Cofense Searches the Status of Phishing Protections in 2018

November 29, 2018

October 20, 2018   The anti-phishing solution supplier Cofense has issued its 2018 Status of Phishing Protection report. The report provides insights into the most usual phishing electronic mails being used by cybercriminals and the message topics that are most effective at deceiving workers into clicking and disclosing secret information. The report also breaks down phishing attacks by industry sector and demonstrates which industries are most vulnerable to phishing attacks. In addition to describing the most effective phishing electronic mails, Cofense also offers anti-phishing guidelines and proposes best practices that must be adopted to make phishing simulation exercises and safety consciousness training more effective. To put together the report, Cofense examined the reactions to 135 million phishing electronic mail replications Read More

KnowBe4 Starts ‘Domain Doppelgänger’ Bogus Domain Identification Tool

November 29, 2018

October 3, 2018   A new tool has been announced by the safety consciousness training and phishing simulation platform supplier KnowBe4 that can assist firms to identify ‘evil twin domains’ – lookalike deceived domains that are usually used by cybercriminals for phishing and spreading malware. An evil twin domain is very similar to a real website that is used by a firm. It might contain an additional letter such as faceboook.com, have lost letters such as welsfargo.com, contain altered letters such as faecbook.com to catch out uncaring typists, or use substitute TLDs such as a.co.uk or .ca in place of a .com. Evil twin domains are exceptionally common.  A study carried out by Farsight Security between Oct. 17, 2017 and Read More

CloudHealth Platform Updates Provide Additional Help for Azure Users

November 29, 2018

September 27, 2018   Microsoft is making up ground on AWS. Income from the Microsoft Azure platform soared 98% in the infrastructure-as-a-service (IaaS) market in 2017, surpassing the market growth of AWS. In order to better meet customer requirements and to cater to the surge in adoption of Microsoft Azure, CloudHealth Technologies, the prominent cloud management platform supplier, has increased its Azure capabilities with the latest updates to its cloud management platform. “If managed properly, Azure will accelerate your business,” said Joe Kinsella, CTO, and Founder of CloudHealth Technologies. “CloudHealth removes the ‘if’ by enabling clients to travel with confidence, simplify decision making, increase efficiency, and centralize control. The improved characteristics for Microsoft Azure users include assistance for Azure Reserved Read More

Cofense Looks Closely at Healthcare Phishing Attacks

November 29, 2018

September 26, 2018   Cofense, the prominent supplier of human-based phishing threat management solutions, has issued new research that demonstrates the healthcare industry lags behind other industry sectors for phishing protections and is consistently attacked by cybercriminals who often succeed in gaining access to secret patient health data. The Division of Health and Human Services’ Office for Civil Rights issues a synopsis of data breaches informed by healthcare companies that have involved over 500 records. Each week, many electronic mail breaches are registered on the portal. The Cofense report examines deeper into these attacks and demonstrates that a third of all data breaches happen at healthcare companies. There are several instances of how simple phishing attacks have led to attackers Read More

Microsoft Office Under Probe Big GDPR Breach

November 29, 2018

November 17, 2018   Dutch investigators are carrying out an inquiry after claims that Microsoft Office is in breach of the European Union General Data Protection Regulations in relation to the data the software has been collecting including the content of confidential electronic mails. Those studying the alleged breach in the Netherlands have disclosed, during their search of Microsoft Office, that they exposed large-scale collection of private data. It is believed that users had not been informed that this was happening and had not provided official approval. A Microsoft spokesman said: “We are dedicated to our customers’ secrecy, putting them in control of their data and making sure that Office ProPlus and other Microsoft products and facilities abide by GDPR and Read More

WordPress GDPR Compliance Tool Fault Leads to Data Secrecy Breach

November 29, 2018

November 15, 2018   The operators of content Management platform WordPress have released an advisory advising users to refresh the WP GDPR Compliance plug-in as soon as possible because of a fault in the software resulting in a possible secrecy breach. The plug-in in question, unluckily, was developed to help website proprietors are compliant with all General Data Protection Regulation, the new EU data secrecy law. WP GDPR Compliance was found to be a serious weakness that lets illegal users gain access to the back end of websites. It is even possible for illegal people to get access and set up administrator user privileges, letting them to return and to the back end of the website at a later date. Read More

