Security Affairs

SEPTEMBER 16, 2023

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. The cyber espionage activity attacks are aimed at organizations in the satellite, defense, and pharmaceutical sectors. South Korean, and Europe.

Passwords 141

Passwords Healthcare Authentication Access 141

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. National Security Agency (NSA). alone by October 2020.

Ransomware 317

Ransomware Cybersecurity Healthcare Security 317

Krebs on Security

AUGUST 5, 2024

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. ThreatLabz found Dark Angels has conducted some of the largest ransomware attacks to date, and yet little is known about the group.

Ransomware 248

Ransomware Healthcare Insurance Cybersecurity 248

Security Affairs

NOVEMBER 1, 2021

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t. The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. Victims of the group are located in North America, Europe, and Southeast Asia. . ” concludes the report.

Healthcare 117

Healthcare Phishing Government Manufacturing 117

Krebs on Security

JUNE 1, 2023

Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. Image: Archive.org.

Healthcare 283

Healthcare Passwords Sales Ransomware 283

Dark Reading

DECEMBER 23, 2020

Researchers attribute attacks targeting a pharmaceutical company and a government ministry related to COVID-19 response.

Healthcare 101

Healthcare Government 101

Security Affairs

DECEMBER 25, 2020

The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. ” reads the analysis published by Kaspersky.

Healthcare 144

Healthcare Phishing Passwords Ransomware 144

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware 98

Ransomware Encryption Healthcare Insurance 98

Data Breach Today

JANUARY 23, 2023

Group Lists EHR Provider, Pharmaceutical Services Firm on Leak Site An electronic health records vendor and a pharmacy management services firm are purportedly among the latest healthcare sector victims of ransomware-as-a-service group BlackCat, also known as Alphv.

Ransomware 130

Ransomware Healthcare 130

Security Affairs

DECEMBER 25, 2023

Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. South Korea, and Europe.

Healthcare 145

Healthcare Passwords Authentication Access 145

Security Affairs

OCTOBER 17, 2020

Shane Huntley, Director at Google’s Threat Analysis Group (TAG), revealed that her team has shared its findings with the campaigns and the Federal Bureau of Investigation. Google sent 11,856 government-backed phishing warnings during Q1 2020, 11,023 in Q2 2020, and 10,136 in Q3 2020. Tbps, the largest DDoS attack of ever.

Healthcare 136

Healthcare Phishing Authentication Government 136

Security Affairs

MARCH 27, 2020

Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. At least two companies operating in pharmaceutical and manufacturing sectors have been affected. At least two companies operating in pharmaceutical and manufacturing sectors have been affected.

Healthcare 138

Healthcare Manufacturing Cybersecurity Retail 138

Security Affairs

MAY 3, 2024

The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet , called Moobot , used by the APT28 group is still active and is also used by cyber criminal organizations. ” reported Trend Micro. ” reported Trend Micro.

Healthcare 132

Healthcare Phishing e-Discovery Mining 132

Security Affairs

MARCH 23, 2020

Operation Pangea took place between March 3 and 10, 2020, the authorities dismantled 37 organized crime groups attempting to illegally sell counterfeit surgical masks, unauthorised antiviral medications and the antimalarial chloroquine, Vitamin C, food supplements, painkillers, and antibiotics. link] — EC3 (@EC3Europol) March 23, 2020.

Healthcare 137

Healthcare Sales IT Security 137

Security Affairs

JUNE 24, 2024

In the first four months of 2024, 204 criminal groups were monitored globally for ransomware activities. Additionally, during this period, 25 new criminal groups emerged and were added to the monitoring list by Ransomfeed. Italy, in particular, faced specific challenges in cybersecurity during this critical period.

Ransomware 127

Ransomware Healthcare Cybersecurity Government 127

Security Affairs

APRIL 22, 2020

China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. a South Korean video game company.”

Healthcare 144

Healthcare Communications IT Security 144

Security Affairs

OCTOBER 17, 2022

The business of Omiya Kasei is divided into four major areas, manufacturing and designing chemical and industrial products, designing electronic materials, pharmaceutical development, and factory manufacturing. Oomiya is focused on designing and manufacturing microelectronics and facility system equipment.

Manufacturing 144

Manufacturing Healthcare Ransomware Communications 144

Security Affairs

NOVEMBER 18, 2020

Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. . The APT10 is well-resourced cyberespionage group that employed multiple tools and sophisticated techniques in its attacks.

Healthcare 135

Healthcare Archiving Cloud Manufacturing 135

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Healthcare 141

Healthcare Phishing Archiving Education 141

Security Affairs

DECEMBER 5, 2020

“North Korean hackers have targeted at least six pharmaceutical companies in the U.S., “Then we’re going to have the group of people who just decide that ‘well I don’t want the world to have a vaccine’ “For us, inside, it’s really not much of a difference.”

