What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-08 20:49:32 | Round 2: Modifier les soins de santé ciblés dans la deuxième attaque de ransomware Round 2: Change Healthcare Targeted in Second Ransomware Attack (lien direct) |
RansomHub, qui est supposé avoir un certain lien avec ALPHV, a volé 4 To de données sensibles de la société de soins de santé assiégée.
RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company. |
Ransomware Medical | ★★ | |
 |
2024-04-08 13:00:09 | Changer les soins de santé fait face à un deuxième dilemme de ransomware des semaines après l'attaque d'ALPHV Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (lien direct) |
Les théories abondent sur qui est vraiment responsable Change Healthcare serait extorqué par un deuxième gang de ransomwares, quelques semaines seulement après s'être remis d'une attaque alphv.…
Theories abound over who\'s truly responsible Change Healthcare is allegedly being extorted by a second ransomware gang, mere weeks after recovering from an ALPHV attack.… |
Ransomware Medical | ★★ | |
 |
2024-04-08 09:00:00 | Hôpital It Helpdesks ciblé par des fraudeurs vocaux, avertit HHS Hospital IT Helpdesks Targeted By Voice Fraudsters, Warns HHS (lien direct) |
Les acteurs de la menace sont le personnel socialement génie des soins de santé informatique pour voler de l'argent, le gouvernement a averti
Threat actors are socially engineering healthcare IT helpdesk staff to steal money, the government has warned |
Threat Medical | ★★ | |
 |
2024-04-05 17:25:00 | Alphv intensifie le blanchiment du changement de santé des soins de santé ALPHV steps up laundering of Change Healthcare ransom payments (lien direct) |
> Alors que le groupe de ransomwares se déplace pour cacher ses 22 millions de dollars, son encoche d'affiliation est à la hauteur après avoir été affaibli en paiement.
>As the ransomware group moves to hide its $22 million, its affiliate notchy is laying low after reportedly being stiffed on payment. |
Ransomware Medical | ★★ | |
|
2024-04-04 14:02:46 | Cyberattack vole certaines opérations chez le fabricant d'objectifs japonais Cyberattack Shutters Some Operations at Japanese Lens Manufacturer (lien direct) |
Les lunettes et les objectifs médicaux basés à Tokyo, Hoya, ont déclaré que l'attaque avait interrompu les processus de production à certains endroits ainsi qu'un système de commande pour certains de ses produits.
Tokyo-based eyeglass and medical lens-maker Hoya said the attack has halted production processes in some locations as well as an ordering system for some of its products. |
Medical | ★★ | |
 |
2024-04-03 07:01:00 | Comprendre la conformité NIS2 et comment Sase peut aider Understanding NIS2 Compliance and How SASE Can Help (lien direct) |
> La directive 2 (NIS2) de l'Union européenne est un gros problème pour améliorer la position de la cybersécurité de l'UE.Décourné en janvier 2023 - avec une date limite de conformité du 18 octobre 2024 - La directive est conçue pour renforcer les cyber-défenses dans les secteurs clés.De l'énergie aux soins de santé, la banque aux infrastructures numériques, si vous & # 8217; re dans ces [& # 8230;]
>The European Union’s Network and Information Systems Directive 2 (NIS2) is a big deal for improving the EU’s cybersecurity stance. Kicked off in January 2023-with a compliance deadline of October 18, 2024-the Directive is designed to beef up cyber defences across key sectors. From energy to healthcare, banking to digital infrastructure, if you’re in these […] |
Medical | ★★★ | |
|
2024-04-02 19:52:39 | HHS prévoit de cyber \\ 'une boutique à guichet \\' après une attaque United Healthcare HHS Plans for Cyber \\'One-Stop Shop\\' After United Healthcare Attack (lien direct) |
L'initiative vise à fournir plus de ressources et de meilleures stratégies pour les entités de santé qui sont confrontées à une quantité croissante de défis de cybersécurité.