UK-Based Secrecy Protection Group Focuses on GDPR Breaches by US Companies

November 29, 2018

November 10, 2018   Privacy International, a UK-based listed charity that protects and promotes the right to secrecy throughout the world, last week filed a number of grievances against US-based Businesses to European based Data Protection bodies regarding supposed breaches of the General Data Protection Regulation. The General Data Protection Regulation was launched by the European Union on May 25 this year in an attempt to safeguard the confidential information of all people within the European Union and to protect all data exported outside of the EU. It necessitates all firms, groups, and organizations administering data like this to fulfill a particular requirement or else they, the businesses, will be found as breaching the law. The fines for GDPR violations are excessive, going as high Read More

Facebook Facing GDPR Inquiry over Audience Targeting Ways

November 29, 2018

November 8, 2018   Facebook is confronting the anger of the European Union’s General Data Protection Regulation (GDPR) once again after a complaint made by the UK Information Commissioner Office (ICO) to the Irish Data Protection Commission (DPC) in relations to the social media titan’s user targeting methods. Facebook has come in for heavy denunciation in recent weeks after a number of news reporters showed how easy it was to post bogus ads that appear to be funded/financed by real politicians. Other reports included targeting people with tremendously traditional opinions and views. The Irish Data Protection Commission is the pertinent body to probe the complaint as the Facebook European head office is based in Dublin. Communications representative for the DPC Read More

Key Dental Group Warns Patients About Possible HIPAA Violation

November 29, 2018

November 28, 2018   Florida-based Key Dental Group has made contact with its patients about a doubted HIPAA breach which might have resulted in the illegal disclosure of their protected health information (PHI). After altered its electronic medical record (EMR) database supplier, Key Dental Group asked its earlier provider, MOGO, the return its EMR database. Although the end user license agreement (EULA) said that all patient data should be delivered over on cessation of the contract, MOGO has not returned the database. MOGO suggested to Key Dental Group, through its lawyer, that the database would not be handed over. The Pembroke Pines dental practice asserts that together with breaching the EULA, MOGO, as a HIPAA business associate, is in violation of Read More

Reports: Ransomware Attacks Increase as Healthcare Sector is Heaviest Hit

November 29, 2018

November 7, 2018   As per the latest Beazley’s Q3 Breach Insights Report, Cyber Criminal campaigns attacks are rising again and healthcare is the most targeted sector. Ransomware attacks on healthcare groups comprised 37% of those managed by Beazley Breach Response (BBR) Services. This figure is more than three times the number of attacks faced by Professional facilities, the second most targeted industry with 11%. Other cybersecurity firms including Kaspersky Lab, McAfee, and Malwarebytes have all issued reports in 2018 that show ransomware attacks are decreasing; nevertheless, Beazley’s figures show that monthly rises in attacks happened in August and September, with double the number of attacks in September compared to August. The report emphasizes a clear tendency in cyberattacks involving Read More

Medtronic Implantable Cardiac Device Programmers Subjected to FDA Problems Warning Concerning Faults

November 29, 2018

October 24, 2018   The U.S. Food and Drug Administration (FDA) has issued a warning about faults in certain Medtronic implantable cardiac appliance programmers which might possibly be targeted by hackers to change the functionality of the programmer during inserting or follow up visits. About 34,000 susceptible programmers are presently active. The programmers are used by doctors to collect performance data, to check the status of the battery, and to reset Medtronic cardiac implantable electrophysiology devices (CIEDs) including pacemakers, cardiac resynchronization devices, implantable defibrillators, and insertable cardiac monitors. The faults are present in Medtronic CareLink 2090 and CareLink Encore 29901 programmers, especially how the appliances transmit to the Medtronic Software Distribution Network (SDN) online. The link is essential to download Read More

