Lazarus APT targets the COVID-19 research

Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Iranian Hackers Gain Sophistication, Microsoft Warns

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Google warned users of 33,015 nation-state attacks since January

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

Russia-linked APT28 and crooks are still using the Moobot botnet

Ransomware threat landscape Jan-Apr 2024: insights and challenges

China-linked Winnti APT targets South Korean Gaming firm

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

Financially motivated Earth Lusca threat actors targets organizations worldwide

FIN11 gang started deploying ransomware to monetize its operations

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Chinese hackers stole info from Spanish centers working on Covid19 vaccine

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

CERT-FR warns of Lockean ransomware attacks against French companies

Pharma Giant Cencora confirmed the theft of personal and health information

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

German firms BASF, Siemens, Henkel hit by cyber attacks

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

GwisinLocker ransomware exclusively targets South Korea

Security Affairs newsletter Round 292

Conti’s Ransomware Toll on the Healthcare Industry

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

US govt agencies share details of the China-linked espionage malware Taidoor

Low-Drama ‘Dark Angels’ Reap Record Ransoms

Winnti APT continues to target game developers in Russia and abroad

Interpol warns that crooks are increasingly targeting hospitals

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Lazarus Group Seeks Intelligence Related to COVID-19

2 Vendors Among BlackCat's Alleged Recent Ransomware Victims

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Stay Connected