The initiative is meant to provide more resources and better strategies for healthcare entities that face an increasing amount of cybersecurity challenges. |
Medical | ★★ | |
 |
2024-04-01 10:00:00 | AI - le bon, le mauvais et effrayant AI - The Good, Bad, and Scary (lien direct) |
AI and machine learning (ML) optimizes processes by making recommendations for optimizing productivity, reducing cycles, and maximizing efficiency. AI also optimizes human capital by performing mundane & repetitive tasks 24x7 without the need for rest and minimizing human errors. There are numerous benefits as to how AI can benefit society. As much as AI can propel human progress forward, it can be consequential to our own detriment without proper guidance. We need to understand the risks and challenges that comes with AI. Growing your knowledge in the new era of AI will help you and your organization evolve. AI can be a battlefield of good and evil. There’s the power to do good and the power to do evil. Here are some examples on the Good, Bad, and Scary of AI. Good Cybersecurity - Detect and respond to cyber-attacks with automation capabilities at machine speed and predict behavioral anomalies and defend against cyber threats before an actual attack occurs Banking & Finance – Detect and prevent fraud, manage risks, enable personalized services, and automate financial-decision processing Healthcare – Optimize patient interactions, develop personalized treatment plans, attain better patient experience, improve patient data accuracy, and reduce misfiled patient records Manufacturing – Predict maintenance, detect defects and quality issues, enhance productivity, generate product & component designs, and optimize inventory & demand forecasting Retail – Secure self-checkout that helps loss prevention, optimize retail operations & supply chain, and enhance customer experiences Smart cities & IoT – Manage traffic of autonomous vehicles & self-driving, manage energy consumption, optimize water usage, and streamline waste management through real-time sensor data Telecom – Predict network congestion and proactively reroute traffic to avoid outages Bad Cybercriminals – Leverage AI-powered tools and social engineering to steal identities, generate ransomware attacks, perform targeted national state attacks, and destroy national critical infrastructure Computing resources – Require heavy power supply, Thermal Design Power (TDP), Graphics Processing Unit (GPU), and Random Access Memory (RAM) Environmental impact - Impact of intensive computing resources have on carbon footprint and environment Energy cost – Rise in electric power usage and water for cooling and increasing computational costs translates into carbon emissions Bias & Discrimination - Propagate biases as a result of bad training data, incomplete data, and poorly trained AI model Inequality – Widen the gap between the rich and poor and increase inequality in society Privacy – Loss of data privacy from insecure AI systems, unencrypted data sources, and misuse & abuse Skills loss - Reduce human critical thinking skills to uncover root issues, solve complex problems, and ability to write at college level and professionally Scary Job loss and displacement - Replace humans with robots across every sector to perform highly skilled professional jobs Overreliance on AI – Rely heavily on AI to make important decisions like electing medical procedures, making life or death decisions, or choosing political candidates Dominance of AI - Potential ability of AI to surpass human intelligence and take control Monopoly by tech – a select number of tech companies could monopolize the economy and have undue influence over the social construct of our daily lives from buying patterns to everyday decision-making Deepfakes – Generate deepfakes with manipulated videos and images to influence discussions on social media and online forums Propaganda & Disinformation – Deploy human a | Ransomware Tool Prediction Medical | ★★★ | |
 |
2024-03-29 12:58:05 | Ransomware Gang Fuaks volé les données sur les patients de la santé écossaise dans l'offre d'extorsion Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid (lien direct) |
Les cyber-extormistes ont publié sur leurs données sur les patients sensibles de Blog Darkweb volées au NHS Dumfries et Galloway, qui fait partie du système de santé écossais, dans le but d'exiger de l'argent du Conseil de santé local.Le service a annoncé plus tôt ce mois
Cyber extortionists have published to their darkweb blog sensitive patient data stolen from NHS Dumfries and Galloway, part of the Scottish healthcare system, in a bid to demand money from the local health board. The service announced earlier this month it was the target of “a focused and ongoing cyber attack,” and that while |
Ransomware Medical | ★★ | |
 |
2024-03-29 06:00:11 | Déverrouiller l'efficacité de la cybersécurité dans les soins de santé: utiliser des informations sur les menaces pour naviguer dans la surface d'attaque humaine Unlocking Cybersecurity Efficiency in Healthcare: Using Threat Insights to Navigate the Human Attack Surface (lien direct) |
Understanding your organization\'s human attack surface is not just a good idea in today\'s threat landscape; it\'s essential. Why? Because it can make all the difference in your efforts to allocate your limited resources efficiently. Let\'s face it-in the world of cybersecurity, one size does not fit all. It is not feasible to adopt a uniform approach to secure your business. And while most of your users may pose a minimal risk, there are smaller, high-risk groups that attract the lion\'s share of attention from cyberthreat actors. Identifying these groups and understanding what makes these users so enticing to attackers is key to creating an effective defense. At Proofpoint, we recognize the importance of understanding the human attack surface. Our approach to cybersecurity revolves around a human-centric defense strategy. And email serves as a valuable window into the most vulnerable parts of your business. We analyze inbound threats directed at email addresses and enrich them with directory information. This is a Proofpoint Targeted Attack Protection (TAP) feature that\'s available to all customers. As a result, we provide valuable insights into the job roles and departments that are prime targets for attackers. In this blog, we\'ll go through some of our most recent insights for the healthcare industry-and the job roles that attracted the most interest from attackers. 2023 research overview For our research in 2023, we created a healthcare peer group of over 50 similar hospital systems to track within the Proofpoint TAP platform. We meticulously analyzed “people data” from these systems to identify trends in attack patterns. We tracked: Attack index Click rates Malicious message volume Total clicks across various departments More specifically, we looked for outlier clusters that exhibited movement beyond the average. What follows are a few of our insights. Threat actors target roles related to finance and the revenue cycle back-end As it turns out, attackers have a penchant for people in finance-related jobs and those who are involved in transactions. These users were consistently attacked more than others. When we drill down further on our findings, we see that departments involved in the supply chain and facilities management exhibit similar deviations from the average. The reason? These roles often require people to be involved in transactions, making them attractive targets for attackers. 