BSI Study: One in Six European Businesses Unready for GDPR Breach

November 28, 2018

October 20, 2018   The British Standards Institution (BSI) has announced the results of a study which demonstrate that one in six European businesses is not adequately ready to face the danger of a data breach. This is mainly worrying as the European Union’s General Data Protection Regulation (GDPR) turned into enforceable on May 25 this year. According to the new GDPR rule businesses face penalties of €20m or 4 percent of yearly international revenue, whichever figure is higher. BSI Group is the federal standards body, of the UK, which generates technical standards on a wide variety of products and services including accreditation and standards-related facilities to companies. The report demonstrated that 73 percent of groups who took part in the BSI research was ‘worried Read More

AMIA Requires Greater Alignment of Federal Data Secrecy Laws

November 28, 2018

November 22, 2018   The American Medical Informatics Association (AMIA) is requesting for the Trump Administration to tighten up data secrecy laws through better alignment of HIPAA and the Common Law and adoption of a more integrated approach to secrecy that includes both the healthcare sector as well as consumer sector. The call follows a request for remark by the NTIA to start a talk concerning consumer secrecy. In a letter to the National Telecommunications and Information Administration (NTIA), a branch of the Division of Commerce, AMIA clarified that its remarks are informed by the wide experience of dealing with both the Health Insurance Portability and Accountability Act and the Central Protections for Human Subjects Research (Common Rule). Presently, there is a Read More

Do HIPAA Laws Create Blockades That Avoid Information Sharing?

November 28, 2018

November 21, 2018   The HHS has prepared a Request for Information (RFI) to find out how HIPAA Laws are obstructing patient information sharing and are making it tough for healthcare suppliers to organize patient care. HHS desires remarks from the public and healthcare industry sponsors on any provisions of HIPAA Laws which are discouraging or restraining organized care and case management among hospitals, doctors, patients, and payers. The RFI is part of a new initiative, called Regulatory Sprint to Coordinated Care, the purpose of which is to get rid of barricades that are avoiding healthcare companies from sharing patient information while retaining safeguards to make sure patient and data secrecy are safeguarded. The remarks received through the RFI will Read More

OCR Starts Campaign to Increase Consciousness of Civil Rights Protections for Patients Being Treated for Opioid Use Disorder

November 28, 2018

October 31, 2018   On October 26, 2017, President Donald Trump announced the opioid disaster a national public health disaster. The one-year anniversary of that announcement has seen a new opioid bill initialed into law. On October 24, 2018, President Donald Trump added his signature to the Substance Use–Disorder Prevention that Encourages Opioid Recovery and Treatment for Patients and Communities Act – or “SUPPORT for Patients and Communities Act” for short. The Act will assist reinforce the government’s reaction to the opioid disaster, improve access to addiction treatment facilities, and increase data sharing in instances of opioid misuse. There have been calls for modifications to be made to 42 CFR Part 2 to align the law with the HIPAA Secrecy Read More

Aetna Resolves HIPAA Violation Case with State AGs

November 28, 2018

October 17, 2018   In 2017, mistakes occurred with two Aetna mailings that led to the impermissible revelation of the protected health information of plan members, including HIV conditions and AFib analyses. A class action court case was filed on behalf of the sufferers of the HIV status breach which was resolved for $17 million in January. Now Aetna has reached resolutions with the attorneys general for New Jersey, Connecticut, and the District of Columbia to settle the supposed HIPAA violations exposed during an inquiry into the secrecy breaches. The first mailing was transmitted on July 28, 2017 by an Aetna business associate. Over-sized windowed covers were used for the posting, through which it was probable to see the names Read More

53% Of Healthcare Data Breaches Because of Insiders and Carelessness

November 27, 2018

November 27, 2018   The healthcare industry has had more than its reasonable share of hacking occurrences, however, the biggest threat comes from within. The actions of healthcare suppliers, health underwriters, and their workers cause more breaches than hacks, malware, and ransomware attacks. Scientists at Michigan State University and Johns Hopkins University studied data breaches reported to the Division of Health and Human Services’ Office for Civil Rights (OCR) over the past 7 years and observed that over half of breaches were the result of internal carelessness. The research study, which was lately printed in the journal JAMA Internal Medicine, is a follow-on from a 2017 study that explored the danger of hospital data breaches and the kinds of hospitals that were most Read More

