Tag: healthcare
-
Top Data Breaches of February 2025
February 2025 saw a series of high-impact data breaches affecting industries ranging from healthcare and finance to cloud services and government agencies. These incidents exposed sensitive data, disrupted operations, and… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/top-data-breaches-of-february-2025/
-
Certain About Your Data Privacy Measures?
Are You Confident in Your Data Privacy Measures? Professionals in financial services in healthcare, travel, DevOps, and SOC teams that managing securitization processes in the cloud; do you feel confident about your data privacy measures? Where marked by increasing cybersecurity threats, the assurance of robust data privacy is no longer a luxury but a necessity….…
-
Leaked Chat Logs Reveal Black Basta’s Dark Night of the Soul
After Disrupting Ascension Health, Black Basta Forecast Reprisals From FBI, Moscow We are pentesters, not murderers, ransomware group Black Basta claimed in its negotiations with victim Ascension Healthcare in May 2024, after its attack led to widespread disruptions and patient safety alerts. Leaked chat logs reveal the group feared resulting reprisals from the FBI and…
-
Groups Call for Trump to Rescind Proposed HIPAA Rule Update
Health Industry Associations Complain That Proposed Cyber Mandates Are ‘Staggering’. Seven major healthcare industry groups are urging the Trump administration to rescind a proposed update to the HIPAA security rule issued at the end of the Biden administration. The costs and regulatory burden to comply would be staggering to the healthcare sector, they said. First…
-
5 things to know about ransomware threats in 2025
Tags: access, attack, authentication, awareness, backup, breach, ciso, cloud, control, credentials, cyber, dark-web, data, data-breach, defense, detection, encryption, exploit, extortion, finance, fraud, group, healthcare, identity, incident response, infrastructure, Internet, iot, law, leak, mfa, monitoring, network, password, ransom, ransomware, risk, scam, service, software, sophos, supply-chain, technology, threat, tool, update, vpn, vulnerability, zero-day2. Mid-size organizations are highly vulnerable: Industry data shows mid-size organizations remain highly vulnerable to ransomware attacks. “CISOs need to be aware that ransomware is no longer just targeting large companies, but now even mid-sized organizations are at risk. This awareness is crucial,” says Christiaan Beek, senior director, threat analytics, at Rapid7.Companies with annual revenue…
-
MSSPs, Physical Tools, and a Multi-Layered Approach: Protecting Hospitals
First seen on scworld.com Jump to article: www.scworld.com/perspective/mssps-physical-tools-and-a-multi-layered-approach-protecting-hospitals
-
China-based Silver Fox spoofs healthcare app to deliver malware
Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/25/china-based-silver-fox-spoofs-healthcare-apps-dicom-viewer-to-deliver-valleyrat-malware/
-
Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks
Forescout observed the recently identified Chinese hacking group using medical imaging software applications to deliver malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-silver-fox-backdoors/
-
Strategic? Functional? Tactical? Which type of CISO are you?
Tags: breach, business, ceo, cisco, ciso, cloud, compliance, cybersecurity, finance, governance, group, guide, healthcare, infrastructure, jobs, risk, service, skills, startup, strategy, technology, trainingTransformational, as in program-builders or turnaround agents.Operational, often early-career CISOs who are closer to the technology and work at small-to-midsize companies where they still perform some technical duties.Compliance, that is, risk experts typically found in highly regulated industries.Steady-state CISOs, who, in opposition to the transformational type, keep everything on an even keel.Customer-facing CISOs, usually found…
-
New Guidelines: Cybersecurity Resilience in the Healthcare Industry
Lou Morentin, VP of Compliance & Privacy There are a number of significant changes coming to Healthcare Cybersecurity requirements. While not all are finalized, they point the way towards Health and Human Services tightening the controls and requirements. Healthcare Cybersecurity: A Shift Towards Resilience The healthcare industry is facing an evolving threat landscape, with cyberattacks……
-
Change Healthcare’s Mega Attack: 1 Year Later
Ransomware Attack Taught Lessons on Health Sector Resiliency, Vendor Redundancy. It’s been one year since hackers attacked IT services provider Change Healthcare, quickly shutting down critical processes for thousands healthcare entities, triggering a data breach affecting 190 million people. So what top lessons are emerging from that massive disruption and data compromise? First seen on…
-
European Healthcare Orgs Targeted With NailaoLocker Ransomware
First seen on scworld.com Jump to article: www.scworld.com/brief/european-healthcare-orgs-targeted-with-nailaolocker-ransomware
-
CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
Tags: attack, cyber, data, exploit, extortion, group, healthcare, ransomware, tactics, vulnerability, zero-dayThe notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics, the group has exploited zero-day vulnerabilities to infiltrate systems, steal sensitive data, and extort victims. This resurgence follows a relatively quieter 2024, during which CL0P listed only 27 victims compared…
-
New NailaoLocker ransomware used against EU healthcare orgs
A previously undocumented ransomware payload named NailaoLocker has been spotted in attacks targeting European healthcare organizations between June and October 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-nailaolocker-ransomware-used-against-eu-healthcare-orgs/
-
CISA FBI Warns that Ghost Ransomware Hits Over 70 Organizations