2023 department-level average attack index: Finance and transactional job roles averaged a significantly higher attack index per month per user. Money is a bigger draw than data But here is where it gets interesting. When we compare job roles and departments based on access to transactions versus access to health information, the difference is stark. It seems that attackers are more determined to interdict financial transactions than to gain access to users with large amounts of health data. 2023 department-level average attack index; medical and information services departments averaged a significantly lower attack index per month per user than financial and transactional job roles. Threat actors go after roles that deal with patient service revenue Going a step further, we wanted to understand the impact of threats on people in administrative and clinical roles who help capture, manage and collect patient service revenue. We examined the revenue cycle by categorizing job roles and departments in the following ways. Front-end (admin and pre-visit) Middle (visit, claim submission) Back-end (inbound processing, payer, patient) The disparity between groups with access to transactions and those with access to health data is evident. The revenue cycle back-end category exhibits the highest average attack index among revenue cycle labeled data, which we attribute to finance job roles associated with billing. 2023 average of attack index trends; revenue cycle quarterly comparison. The interest of attackers in finance-related job roles comes | Threat Medical | ★★ | |
|
2024-03-26 13:15:12 | Les ransomwares peuvent signifier la vie ou la mort dans les hôpitaux, mais Def Con Hackers a un plan Ransomware can mean life or death at hospitals, but DEF CON hackers have a plan (lien direct) |
ARPA-H rejoint le défi, ajoute 20 millions de dollars aux récompenses en espèces interview car les gangs de ransomware ciblent l'infrastructure critique & # 8211;en particulier les hôpitaux et autres organisations de soins de santé & # 8211;DARPA a ajouté un autre partenaire d'agence gouvernementale à son Cyber Challenge de l'intelligence artificielle (AIXCC).…
ARPA-H joins the challenge, adds $20M to cash rewards Interview As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC).… |
Ransomware Medical | ★★★ | |
 |
2024-03-26 13:00:00 | Prédictions ICS CERT pour 2024: ce que vous devez savoir ICS CERT predictions for 2024: What you need to know (lien direct) |
> Alors que nous travaillons au premier trimestre de 2024, divers secteurs s'adaptent continuellement aux menaces de cybersécurité de plus en plus complexes.Des secteurs comme les soins de santé, la finance, l'énergie et le transport élargissent régulièrement leur infrastructure numérique, entraînant des surfaces d'attaque plus importantes et une plus grande exposition aux risques.Kaspersky vient de publier leurs prédictions ICS CERT pour cette année, décrivant la clé [& # 8230;]
>As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure. Kaspersky just released their ICS CERT Predictions for this year, outlining the key […] |
Industrial Medical | ★★★★ | |
 |
2024-03-25 15:25:15 | Une nouvelle législation oblige les normes minimales de cybersécurité pour protéger les prestataires de soins de santé en cas de futurs hacks New legislation mandates minimum cybersecurity standards to safeguard healthcare providers in case of future hacks (lien direct) |
Un sénateur américain a introduit le Health Care Cybersecurity Improvement Act de 2024, qui propose de fournir des progrès et ...
A U.S. Senator has introduced the Health Care Cybersecurity Improvement Act of 2024, which proposes providing advance and... |
Legislation Medical | ★★ | |
 |
2024-03-25 12:09:37 | Révolutionner la sécurité des soins de santé: aller au-delà de la tasse Revolutionizing healthcare security: moving beyond pentesting (lien direct) |
> Le secteur de la santé reste une cible principale pour les cybercriminels, avec 90% des établissements de santé qui connaissent & # 160; au moins une violation de sécurité au cours des dernières années.Et les retombées peuvent être énormes.& # 160;En 2023, le coût moyen d'une violation de données dans tous les secteurs était de 4,45 millions de dollars.Cependant, le coût moyen d'une violation de données sur les soins de santé [& # 8230;]
>The healthcare sector remains a prime target for cybercriminals, with 90% of healthcare institutions experiencing at least one security breach in the last few years. And the fallout can be huge. In 2023, the average cost of a data breach across all sectors was $4.45 million. However, the average cost of a healthcare data breach […] |
Data Breach Medical | ★★★ | |
|
2024-03-22 19:47:43 | Le meilleur démocrate propose des normes minimales de cybersécurité à la suite d'un changement d'attaque de soins de santé Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attack (lien direct) |
> La nouvelle législation du sénateur Mark Warner intervient alors que les groupes de soins de santé disent qu'ils s'opposeraient à de telles propositions.
>The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proposals. |
Legislation Medical | ★★ | |
|
2024-03-22 14:32:35 | US, les agences de santé australiennes signent le protocole d'accord pour collaborer pendant les cybermenaces pour les organisations australiennes US, Australian healthcare agencies sign MoU to collaborate during cyber threats for Australian organizations (lien direct) |
> Le Centre américain de partage et d'analyse de l'information sur la santé (Santé-ISAC) et l'Australian Critical Infrastructure & # 8211;Partage d'informations et ...
>The U.S. Health Information Sharing and Analysis Center (Health-ISAC) and the Australian Critical Infrastructure – Information Sharing and... |
Medical | ★★ | |
 |
2024-03-21 14:55:04 | Roundup de sécurité mars 2024 Security Roundup March 2024 (lien direct) |
> Conseils, conseils, apprentissage et tendances organisés en cybersécurité et en vie privée, tels que choisis par nos consultants.Les titres mondiaux de la saisie des cyber-risques rampants ne cessent de nous rappeler le fort lien entre un incident de cybersécurité et une perte financière.CNN rapporte que les victimes de ransomwares dans le secteur américain de la santé disent qu'ils «sont« de l'argent avec l'hémorragage », car les perturbations affectent leurs opérations quotidiennes.Certains ...
>Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Creeping cyber risk grabbing global headlines Ransomware keeps reminding us of the strong connection between a cybersecurity incident and financial loss. CNN reports that ransomware victims in the US healthcare sector say they\'re “haemorrhaging money”, as disruption affects their daily operations. Some ... |
Ransomware Medical | ★★ | |
|
2024-03-21 12:30:00 | ICO sondes Kate Middleton Medical Record Breach ICO Probes Kate Middleton Medical Record Breach (lien direct) |
L'ICO a déclaré qu'elle évaluait la violation signalée des dossiers médicaux de Kate Middleton à la Clinique de Londres
The ICO said it is assessing the reported breach of Kate Middleton\'s medical records at The London Clinic |
Medical | ★★ | |
|
2024-03-21 11:17:18 | Medcrypt rejoint Microsoft Copilot pour un partenaire de sécurité Aperçu privé pour stimuler les cyber-défenses avec l'IA Medcrypt joins Microsoft Copilot for Security Partner Private Preview to boost cyber defenses with AI (lien direct) |
> Le fournisseur de solutions de cybersécurité pour les fabricants de dispositifs médicaux (MDMS) MedCrypt a annoncé sa participation au Copilot Microsoft pour la sécurité ...