Stolen FHN Healthcare Laptop Had the PHI of 4,458 Patients

November 27, 2018

November 26, 2018   FHN Healthcare, which manages FHN Memorial Hospital in Freeport, IL, and a network of family healthcare complexes all over northwest Illinois, has learned that a laptop computer having the protected health information of 4,458 patients has been stolen from the automobile of a worker. The theft was instantly reported to law enforcement, but the appliance has not been recovered. FHN Healthcare recreated the data saved on the appliance and found it contained names, medical information, health insurance information, medical record numbers, birth dates, addresses, Social Security numbers, and driver’s license numbers. FHN healthcare already encrypts all its laptop computers, even though the inquiry into the occurrence disclosed that the stolen appliance had not been encrypted and Read More

Main Dental Group Warns Patients About Possible HIPAA Violation

November 27, 2018

November 25, 2018   Key Dental Group, a dental practice in Pembroke Pines, FL, is notifying its patients concerning a suspected HIPAA violation which has the possibility to result in the illegal retrieving of their protected health information (PHI). After altering its electronic medical record (EMR) database supplier, Key Dental Group requested its past supplier, MOGO, to return its EMR database. Although the end user license agreement (EULA) stated that all patient data should be returned on termination of the agreement, MOGO has declined to return the database. MOGO communicated to Key Dental Group, through its lawyer, that the database would not be returned. The Pembroke Pines dental practice claims that in addition to violating the EULA, MOGO, as a Read More

October 2018 Healthcare Data Breach Statement

November 26, 2018

November 24, 2018   Our October 2018 healthcare data breach report demonstrates there has been a month-over-month rise in healthcare data breaches with October seeing more than one healthcare data breach informed per day. 31 healthcare data breaches were informed by HIPAA-covered units and their business associates in October – 6 incidents more than the preceding month. It should be noted that one breach at a business associate was reported to OCR as three separate breaches. The number of breached records in September (134,006) was the lowest total for 6 months, however, the downward tendency didn’t carry on in October. There was a huge surge in disclosed protected health information (PHI) in October. 2,109,730 records were exposed, stolen or impermissibly Read More

Email Hacking Incident Informed by Episcopal Health Facilities

November 26, 2018

November 23, 2018   Specified existing and previous patients of St. John’s Episcopal Hospital and Episcopal Health Facilities in New York are being informed that some of their protected health information has possibly been compromised. On September 18, 2018, Episcopal Health Facilities became conscious of doubtful activity in several worker electronic mail accounts. An inquiry was instantly launched, and a third-party digital forensics company was called in to decide the nature and scope of the breach. The inquiry exposed many worker electronic mail accounts had been compromised between August 28, 2018 and October 5, 2018. A detailed examination of the compromised electronic mail accounts was finished on November 1. The kinds of information exposed varied from patient to patient but Read More

128,400 Workers and Patients Impacted by Phishing Attack on Albany Cancer Cure Center

November 26, 2018

November 22, 2018   New York Oncology Hematology in Albany, NY, has declared that hackers have gained access to 15 worker electronic mail accounts which had the confidential information of as many as 128,400 existing and former patients and workers. As is usual in phishing attacks, the electronic mails had a hyperlink to an apparently genuine electronic mail login page which requested usernames and passwords. When the information was submitted it was harvested by the attackers. As per the alternate breach notice on the New York Oncology Hematology website, each compromised electronic mail account only remained accessible for a brief period of time before access was ended. The electronic mail breaches were identified by New York Oncology Hematology’s IT seller, Read More

APT28 Group Uses New Cannon Trojan in Spear Phishing Campaign Targeting US and EU Government Organizations