Healthcare 131

Healthcare Information Security IT Security 131

Security Affairs

NOVEMBER 4, 2021

CERT-France warns of a new ransomware group named Lockean that is behind a series of attacks against French organizations over the past 2 years. “First observed in June 2020, this group named Lockean is thought to have affiliated with several Ransomware-as-a-Service (RaaS) including DoppelPaymer, Maze, Prolock, Egregor and Sodinokibi.

Ransomware 122

Ransomware Healthcare Phishing IT 122

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware 143

Ransomware IT Healthcare Phishing 143

Security Affairs

SEPTEMBER 18, 2020

While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work. . ” reported El Pais.

Healthcare 145

Healthcare Agriculture Security Government 145

Threatpost

DECEMBER 23, 2020

The nation-state actor is looking to speed up vaccine development efforts in North Korea.

Healthcare 128

Healthcare Government 128

Security Affairs

AUGUST 1, 2024

Pharmaceutical giant Cencora confirmed that the threat actors had access to personally identifiable information (PII) and protected health information (PHI) following the February 2024 cyberattack. In May, Cencora subsidiary Lash Group announced that a security incident impacted individuals’ personal information.

Data breaches 132

Data breaches Ransomware Healthcare Cybersecurity 132

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing 130

Phishing Healthcare Military Data collection 130

Security Affairs

MAY 22, 2020

The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. ” concludes ESET.

Healthcare 140

Healthcare Encryption Passwords IT 140

Security Affairs

MAY 20, 2019

It is the first time that researchers found a Linux version of the backdoor user by China-linked APT groups tacked as Winnti. The experts believe that under the Winnti umbrella there are several APT groups , including Winnti , Gref, PlayfullDragon, APT17, DeputyDog , Axiom, BARIUM, LEAD , PassCV , Wicked Panda, and ShadowPad.

Healthcare 111

Healthcare Communications Libraries Access 111

Security Affairs

JULY 25, 2019

A new wave of cyber attacks carried out by a China-linked APT group hit German blue-chip companies BASF, Siemens, Henkel and others. German media reported that the cyber attacks were launched by China-linked cyberespionage group. The gang is financially-motivated and was mostly involved in cyber espionage campaigns.

Healthcare 111

Healthcare Security IT Information Security 111

Security Affairs

JANUARY 9, 2023

Resecurity detailed the increasing tensions between different influence groups behind illegal marketplaces in Dark Web – attacking each other, performing DDoS attacks and trying to abuse the reputation of competitors to capture a bigger market share. Resecurity noticed a sharp increase in demand for prescription pharmaceuticals.

Healthcare 98

Healthcare Marketing Communications Sales 98

Security Affairs

AUGUST 7, 2022

The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the author ‘Gwisin’ (ghost in Korean). The victims of the Linux GwisinLocker variant are required to log into a portal operated by the group to get in contact with the crooks. . Pierluigi Paganini.

Ransomware 128

Ransomware Healthcare Encryption IT 128

The Guardian Data Protection

MAY 11, 2022

High risk” breaches were revealed to have occurred at healthcare groups, pharmaceutical giants and educational institutions including Virgin Care, GlaxoSmithKline (GSK) and Imperial College London, during audits by NHS Digital, according to an investigation by the British Medical Journal (BMJ).

Healthcare 75

Healthcare Education Risk Access 75

Security Affairs

DECEMBER 6, 2020

Pierluigi Paganini. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 292 appeared first on Security Affairs.

Security 113

Security Healthcare Ransomware Education 113

The Last Watchdog

MARCH 17, 2021

Backed by Japanese telecom giant NTT Group , this new facility instantly jumped into the vanguard of basic research already underway that will eventually enable the routine use of quantum computers, which, in turn, will open the door to things like driverless cars and Star Trekkian medical treatments. billion annually for R&D projects.

Digital transformation 222

Digital transformation Encryption Privacy Analytics 222

Security Affairs

MAY 7, 2021

Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. In addition, the group leveraged some custom tools for network reconnaissance. About Group-IB.

Ransomware 138

Ransomware Education Manufacturing Healthcare 138

Security Affairs

JANUARY 15, 2021

Experts attribute the attacks to the China-linked Winnti APT group (aka APT41 ) and reported that the attackers used a previously undocumented backdoor in the attacks. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007.

Healthcare 114

Healthcare Archiving Information Security Security 114

Security Affairs

APRIL 7, 2020

Some of them like DoppelPaymer and Maze groups announced that they would no target healthcare organizations during the pandemic. The gang behind the Ryuk ransomware goes against the tide and continues to target the hospitals, the group never responded to the questions of BleepingComputer researchers. reported BleepingComputer.

Ransomware 128

Ransomware Healthcare Manufacturing Passwords 128