>Cybersecurity solution provider for medical device manufacturers (MDMs) Medcrypt announced its participation in the Microsoft Copilot for Security... |
Medical | ★★ | |
|
2024-03-20 10:15:08 | Cinq yeux racontent des infra orgs critiques: prenez ces actions maintenant pour protéger contre le Typhoon Volt de la Chine Five Eyes tell critical infra orgs: take these actions now to protect against China\\'s Volt Typhoon (lien direct) |
à moins que vous ne vouliez être le prochain changement de santé, c'est-à-dire les fédéraux et les amis ont émis hier un autre avertissement sur le gang de Typhoon Volt Typhoon de la Chine, exhortant cette fois les propriétaires d'infrastructures critiques et les opérateurs àProtégez leurs installations contre les cyberattaques destructrices qui peuvent se brasser.…
Unless you want to be the next Change Healthcare, that is The Feds and friends yesterday issued yet another warning about China\'s Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing.… |
Medical | Guam | ★★★ |
|
2024-03-19 20:32:50 | Le cyber-officier de la Maison Blanche exhorte UnitedHealth à fournir une certification tierce de la sécurité du réseau White House cyber official urges UnitedHealth to provide third-party certification of network safety (lien direct) |
Des hauts responsables de la Maison Blanche exhortent un groupe UnitedHealth à fournir à ses clients des évaluations détaillées de cybersécurité des tiers de ses systèmes alors qu'elle se remet à partir d'une cyberattaque. & Nbsp;L'attaque des ransomwares contre UnitedHealth Filial Change Healthcare a provoqué l'une des plus grandes crises de soins de santé depuis des années.L'attaque a coupé un lien central entre les fournisseurs médicaux
Senior White House officials are urging UnitedHealth Group to provide its customers with detailed third-party cybersecurity assessments of its systems as it recovers from a cyberattack. The ransomware attack against UnitedHealth subsidiary Change Healthcare has caused one of the biggest healthcare crises in years. The attack cut off a pivotal link between medical providers |
Ransomware Medical | ★★ | |
|
2024-03-19 18:42:07 | \\ 'lifelock \\' hacker plaide coupable d'avoir extorqué des cliniques médicales \\'Lifelock\\' hacker pleads guilty to extorting medical clinics (lien direct) |
Un homme de l'Idaho qui a piraté et extorqué des cliniques médicales et un service de police ont plaidé coupable mardi devant la Cour fédérale de Géorgie à des accusations de fraude et d'abus informatique. & NBSP;Robert Purbeck, qui a utilisé les alias «Lifelock» et «studmaster», a volé les informations personnelles de plus de 130 000 personnes, selon un communiqué du district du Nord
An Idaho man who hacked and extorted medical clinics and a police department pleaded guilty on Tuesday in Georgia federal court to charges of computer fraud and abuse. Robert Purbeck, who used the aliases “Lifelock” and “Studmaster,” stole the personal information of more than 130,000 people, according to a release from the Northern District |
Legislation Medical | ★★ | |
 |
2024-03-18 14:14:00 | CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat (lien direct) |
|
Ransomware Medical | ★★ | |
|
2024-03-18 12:03:01 | Rapport IC3 de FBI \\: pertes de la cybercriminalité dépasse 12,5 milliards de dollars - un nouveau record FBI\\'s IC3 Report: Losses from Cybercrime Surpass $12.5 Billion-a New Record (lien direct) |
The 2023 Internet Crime Report from the FBI\'s Internet Crime Complaint Center (IC3) is out. And for defenders, it\'s a troubling read. The FBI saw only a minor uptick in reported cybercrime complaints last year from the American public. On the surface, this seems like positive news. There were only 79,474 more complaints filed than in 2022. However, that total is much more significant when you consider the potential losses from cybercrime. Losses surpassed $12.5 billion last year, a 22% increase from 2022 and a new record high. That staggering figure is part of a far more complex story about cybercrime in 2023. The report notes that: Investment fraud losses surged, jumping from $3.31 billion in 2022 to $4.57 billion in 2023-a 38% increase Business email compromise (BEC) cases were a top concern, with 21,489 complaints and adjusted losses exceeding $2.9 billion-up 7.4% from 2022 The allure of cryptocurrency played a pivotal role in both investment fraud and BEC incidents Tech support scams were the third-costliest cybercrime category among the crime types that the IC3 tracks In this post, we will examine these trends in more detail. And we will explain how Proofpoint can help businesses improve their defenses and meet these threats head-on. Complaints and losses from cybercrime reported over the last five years. (Source: FBI\'s IC3 2023 Internet Crime Report.) The rise of investment fraud Investment scams have become the most reported and costliest type of crime that the IC3 tracks. In these scams, bad actors lure victims with promises of big returns on investments. Attackers have been targeting cryptocurrency investors, in particular. The rise of this fraud highlights why due diligence and user self-awareness is so important. Users need to think twice and use caution when they are approached with investment opportunities, especially those that relate to cryptocurrencies. Investment fraud losses reported over the last five years. (Source: FBI\'s IC3 2023 Internet Crime Report.) An escalation in BEC threats BEC is the second-most prevalent cyberthreat highlighted in the latest Internet Crime Report. The actors behind these scams aim to deceive users and businesses into making unauthorized fund transfers or divulging corporate information. These attacks involve sophisticated tactics like: The compromise of