November 26, 2018

November 24, 2018   A new spear-phishing campaign is being carried out by the AP28 (Sofacy Group/Fancy Bear/Sednit) on government agencies in the United States, Europe, and a former USSR state using the earlier unidentified Cannon Trojan. The campaign was noticed by Palo Alto Networks’ Unit 42 team and was first known in late October. The campaign is being carried out through spam electronic mail and uses weaponized Word document to deliver two malware variations. The first, the Zebrocy Trojan, has been used by APT28 in earlier campaigns and was first identified in 2015. The main purpose of the Zebrocy Trojan is to provide access to an appliance and establish a link with a C2 server. It serves as a Read More

TA505 APT Group Dispersing tRat Malware in New Spam Campaigns

November 26, 2018

November 23, 2018   The abounding APT group TA505 is carrying out spam electronic mail campaigns dispersing a new, modular malware variation called tRAT. tRAT malware is a distant access Trojan capable of downloading extra modules. Besides adding infected users to a botnet, the danger actors have the option of vending access to various elements of the malware to other danger groups for use in different attacks. Threat scientists at Proofpoint interrupted two separate electronic mail campaigns dispersing tRAT malware this fall, one of which was a typical spam electronic mail campaign using social engineering methods to get electronic mail receivers to open an attached Word document and allow macros. Allowing macros caused the download of the tRAT payload. One Read More

Vital AMP for WP Plugin Weakness Allows Any User to Gain Admin Rights

November 26, 2018

November 22, 2018   A recent critical WordPress plugin weakness has been recognized that might let site users increase rights to admin level, providing them the capability to add custom code to a weak website or upload malware. The weakness is in the AMP for WP plugin, a trendy plugin that changes standard WordPress posts into the Google Accelerated Mobile Pages format to improve load speeds on mobile browsers. The plugin has over 100,000 active users. Although the plugin was expected to carry out checks to decide whether a particular user is allowed to carry out certain administrative jobs, inadequate checks were carried out to confirm the existing user’s account permissions. As a consequence, any user, including a user listed Read More

Phishing Accounts for 50% of All Scam Attacks

November 25, 2018

November 17, 2018   An analysis of existing cyber fraud dangers by network safety company RSA demonstrates that phishing attacks have risen by 70% since Q2 and now account for 50% of all scam attacks experienced by companies. Phishing attacks are trendy since they are easy to carry out and have a high success ratio. An attacker can set up a webpage that imitates a famous brand such as Google or Microsoft that requests login particulars. Electronic mails are then transmitted having hyperlinks to the site together with a valid reason for clicking. As per a research carried out by Verizon, 12% of users click hyperlinks in phishing electronic mails. RSA notes that the bulk of phishing attacks are carried Read More

Microsoft Patches 12 Vital Weaknesses on November Patch Tuesday

November 25, 2018

November 16, 2018   Microsoft has released patches for 12 critical weaknesses in November Patch Tuesday and has repaired a fault that is being actively abused by at least one threat group. Altogether, 64 weaknesses have been repaired across Windows, Edge, IE, and other Microsoft products. The 12 critical weaknesses might allow hackers to execute a malevolent code and take complete control of a weak appliance. The bulk of the critical weaknesses are in the Chakra Scripting Engine, which accounts for 8 of the 12 critical faults. CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, and CVE-2018-8588, are all memory corruption weaknesses regarding how the Chakra Scripting Engine manages things in the memory in Microsoft Edge. All eight weaknesses might be Read More

WordPress GDPR Compliance Plugin Weakness Being Actively Exploited

November 25, 2018

November 14, 2018   Websites with the WordPress GDPR Compliance plugin connected are being hijacked by hackers. A weakness in the plugin is being abused, letting attackers change site settings and register new user accounts with admin rights. The weakness can be distantly abused by unauthenticated users, several of whom have automated abuse of the weakness to capture as many sites as possible before the weakness is rectified. The fault was recognized by safety scientists at Defiant, who noted that in a number of attacks, after abusing the fault the attackers have rectified the weakness. Defiant’s scientists propose that this method makes sure other hackers are avoided from hijacking compromised sites. In some instances, after access to a weak site Read More

