Groups, Healthcare and Security - Information Management Today

Pharmaceutical giant Cencora discloses a data breach

Security Affairs

FEBRUARY 28, 2024

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. The company discovered the security breach on February 21 and immediately launched an investigation into the incident.

Healthcare

Healthcare Data breaches Ransomware Insurance

Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition

Security Affairs

NOVEMBER 29, 2021

Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. “Supernus Pharmaceuticals, Inc.

Healthcare

Healthcare Ransomware Encryption Data breaches

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

Security Affairs

JUNE 9, 2023

This week, the Japanese pharmaceutical giant Eisai has taken its systems offline in response to a ransomware attack. Eisai is a Japanese pharmaceutical company with about 10,000 employees and more than $5 billion in revenue. Eisai announced it is working to recover the impacted systems and determine the scope of the security breach.

Healthcare

Healthcare Ransomware Encryption Data breaches

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Alert: APT Groups Targeting COVID-19 Researchers

Data Breach Today

MAY 5, 2020

are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data. Security experts outline defensive steps that organizations can take.

Healthcare

Healthcare Passwords Security

Iranian Peach Sandstorm group behind recent password spray attacks

Security Affairs

SEPTEMBER 16, 2023

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. The cyber espionage activity attacks are aimed at organizations in the satellite, defense, and pharmaceutical sectors. South Korean, and Europe.

Passwords

Passwords Healthcare Authentication Access

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. ” reads the analysis published by Kaspersky.

Healthcare

Healthcare Phishing Passwords Ransomware

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware

Ransomware Encryption Healthcare Insurance

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t. The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. Victims of the group are located in North America, Europe, and Southeast Asia. . Pierluigi Paganini.

Healthcare

Healthcare Phishing Government Manufacturing

Security Affairs newsletter Round 292

Security Affairs

DECEMBER 6, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 292 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security

Security Healthcare Ransomware Education

Google warned users of 33,015 nation-state attacks since January

Security Affairs

OCTOBER 17, 2020

Shane Huntley, Director at Google’s Threat Analysis Group (TAG), revealed that her team has shared its findings with the campaigns and the Federal Bureau of Investigation. The post Google warned users of 33,015 nation-state attacks since January appeared first on Security Affairs. Tbps, the largest DDoS attack of ever.

Healthcare

Healthcare Phishing Authentication Government

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. At least two companies operating in pharmaceutical and manufacturing sectors have been affected. At least two companies operating in pharmaceutical and manufacturing sectors have been affected.

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Security Affairs

DECEMBER 25, 2023

Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. South Korea, and Europe.

Healthcare

Healthcare Passwords Authentication Access

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

MAY 3, 2024

The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet , called Moobot , used by the APT28 group is still active and is also used by cyber criminal organizations. ” reported Trend Micro. ” reported Trend Micro.

Healthcare

Healthcare Phishing Mining e-Discovery

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

Security Affairs

MARCH 23, 2020

Operation Pangea took place between March 3 and 10, 2020, the authorities dismantled 37 organized crime groups attempting to illegally sell counterfeit surgical masks, unauthorised antiviral medications and the antimalarial chloroquine, Vitamin C, food supplements, painkillers, and antibiotics. link] — EC3 (@EC3Europol) March 23, 2020.

Healthcare

Healthcare Sales IT Security

China-linked Winnti APT targets South Korean Gaming firm

Security Affairs

APRIL 22, 2020

China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. a South Korean video game company.”

Healthcare

Healthcare Communications IT Security

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Healthcare

Healthcare Phishing Archiving Education

Chinese hackers stole info from Spanish centers working on Covid19 vaccine

Security Affairs

SEPTEMBER 18, 2020

While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work. . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Healthcare

Healthcare Agriculture Security Government

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

Security Affairs

OCTOBER 17, 2022

The business of Omiya Kasei is divided into four major areas, manufacturing and designing chemical and industrial products, designing electronic materials, pharmaceutical development, and factory manufacturing. Multiple supply chains potentially impacted appeared first on Security Affairs. Pierluigi Paganini.

Manufacturing

Manufacturing Healthcare Ransomware Communications

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

Security Affairs

JUNE 11, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Healthcare

Healthcare Security Ransomware Data breaches

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Security Affairs

DECEMBER 5, 2020

“North Korean hackers have targeted at least six pharmaceutical companies in the U.S., “ Nation-state actors are targeting healthcare organizations “every single minute of every single day,” Marene Allison, the Chief Information Security Officer at Johnson & Johnson, said Thursday at the online Aspen Cyber Summit.