legitimate business email accounts Social engineering attacks Impersonation scams As more people use cryptocurrency exchanges and rely on third-party payment processors, it\'s increasingly important to stop BEC threats before they reach users. There is also a pressing need for automated remediation and heightened user vigilance to protect against these threats. Vulnerable populations at risk for impersonation scams The FBI\'s IC3 reports that impersonation scams led to over $1.3 billion in losses last year. To carry out these scams, bad actors use deceptive tactics, like directing victims to send cash through shipping companies or online wire services. Adults over the age of 60 accounted for half of tech support scams last year. This amounted to $3.6 billion in losses. Individuals 30-39 years old were most likely to report these incidents to the FBI\'s IC3. The prevalence of impersonation scams underscores the need to raise awareness among the vulnerable populations that are targeted by attackers. Understanding this risk will help them to be more wary and avoid becoming victims. Ransomware attacks Ransomware attacks encrypt data and cause service disruptions and financial losses. They are also a persistent threat. The FBI\'s IC3 received over 2,800 complaints about this attack type last year. Reported losses from these incidents exceeded $59.6 million-an 18% increase from 2022. To understand just how costly these attacks can be, consider the plight of MGM Resorts. In September 2023, a targeted ransomware attack cost the entertainment giant over $100 million. MGM Resorts\' filing with the Securities and Exchange Commission notes that i | Ransomware Threat Medical | ★★ | |
|
2024-03-17 18:28:53 | Besoin croissant de relever les défis de la cybersécurité dans le secteur américain de la santé pour une amélioration de la résilience Growing need to address cybersecurity challenges across US healthcare sector for improved resilience (lien direct) |
> Le secteur américain de la santé continue de faire face à des défis de cybersécurité, à risquer les données et les infrastructures des patients.Les problèmes incluent ...
>The U.S. healthcare sector continues to grapple with cybersecurity challenges, risking patient data and infrastructure. Issues include outdated... |
Medical | ★★★ | |
|
2024-03-15 20:37:49 | BRESSE NHS, HSE BUG EXPOSE DONNÉES DE SANTÉES DANS LES ISLES BRITANNIQUES NHS Breach, HSE Bug Expose Healthcare Data in the British Isles (lien direct) |
Les whoopsies en Irlande et en Écosse parlent d'une ténue des cyber-protections pour des données de santé privées sensibles.
Whoopsies in Ireland and Scotland speak to a tenuousness of cyber protections for sensitive private healthcare data. |
Medical | ★★ | |
|
2024-03-15 11:30:03 | Scottish Health Service dit que la cyberattaque axée et en cours \\ 'peut perturber les services Scottish health service says \\'focused and ongoing cyber attack\\' may disrupt services (lien direct) |
Scottish Health Service dit que la cyberattaque concentrée et en cours \\ 'peut perturber les services NHS Dumfries et Galloway, qui fait partie du système de santé écossais, a annoncé vendredi qu'il était la cible «d'une cyberattaque ciblée et en cours».La nature de l'incident n'a pas encore été divulguée, bien que le Conseil de santé y annonçait «May B
Scottish health service says \'focused and ongoing cyber attack\' may disrupt services NHS Dumfries and Galloway, part of the Scottish healthcare system, announced on Friday it was the target “of a focused and ongoing cyber attack.” The nature of the incident has not yet been disclosed, although the health board announced there “may b |
Medical | ★★ | |
 |
2024-03-15 11:20:38 | Les soins de santé sont toujours une cible principale pour les gangs de cybercriminalité & # 8211;Semaine en sécurité avec Tony Anscombe Healthcare still a prime target for cybercrime gangs – Week in security with Tony Anscombe (lien direct) |
Les organisations de soins de santé restent fermement dans les attaquants \\ 'Crosshairs, ce qui représente 20% de toutes les victimes d'attaques de ransomwares entre les entités d'infrastructure critiques aux États-Unis en 2023
Healthcare organizations remain firmly in attackers\' crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023 |
Ransomware Medical | ★★ | |
|
2024-03-14 14:45:00 | Le gouvernement américain pour enquêter sur le changement d'attaque de ransomware de soins de santé US Government to Investigate Change Healthcare Ransomware Attack (lien direct) |
Le gouvernement américain examinera si les informations protégées par les soins de santé ont été violées dans l'attaque des ransomwares du changement de santé et si l'entreprise a respecté les règles HIPAA
The US government will investigate whether protected healthcare information was breached in the Change Healthcare ransomware attack, and if the firm complied with HIPAA rules |
Ransomware Medical | ★★★ | |
 |
2024-03-14 09:51:11 | Le gouvernement lance une enquête sur le changement de violation des données sur les soins de santé Government Launches Probe Into Change Healthcare Data Breach (lien direct) |
> Le HHS examine si les informations de santé protégées ont été compromises dans la violation des données de santé du changement.
>The HHS is investigating whether protected health information was compromised in the Change Healthcare data breach. |
Data Breach Medical | ★★ | |
|
2024-03-13 23:16:34 | Claroty Team82: 63% des vulnérabilités exploitées connues suivis par CISA sont sur les réseaux d'organisation de soins de santé Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks (lien direct) |
> Le HHS examine si les informations de santé protégées ont été compromises dans la violation des données de santé du changement.