APT28 Group Utilizes New Cannon Trojan in Spear Phishing Campaign Targeting US and EU Government Organizations

November 25, 2018

November 25, 2018   A new spear phishing campaign is being carried out by the AP28 (Sofacy Group/Fancy Bear/Sednit) on government companies in the United States, Europe, and a former USSR state using the earlier unidentified Cannon Trojan. The campaign was noticed by Palo Alto Networks’ Unit 42 team and was first recognized in late October. The campaign is being carried out through spam electronic mail and uses weaponized Word document to supply two malware variations. The first, the Zebrocy Trojan, has been utilized by APT28 in earlier campaigns and was first identified in 2015. The main objective of the Zebrocy Trojan is to provide access to an appliance and establish a link with a C2 server. It works as Read More

Gmail Weakness Allows Phishing Emails to Be Transmitted Anonymously

November 25, 2018

November 24, 2018   A Gmail weakness has been found that lets electronic mails to be transmitted anonymously with no information contained in the sender field. The weakness might easily be abused by cybercriminals for use in phishing attacks. Phishers often hide the sender of an electronic mail in phishing campaigns to deceive the receiver into believing the electronic mail is genuine. The sender’s electronic mail address can be deceived so the shown name seems to be a known contact or well-known organization. Nevertheless, if there is no information in the from field, several end users might be deceived into thinking the electronic mail has come from a genuine source. The weakness was found by software developer Tim Cotton. It Read More

Increase in Phishing Emails Using .Com File Extensions

November 25, 2018

November 23, 2018   The anti-phishing solution supplier Cofense, formerly PhishMe, has informed a noticeable rise in phishing campaigns utilizing files with the .com extension. The .com extension is utilized for text files with executable bytecode. The code can be performed on Microsoft NT-kernel-based and DOS operating systems. The campaigns recognized through Cofense Intelligence are mainly being transmitted to financial facility divisions and are utilized to download a range of malevolent payloads including the Loki Bot, Pony, and AZORult information stealers and the Hawkeye keylogger. Some of the electronic mails in the campaigns clarify the user must open a .iso file attached to the electronic mail to see information linked to the electronic mail notification. The .iso file contains the Read More

Phishing Accounts for 50% of All Scam Attacks

November 25, 2018

November 17, 2018   A study of existing cyber scam dangers by network safety company RSA demonstrates that phishing attacks have risen by 70% since Q2 and now account for 50% of all scam attacks experienced by companies. Phishing attacks are trendy since they are easy to carry out and have a high success rate. An attacker can set up a webpage that imitates a famous brand such as Microsoft or Google that demands login particulars. Electronic mails are then transmitted containing hyperlinks to the site together with a valid reason for clicking. As per a research carried out by Verizon, 12% of users click hyperlinks in phishing electronic mails. RSA notes that the bulk of phishing attacks are carried Read More

Cofense Increases 24/7 Global Phishing Defense Facilities

November 25, 2018

November 2, 2018   Cofense has declared that it has increased its 24/7 Phishing Defense Facility to deliver even greater help to clients beyond business hours and make sure that phishing dangers are recognized in the shortest possible time. The Cofense Phishing Defense Center (PDC) was introduced to ease the load on IT safety teams by letting them unload some of the load of searching through electronic mails informed by their end users and analyzing those electronic mails to recognize the actual threats. When workers report doubtful electronic mails – through Cofense Reporter for example – the electronic mails are transmitted to Cofense Triage for scrutiny. The malware and danger experts in the Cofense PDC team carry out an in-depth Read More

U.S. Treasury Probing $700,000 Loss to Phishing Scam

November 25, 2018

November 1, 2018   In July 2018, the Washington D.C. government fell for an electronic mail cheat that led to wire transfers totaling approximately $700,000 being sent to a scammer’s account. The scammer mimicked a seller used by the city and demanded unsettled bills for construction work be paid. The seller had been hired to work on a design and build the project on a permanent supportive lodging facility. The electronic mails demanded the payment method be altered from check to bank transfer, and particulars of a Bank of America account was specified where the payments needed to be directed. Three separate payments were made adding up $690,912.75. The account details provided were for an account managed by the scammer. Read More