Healthcare

Healthcare Information Security IT Security

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware

Ransomware IT Healthcare Phishing

Pharma Giant Cencora confirmed the theft of personal and health information

Security Affairs

AUGUST 1, 2024

Pharmaceutical giant Cencora confirmed that the threat actors had access to personally identifiable information (PII) and protected health information (PHI) following the February 2024 cyberattack. On February 21, Cencora announced a data breach in a filing with the Securities and Exchange Commission (SEC).

Data breaches

Data breaches Ransomware Healthcare Cybersecurity

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. . The APT10 is well-resourced cyberespionage group that employed multiple tools and sophisticated techniques in its attacks.

Healthcare

Healthcare Archiving Cloud Manufacturing

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

MAY 6, 2020

“I can confirm that Fresenius’ IT security detected a computer virus on company computers,” Kuhn said in a written statement shared with KrebsOnSecurity. “As a precautionary measure in accordance with our security protocol drawn up for such cases, steps have been taken to prevent further spread.

Ransomware

Ransomware Healthcare Manufacturing Data breaches

CERT-FR warns of Lockean ransomware attacks against French companies

Security Affairs

NOVEMBER 4, 2021

CERT-France warns of a new ransomware group named Lockean that is behind a series of attacks against French organizations over the past 2 years. “First observed in June 2020, this group named Lockean is thought to have affiliated with several Ransomware-as-a-Service (RaaS) including DoppelPaymer, Maze, Prolock, Egregor and Sodinokibi.

Ransomware

Ransomware Healthcare Phishing IT

Ransomware threat landscape Jan-Apr 2024: insights and challenges

Security Affairs

JUNE 24, 2024

In the first four months of 2024, 204 criminal groups were monitored globally for ransomware activities. Additionally, during this period, 25 new criminal groups emerged and were added to the monitoring list by Ransomfeed. Italy, in particular, faced specific challenges in cybersecurity during this critical period.

Ransomware

Ransomware Healthcare Cybersecurity Government

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing

Phishing Healthcare Military Data collection

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Security Affairs

MAY 22, 2020

The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. ” concludes ESET. Pierluigi Paganini.

Healthcare

Healthcare Encryption Passwords IT

German firms BASF, Siemens, Henkel hit by cyber attacks

Security Affairs

JULY 25, 2019

A new wave of cyber attacks carried out by a China-linked APT group hit German blue-chip companies BASF, Siemens, Henkel and others. German media reported that the cyber attacks were launched by China-linked cyberespionage group. The post German firms BASF, Siemens, Henkel hit by cyber attacks appeared first on Security Affairs.

Healthcare

Healthcare Security IT Information Security

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. National Security Agency (NSA). National Security Agency (NSA). alone by October 2020.

Ransomware

Ransomware Cybersecurity Healthcare Security

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Security Affairs

JANUARY 9, 2023

Resecurity detailed the increasing tensions between different influence groups behind illegal marketplaces in Dark Web – attacking each other, performing DDoS attacks and trying to abuse the reputation of competitors to capture a bigger market share. Resecurity noticed a sharp increase in demand for prescription pharmaceuticals.

Healthcare

Healthcare Marketing Communications Sales

GwisinLocker ransomware exclusively targets South Korea

Security Affairs

AUGUST 7, 2022

The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the author ‘Gwisin’ (ghost in Korean). ” reads the report published by security firm Ahnlab. The post GwisinLocker ransomware exclusively targets South Korea appeared first on Security Affairs.

Ransomware

Ransomware Healthcare Encryption IT

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. Do not add users to the local administrators group unless required.

Healthcare

Healthcare Passwords Government Systems administration

Low-Drama ‘Dark Angels’ Reap Record Ransoms

Krebs on Security

AUGUST 5, 2024

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. ThreatLabz found Dark Angels has conducted some of the largest ransomware attacks to date, and yet little is known about the group.

Ransomware

Ransomware Healthcare Insurance Cybersecurity

Winnti APT continues to target game developers in Russia and abroad

Security Affairs

JANUARY 15, 2021

Experts attribute the attacks to the China-linked Winnti APT group (aka APT41 ) and reported that the attackers used a previously undocumented backdoor in the attacks. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007.