>The HHS is investigating whether protected health information was compromised in the Change Healthcare data breach. |
Vulnerability Medical | ★★ | |
|
2024-03-13 20:10:21 | HHS pour enquêter sur l'attaque de UnitedHealth et Ransomware contre le changement de santé HHS to investigate UnitedHealth and ransomware attack on Change Healthcare (lien direct) |
Le département américain de la santé et des services sociaux (HHS) lance une enquête sur l'attaque des ransomwares contre les soins de santé du changement après des semaines de perturbation des opérations de santé et de facturation dans les hôpitaux, les cliniques et les pharmacies à travers le pays. & NBSP;Mercredi, le bureau des droits civils (OCR) a publié mercredi une lettre annonçant l'enquête, avec le directeur
The U.S. Department of Health and Human Services (HHS) is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. The department\'s Office for Civil Rights (OCR) published a letter on Wednesday announcing the investigation, with Director |
Ransomware Medical | ★★ | |
 |
2024-03-13 16:16:32 | US Govt sondes Si Ransomware Gang a volé des données de santé change US govt probes if ransomware gang stole Change Healthcare data (lien direct) |
Le département américain de la santé et des services humains examine si des informations de santé protégées ont été volées dans une attaque de ransomware qui a frappé Optum, la filiale UnitedHealthCare Group (UHG), qui exploite la plate-forme de santé du changement, fin février.[...]
The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the Change Healthcare platform, in late February. [...] |
Ransomware Medical | ★★ | |
 |
2024-03-13 16:08:29 | La recherche révèle que les infostelleurs ciblent les données du secteur des soins de santé Research Reveals That Infostealers Target Healthcare Sector Data (lien direct) |
Les nouvelles recherches de NetSkope Threat Labs ont révélé que les infostateurs étaient les principaux familles de logiciels malveillants et Ransowmare utilisés pour cibler le secteur des soins de santé.Les soins de santé ont été parmi les meilleurs secteurs touchés en 2023 par Mega Breachs, une attaque où plus d'un million de disques ont été volés.Le rapport a également examiné l'augmentation continue de l'adoption des applications cloud [& # 8230;]
Le post Les recherches révèlent que les infostellers ciblent HealthcareLes données du secteur sont apparues pour la première fois sur gourou de la sécurité informatique .
New research by Netskope Threat Labs has revealed that infostealers were the primary malware and ransowmare families used to target the healthcare sector. Healthcare was among the top sectors impacted during 2023 by mega breaches, an attack where over one million records were stolen. The report also examined the continued increase in cloud app adoption […] The post Research Reveals That Infostealers Target Healthcare Sector Data first appeared on IT Security Guru. |
Malware Threat Medical Cloud | ★★ | |
|
2024-03-13 12:56:50 | Claroty lance une détection avancée des menaces d'anomalie pour Medigate pour augmenter les normes de cybersécurité des soins de santé Claroty launches advanced anomaly threat detection for Medigate to boost healthcare cybersecurity standards (lien direct) |
> Claroty, une société de protection des systèmes cyber-physiques (CPS), a annoncé mardi la publication de la détection avancée des menaces d'anomalie (ATD) ...
>Claroty, a cyber-physical systems (CPS) protection company, announced Tuesday the release of the Advanced Anomaly Threat Detection (ATD)... |
Threat Medical | ★★★ | |
 |
2024-03-12 15:35:29 | Santé : impossible de distribuer des médicaments à la suite d\'une cyber attaque (lien direct) | Les opérateurs du ransomware "Blackcat" ont été identifiés comme responsables de la récente panne chez Change Healthcare, une division technologique du groupe UnitedHealth spécialisée dans le traitement des réclamations d'assurance et des paiements dans le secteur de la santé aux États-Unis. Cette cyberattaque a entraîné une perturbation nationale, interrompant la distribution des médicaments sur ordonnance pendant une durée de six jours, selon des informations rapportées par Reuters. | Ransomware Medical | ★★ | |
|
2024-03-12 00:02:09 | La Maison Blanche et les législateurs augmentent la pression sur UnitedHealth pour faciliter la douleur des prestataires White House and lawmakers increase pressure on UnitedHealth to ease providers\\' pain (lien direct) |
Le sénateur américain appelle Cyber Attack \\ 'inexcusable, \' appelle à des règles de sécurité obligatoires L'administration Biden et les législateurs américains expriment la pression sur UnitedHealth Group pour soulager les fournisseurs médicaux \\ 'PainAprès l'attaque du ransomware contre le changement de santé, en accélérant les paiements aux hôpitaux, aux médecins et aux pharmaciens & # 8211;entre autres tactiques.…
US senator calls cyber attack \'inexcusable,\' calls for mandatory security rules The Biden administration and US lawmakers are turning up the pressure on UnitedHealth group to ease medical providers\' pain after the ransomware attack on Change Healthcare, by expediting payments to hospitals, physicians and pharmacists – among other tactics.… |
Ransomware Medical | ★★ | |
|
2024-03-08 21:39:30 | Des dizaines de courtiers de données divulguent la vente d'informations sur les soins de santé reproducteurs, la géolocalisation précise et les données appartenant aux mineurs Dozens of data brokers disclose selling reproductive healthcare info, precise geolocation and data belonging to minors (lien direct) |
De nouvelles informations rendues publiques par l'État de Californie montrent qu'une partie importante des courtiers de données collecte et vendent des informations sensibles sur des sujets tels que la santé reproductive, ainsi que les données appartenant aux enfants.Sur 480 courtiers de données enregistré auprès de la California Privacy Protection Agency (CPPA), 24 ont indiqué qu'ils vendaient des données appartenant aux mineurs.