75% of Workers Lack Security Consciousness

November 25, 2018

October 30, 2018   MediaPro has published its 2018 State of Secrecy and Safety Consciousness Report which evaluates the level of safety consciousness of workers across various industry sectors. The report is based on the replies to surveys sent to 1,024 workers throughout the United States that investigated their knowledge of real-world dangers and safety best practices. This is the third year that MediaPro has carried out the survey, which classifies respondents in one of three groups –Risk, Novice, or Hero – based on their knowledge of safety dangers and understanding of best practices that will keep them and their company secure. In 2016, when the survey was first carried out, 16% of respondents rated a risk, 72% were rated beginners, and Read More

United States Steers the World as Key Host of Malware C2 Infrastructure

November 25, 2018

October 29, 2018   The United States is home to the maximum proportion of malware command and control (C2) infrastructure – 35% of the international total, as per fresh research circulated by phishing defense and threat intelligence company Cofense.  27% of network Indicators of Compromise (IoCs) from phishing-borne malware are also either situated in or proxied through the United States. Cofense data indicate that Russia is in the second position with 11%, followed by the Netherlands and Germany with 5% each and Canada with 3%. C2 infrastructure is utilized by hackers to communicate with malware-infected hosts and deliver orders, download new malware modules, and exfiltrate data. Cofense clarified that simply because the C2 infrastructure is hosted in the United States Read More

Stealthy sLoad Downloader Executes Extensive Investigation to Improve Quality of Infected Hosts

November 24, 2018

October 28, 2018   A new PowerShell downloader has been found – the sLoad downloader – which is being utilized in silent, highly targeted attacks in the UK and Italy. The sLoad downloader executes a wide variety of tests to find out a lot of information regarding the system on which it lives, before picking the most suitable malevolent payload to install – if a payload is installed at all. The sLoad downloader was first known in May 2018 when it was mainly being utilized to download the Ramnit banking Trojan, even though more lately it has been providing a much wider variety of malevolent payloads including DarkVNC, PsiBot, Ursnif, and Gootkit, as per safety scientists at Proofpoint who have Read More

Brands Most Usually Spoofed by Phishers Exposed

November 24, 2018

October 27, 2018   Vade Secure has issued a new report describing the brands most usually targeted by phishers in North America. The Phishers’ Favorites Top 25 list discloses the most usually spoofed brands in phishing electronic mails found in Q3, 2018. For the latest report, Vade Security followed 86 brands and rated them based on the number of phishing attacks in which they were mimicked. Those 86 brands account for 95% of all brands deceiving attacks in Q3, 2018. Vade Secure notices that there has been a 20.4% rise in phishing attacks in Q3. As was the case the preceding quarter, Microsoft is the most targeted brand. Phishers are trying to gain access to Azure, Office 365, and OneDrive Read More

30,000 Patients Impacted by May Eye Care Complex Ransomware Attack

November 24, 2018

November 16, 2018   A July 2018 ransomware attack on May Eye Care Center in Hanover, PA saw a variety of confidential patient information encrypted, including data in its electronic medical record system. The ransomware attack was detected by May Eye Care on July 29, 2018. The ransomware was downloaded on a server that had patients’ names, treatment information, diagnoses, insurance information, dates of birth, addresses, clinical information, and a restricted number of Social Security numbers. May Eye Care Center called in a prominent computer forensics firm to probe the breach and an IT firm that specializes in data safety was hired to carry out a complete review of safety systems and procedures. Safety has now been improved to avoid Read More