Tags: advisory, cisa, cyber, cybersecurity, government, healthcare, infrastructure, network, ransomwareThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the widespread impact of the Ghost ransomware, also known as Cring. Since its emergence in early 2021, this ransomware has compromised over 70 organizations globally, spanning critical infrastructure, healthcare, education, government networks, and private…
-
Career Spotlight: Cloud Security Specialist
Demand for Cloud Security Skills Is Growing, Offering Good Pay and New Challenges Cloud services support a wide range of applications from finance to healthcare systems and have become prime targets for cybercriminals, making cloud security a major concern for cybersecurity organizations. The need to secure the cloud is driving demand for skilled cloud security…
-
Healthcare outfit that served military personnel settles allegations it faked infosec compliance for $11M
If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/decadeold_healthcare_security_snafu_settled/
-
Healthcare outfit that served military personnel settles allegations it faked infosec compliance for $11 million
If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/decadeold_healthcare_security_snafu_settled/
-
Managed healthcare defense contractor to pay $11 million over alleged cyber failings
The settlement with Health Net Federal Services is the latest penalty levied on a federal contractor as part of a 2021 initiative to root out cyber-related fraud. First seen on therecord.media Jump to article: therecord.media/managed-health-tricare-false-claims
-
Why Some States Are Beefing Up Their Health Cyber Regs
States will increasingly be stepping up to fill gaps in the healthcare sector with new cyber legislation and requirements as the Trump administration promises to roll back regulations, predicts attorney Amy Magnano of the law firm Morgan Lewis’ healthcare practice. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/some-states-are-beefing-up-their-health-cyber-regs-i-5446
-
Ransomware gangs extort victims 17 hours after intrusion on average
Tags: access, business, credentials, data, encryption, espionage, exploit, extortion, government, group, healthcare, Intruder, malicious, malware, metric, monitoring, network, ransom, ransomware, service, tactics, technology, theft, threat, tool, vulnerability, zero-dayThe initial point of access for the attackers and the privileges it provided themHow easy it is to reach other network segments and systems from the initially compromised assetWhether access into the environment was resold to a ransomware operator by an initial access brokerWhether the attackers decided to operate only outside the victim’s regular business…
-
Software Bill of Material umsetzen: Die besten SBOM-Tools
Tags: api, business, compliance, container, cyberattack, data, docker, gartner, github, gitlab, healthcare, linux, monitoring, open-source, risk, saas, sbom, service, software, tool, update, vulnerabilityNur wenn Sie wissen, was drinsteckt, können Sie sich sicher sein, dass alles mit rechten Dingen zugeht. Das gilt für Fast Food wie für Software. Um Software abzusichern, muss man wissen, was in ihrem Code steckt. Aus diesem Grund ist eine Software Bill of Material, SBOM oder Software-Stückliste heute unerlässlich. Der SolarWinds-Angriff sowie die Log4j-Schwachstelle…
-
CISO success story: How LA County trains (and retrains) workers to fight phishing
Tags: ai, awareness, breach, business, chatgpt, cio, ciso, cloud, compliance, computing, control, corporate, cybersecurity, data, dos, election, email, endpoint, government, hacker, healthcare, incident response, jobs, law, lessons-learned, malicious, marketplace, network, phishing, privacy, regulation, risk, risk-management, service, software, strategy, supply-chain, tactics, technology, threat, tool, training, vulnerability(The following interview has been edited for clarity and length.)At first glance, LA County’s reporting structure who reports to whom seems, well, fairly complex.We have a federated model: I report to the county CIO. Each department acts as an independent business and has its own department CIO and information security officer. Their job is to…
-
Healthcare Sector Sees Spike in Cyberattacks
First seen on scworld.com Jump to article: www.scworld.com/brief/healthcare-sector-sees-spike-in-cyberattacks
-
Is AI a Friend or Foe of Healthcare Security?
When it comes to keeping patient information safe, people empowerment is just as necessary as deploying new technologies. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/is-ai-friend-foe-healthcare-security
-
Over 120K impacted by Memorial Hospital Manor ransomware attack
First seen on scworld.com Jump to article: www.scworld.com/brief/over-120k-impacted-by-memorial-hospital-manor-ransomware-attack
-
Claroty zum fünften Mal in Folge als beste HealthcareSecurity-Lösung ausgezeichnet
Das renommierte Healthcare-Analyseunternehmen KLAS Research hat im Report ‘2025 Best in KLAS: Software & Services” zum Gewinner in der Kategorie IoT-Sicherheit im Gesundheitswesen gekürt. Der Spezialist für die Sicherheit von cyberphysischen Systemen (CPS) erhält diese Auszeichnung in dem sehr wettbewerbsintensiven Umfeld bereits das fünfte Jahr in Folge und konnte dabei 95,4 von 100 […] First…
-
120K Victims Compromised in Memorial Hospital Ransomware Attack
After claiming responsibility for the ransomware attack in 2024, the Embargo ransomware group posted 1.15 terabytes of stolen data to its public Tor site. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/120k-victims-compromised-memorial-hospital-ransomware
-
Georgia Hospital, Nursing Home Notifying 120,000 of Hack
Ransomware Group Embargo Claims to Have Published 1.15TB of Hospital’s Stolen Data. A rural Georgia hospital and its nursing home are among several other regional healthcare entities notifying tens of thousands of patients that their information was compromised in recent hacks. Ransomware gang Embargo claims to have published 1.15 terabytes of stolen data in one…