New information made public by the state of California shows that a significant portion of data brokers collect and sell sensitive information on topics like reproductive health, as well as data belonging to children. Out of 480 data brokers registered with the California Privacy Protection Agency (CPPA), 24 indicated they sell data belonging to minors. |
Medical | ★★★ | |
|
2024-03-08 14:33:09 | Changer les registres des soins de santé Pulse après une attaque de ransomware paralysante Change Healthcare registers pulse after crippling ransomware attack (lien direct) |
Les services restants devraient revenir dans les prochaines semaines après que 22 millions de dollars alphv rançonnent Change Healthcare a fait les premiers pas vers une récupération complète de l'attaque du ransomware en février en ramenant ses services de prescription électronique en ligne.… | Ransomware Medical | ★★★ | |
|
2024-03-08 13:35:11 | Changer les soins de santé restaure les services de pharmacie perturbés par les ransomwares Change Healthcare Restores Pharmacy Services Disrupted by Ransomware (lien direct) |
> Changer Healthcare dit qu'il a fait des progrès significatifs dans la restauration des systèmes touchés par une récente attaque de ransomware.
>Change Healthcare says it has made significant progress in restoring systems impacted by a recent ransomware attack. |
Ransomware Medical | ★★ | |
|
2024-03-08 13:08:22 | Changer Healthcare ramène certains systèmes en ligne après la cyberattaque Change Healthcare brings some systems back online after cyberattack (lien direct) |
Certains systèmes de Change Healthcare sont fonctionnels à ce vendredi, et d'autres seront en ligne d'ici la mi-mars alors que la réponse continue de cyberattaquer qui a perturbé les opérations pendant des semaines, selon une mise à jour de la société mère UnitedHealth Group.«UnitedHealth Group continue de faire des progrès substantiels dans l'atténuation de l'impact sur les consommateurs et les fournisseurs de soins de
Some of Change Healthcare\'s systems are functional as of Friday, and others will be online by mid-March as the response continues to cyberattack that has disrupted operations for weeks, according to an update from parent company UnitedHealth Group. “UnitedHealth Group continues to make substantial progress in mitigating the impact to consumers and care providers of |
Medical | ★★ | |
|
2024-03-08 12:54:22 | UnitedHealth ramène des services de pharmacie de santé en ligne UnitedHealth brings some Change Healthcare pharmacy services back online (lien direct) |
Le changement de santé d'Optum \\ a commencé à ramener les systèmes en ligne après avoir subi une attaque par ransomware de Blackcat paralysant le mois dernier, ce qui a entraîné une perturbation généralisée du système de santé américain.[...]
Optum\'s Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system. [...] |
Ransomware Medical | ★★★ | |
|
2024-03-08 11:15:00 | UnitedHealth établit une chronologie pour restaurer les systèmes de santé changeants après le coup de Blackcat UnitedHealth Sets Timeline to Restore Change Healthcare Systems After BlackCat Hit (lien direct) |
UnitedHealth a déclaré qu'il s'attend à ce que les systèmes clés de Change Healthcare \\ soient restaurés d'ici le 18 mars, au milieu des rapports qu'il a payé une rançon de 22 millions de dollars à Blackcat
UnitedHealth said it expects Change Healthcare\'s key systems to be restored by March 18, amid reports it paid a $22m ransom to BlackCat |
Medical | ★★★ | |
|
2024-03-07 18:34:17 | Lien chinois possible pour changer l'attaque des ransomwares de soins de santé Possible China link to Change Healthcare ransomware attack (lien direct) |
présumé Crim a acheté SmartScreen Killer, Cobalt Strike sur les marchés sombres un criminel prétendant être un affilié Alphv / BlackCat - le gang responsable de l'infection à un ransomware de santé à changement très perturbateur - peut avoir le mois dernier - peut avoirliens avec les syndicats de cybercriminaux soutenus par le gouvernement chinois.… | Ransomware Medical | ★★ | |
|
2024-03-07 12:32:28 | HHS réagit au changement de cyberattaque des soins de santé, priorise la minimisation des perturbations des services de santé HHS responds to Change Healthcare cyberattack, prioritizes minimizing healthcare service disruptions (lien direct) |
Le département américain de la santé et des services humains (HHS) reconnaît que Change Healthcare, une filiale de UnitedHealth Group ...