Healthcare Companies Account for a Quarter of SamSam Ransomware Attacks

November 24, 2018

November 7, 2018   The threat actors behind SamSam ransomware have been very active this year and most of the attacks have been carried out in the United States. Out of the 67 companies that the group is known to have attacked, 56 were on companies based in the United States, as per a recent analysis by cybersecurity company Symantec. The attacks have been carried out on a wide variety of organizations and businesses, although the healthcare industry has been widely targeted. Healthcare businesses account for 24% of the group’s ransomware attacks. It is unclear why healthcare businesses are accounted for so many attacks. Symantec proposes that it might be because of healthcare businesses being easier to attack than other Read More

Ransomware Attacks Rise: Healthcare Industry Most Heavily Targeted

November 23, 2018

November 4, 2018   Ransomware attacks are on the increase once more and healthcare is the most targeted industry, as per the lately issued Beazley’s Q3 Breach Insights Statement. 37% of ransomware attacks handled by Beazley Breach Response (BBR) Facilities affected healthcare companies – more than three times the number of attacks as the second most targeted industry: Professional services (11%). Kaspersky Lab, McAfee, and Malwarebytes have all issued reports in 2018 that indicate ransomware attacks are in decline; nevertheless, Beazley’s figures demonstrate monthly rises in attacks in August and September, with twice the number of attacks in September compared to the preceding month. It is too early to state if this is just a blip or if attacks will Read More

Ransomware Attack Impacts 16,000 National Ambulatory Hernia Institution Patients

November 23, 2018

October 24, 2018   On September 13, 2018, the National Ambulatory Hernia Institute in California suffered a ransomware attack that led to certain files on its system being encrypted. As per the breach notice uploaded to the healthcare provider’s website, the attackers were possibly capable to gain access to demographic data of patients recorded before July 19, 2018. Altogether, 15,974 patients have had some of their protected health information (PHI) disclosed as a consequence of the attack. The information possibly retrieved by the attackers was restricted to names, diagnoses, birth dates, addresses, appointment dates and times, and Social Security numbers. Patients who visited National Ambulatory Hernia Institute services for the first time after July 19, 2018 were unaffected by the Read More

Fetal Diagnostic Institute of the Pacific Suffers Ransomware Attack

November 23, 2018

September 19, 2018   The Fetal Diagnostic Institute of the Pacific (FDIP) in Honolulu, HI, suffered a ransomware attack on June 30, 2018. File-encrypting software was fitted on an FDIP server and encrypted a wide variety of file types, including patient medical records. FDIP hired the services of a prominent cybersecurity business to carry out a complete inquiry into the breach to decide whether patient data was retrieved by the attackers and also to help with breach remediation. The inquiry didn’t disclose any proof to indicate that patients’ protected health information (PHI) was retrieved, seen, or stolen by the people behind the attack, even though it wasn’t possible to exclude data access and data theft with a high level of Read More

Central Colorado Dermatology Ransomware Attack Possibly Led to PHI Access

November 23, 2018

August 23, 2018   Central Colorado Dermatology (CCD) has informed over 4,000 patients that some of their protected health information (PHI) has possibly been retrieved by hackers during a ransomware attack on its computer system. An illegal person gained access to CCD’s computer system and deployed ransomware on a server. Medical files and patients’ medical charts were not retrieved, even though certain files and scanned fax communications were encrypted. Some of those files had PHI. An inquiry was initiated to decide whether protected health information was retrieved or stolen even though it was not possible to decide with a high level of confidence whether any PHI was seen or copied. CCD didn’t disclose any proof to indicate that PHI had Read More

Golden Heart Administrative Experts Ransomware Attack Impacts 44,600 Patients

November 22, 2018

Jul 22, 2018   Golden Heart Administrative Professionals, a Fairbanks, AK-based billing firm and business associate of a number of healthcare suppliers in Alaska, is informing 44,600 people that some of their protected health information (PHI) has possibly been retrieved by illegal people as a consequence of a recent ransomware attack. The ransomware was downloaded to a server having the PHI of patients. As per a press release issued by the firm, “All client patient information must be assumed to be compromised.” Local and central law enforcement organizations have been informed concerning the cyberattack and attempts are continuing to regain files. The Golden Heart Administrative Experts ransomware attack is the biggest data breach informed by a healthcare business in July, Read More