Healthcare

Healthcare Archiving Information Security Security

Interpol warns that crooks are increasingly targeting hospitals

Security Affairs

APRIL 7, 2020

Some of them like DoppelPaymer and Maze groups announced that they would no target healthcare organizations during the pandemic. The gang behind the Ryuk ransomware goes against the tide and continues to target the hospitals, the group never responded to the questions of BleepingComputer researchers. reported BleepingComputer.

Ransomware

Ransomware Healthcare Manufacturing Passwords

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. In addition, the group leveraged some custom tools for network reconnaissance. About Group-IB.

Ransomware

Ransomware Education Manufacturing Healthcare

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

Security Affairs

JUNE 26, 2022

Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The victims include pharmaceutical companies in Brazil and the U.S., and an aerospace and defense division of an Indian conglomerate.

Ransomware

Ransomware Healthcare Manufacturing Encryption

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. Image: Archive.org.

Healthcare

Healthcare Passwords Sales Ransomware

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security.

Government

Government Energy and Utilities Healthcare Access

News Alert: CybeReady issues a summer saeson guide outlining 5 workforce security strategies

The Last Watchdog

JUNE 20, 2023

— CybeReady, a global leader in security awareness training, today announced the release of its informative guide, “Five Workforce Security Strategies to Consider During Summer Holidays.” So, as we unwind on vacation over the next few months, vigilance and adherence to security protocols are paramount.

Security awareness

Security awareness Security Healthcare Risk

Why You Need to Tune EDR to Secure Your Environment

eSecurity Planet

APRIL 21, 2022

This allows EDR to deploy very quickly, but it also allows for a number of security vulnerabilities. Here we’ll discuss why EDR vendors choose these configurations, and how organizations can tune their EDR systems to fit their organization and improve security. How do certain user groups behave differently?

Security

Security Access Sales e-Discovery

Encryption – A Feasible Savior against Prevalent Privacy Issues in Business Communication

Security Affairs

OCTOBER 26, 2019

Radicati Group reports that the total number of emails that businesses and consumers send and receive every day is expected to grow to a whopping 347 billion by 2023. Impact of Privacy & Security Issues in Business Communication. Encryption plays an integral role in securing the online data as well as its integrity.

Encryption

Encryption Communications Privacy Cybersecurity

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

The Last Watchdog

MARCH 17, 2021

Backed by Japanese telecom giant NTT Group , this new facility instantly jumped into the vanguard of basic research already underway that will eventually enable the routine use of quantum computers, which, in turn, will open the door to things like driverless cars and Star Trekkian medical treatments. billion annually for R&D projects.

Digital transformation

Digital transformation Encryption Privacy Analytics

Pharmaceutical giant Cencora discloses a data breach

Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition

Webinars

Trending Sources

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

Webinars

Alert: APT Groups Targeting COVID-19 Researchers

Iranian Peach Sandstorm group behind recent password spray attacks

North Korea-linked Lazarus APT targets the COVID-19 research

New RA Group ransomware gang is the latest group using leaked Babuk source code

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs newsletter Round 292

Google warned users of 33,015 nation-state attacks since January

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Russia-linked APT28 and crooks are still using the Moobot botnet

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

China-linked Winnti APT targets South Korean Gaming firm

Financially motivated Earth Lusca threat actors targets organizations worldwide

Chinese hackers stole info from Spanish centers working on Covid19 vaccine

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

Security Affairs newsletter Round 423 by Pierluigi Paganini – International edition

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

FIN11 gang started deploying ransomware to monetize its operations

Pharma Giant Cencora confirmed the theft of personal and health information

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

CERT-FR warns of Lockean ransomware attacks against French companies

Ransomware threat landscape Jan-Apr 2024: insights and challenges

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

German firms BASF, Siemens, Henkel hit by cyber attacks

Conti’s Ransomware Toll on the Healthcare Industry

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

GwisinLocker ransomware exclusively targets South Korea

US govt agencies share details of the China-linked espionage malware Taidoor

Low-Drama ‘Dark Angels’ Reap Record Ransoms

Winnti APT continues to target game developers in Russia and abroad

Interpol warns that crooks are increasingly targeting hospitals

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

Ask Fitis, the Bear: Real Crooks Sign Their Malware

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

News Alert: CybeReady issues a summer saeson guide outlining 5 workforce security strategies

Why You Need to Tune EDR to Secure Your Environment

Encryption – A Feasible Savior against Prevalent Privacy Issues in Business Communication

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

Stay Connected