The U.S. Department of Health and Human Services (HHS) acknowledges that Change Healthcare, a subsidiary of UnitedHealth Group... |
Medical | ★★ | |
|
2024-03-07 11:00:00 | Sécuriser l'IA Securing AI (lien direct) |
With the proliferation of AI/ML enabled technologies to deliver business value, the need to protect data privacy and secure AI/ML applications from security risks is paramount. An AI governance framework model like the NIST AI RMF to enable business innovation and manage risk is just as important as adopting guidelines to secure AI. Responsible AI starts with securing AI by design and securing AI with Zero Trust architecture principles. Vulnerabilities in ChatGPT A recent discovered vulnerability found in version gpt-3.5-turbo exposed identifiable information. The vulnerability was reported in the news late November 2023. By repeating a particular word continuously to the chatbot it triggered the vulnerability. A group of security researchers with Google DeepMind, Cornell University, CMU, UC Berkeley, ETH Zurich, and the University of Washington studied the “extractable memorization” of training data that an adversary can extract by querying a ML model without prior knowledge of the training dataset. The researchers’ report show an adversary can extract gigabytes of training data from open-source language models. In the vulnerability testing, a new developed divergence attack on the aligned ChatGPT caused the model to emit training data 150 times higher. Findings show larger and more capable LLMs are more vulnerable to data extraction attacks, emitting more memorized training data as the volume gets larger. While similar attacks have been documented with unaligned models, the new ChatGPT vulnerability exposed a successful attack on LLM models typically built with strict guardrails found in aligned models. This raises questions about best practices and methods in how AI systems could better secure LLM models, build training data that is reliable and trustworthy, and protect privacy. U.S. and UK’s Bilateral cybersecurity effort on securing AI The US Cybersecurity Infrastructure and Security Agency (CISA) and UK’s National Cyber Security Center (NCSC) in cooperation with 21 agencies and ministries from 18 other countries are supporting the first global guidelines for AI security. The new UK-led guidelines for securing AI as part of the U.S. and UK’s bilateral cybersecurity effort was announced at the end of November 2023. The pledge is an acknowledgement of AI risk by nation leaders and government agencies worldwide and is the beginning of international collaboration to ensure the safety and security of AI by design. The Department of Homeland Security (DHS) CISA and UK NCSC joint guidelines for Secure AI system Development aims to ensure cybersecurity decisions are embedded at every stage of the AI development lifecycle from the start and throughout, and not as an afterthought. Securing AI by design Securing AI by design is a key approach to mitigate cybersecurity risks and other vulnerabilities in AI systems. Ensuring the entire AI system development lifecycle process is secure from design to development, deployment, and operations and maintenance is critical to an organization realizing its full benefits. The guidelines documented in the Guidelines for Secure AI System Development aligns closely to software development life cycle practices defined in the NSCS’s Secure development and deployment guidance and the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). The 4 pillars that embody the Guidelines for Secure AI System Development offers guidance for AI providers of any systems whether newly created from the ground up or built on top of tools and services provided from | Tool Vulnerability Threat Mobile Medical Cloud Technical | ChatGPT | ★★ |
|
2024-03-06 13:55:16 | TA4903: acteur usurpation du gouvernement américain, petites entreprises en phishing, BEC BIDS TA4903: Actor Spoofs U.S. Government, Small Businesses in Phishing, BEC Bids (lien direct) |
Key takeaways TA4903 is a unique threat actor that demonstrates at least two distinct objectives: (1) credential phishing and (2) business email compromise (BEC). TA4903 routinely conducts campaigns spoofing various U.S. government entities to steal corporate credentials. The actor also spoofs organizations in various sectors including construction, finance, healthcare, food and beverage, and others. The campaign volumes range from hundreds of messages to tens of thousands of messages per campaign. The messages typically target entities in the U.S., although additional global targeting has been observed. TA4903 has been observed using the EvilProxy MFA bypass tool. In late 2023, TA4903 began adopting QR codes in credential phishing campaigns. Overview TA4903 is a financially motivated cybercriminal threat actor that spoofs both U.S. government entities and private businesses across many industries. The actor mostly targets organizations located in the United States, but occasionally those located globally, with high-volume email campaigns. Proofpoint assesses with high confidence the objectives of the campaigns are to steal corporate credentials, infiltrate mailboxes, and conduct follow-on business email compromise (BEC) activity. Proofpoint began observing a series of campaigns spoofing federal U.S. government entities in December 2021. The campaigns, which were subsequently attributed to TA4903, first masqueraded as the U.S. Department of Labor. In 2022 campaigns, the threat actors purported to be the U.S. Departments of Housing and Urban Development, Transportation, and Commerce. During 2023, the actor began to spoof the U.S. Department of Agriculture. In mid-2023 through 2024, Proofpoint observed an increase in credential phishing and fraud campaigns using different themes from TA4903. The actor began spoofing various small and medium-sized businesses (SMBs) across various industries including construction, manufacturing, energy, finance, food and beverage, and others. Proofpoint observed an increase in the tempo of BEC themes as well, including using themes such as “cyberattacks” to prompt victims to provide payment and banking details. Most credential phishing messages associated with this actor contain URLs or attachments leading to credential phishing websites. In some cases, including the government-themed campaigns, messages contain PDF attachments that contain embedded links or QR codes leading to websites that appear to be direct clones of the spoofed government agency. Based on Proofpoint\'s research and tactics, techniques, and procedures (TTPs) observed in open-source intelligence, activity related to TA4903\'s impersonation of U.S. government entities goes back to at least mid-2021. TTPs associated with the actor\'s broader credential phishing and BEC activities are observable as long ago as 2019. Campaign details Government bid spoofing Historically, Proofpoint mostly observed TA4903 conducting credential theft campaigns using PDF attachments leading to portals spoofing U.S. government entities, typically using bid proposal lures. In late 2023, TA4903 began spoofing the USDA and began incorporating QR codes into their PDFs, a technique previously unobserved by this actor. Messages may purport to be, for example: From: U.S. Department of Agriculture Subject: Invitation To Bid Attachment: usda2784748973bid.pdf Example of one page of a multi-page PDF spoofing the USDA. The “Bid Now” button is hyperlinked to the same URL as the QR code. In these campaigns, the PDF attachments are typically multiple pages long and have both embedded URLs and QR codes that lead to government-branded phishing websites. Example credential phishing website operated by TA4903, designed to capture O365 and other email account credentials. In 2023, Proofpoint observed TA4903 spoof the U.S. Department of Transportation, the U.S. Small Business Administration (SBA), and the USDA us | Tool Threat Medical | ★★★ | |
 |
2024-03-06 01:05:06 | Faits saillants hebdomadaires d'osint, 4 mars 2024 Weekly OSINT Highlights, 4 March 2024 (lien direct) |
## Weekly OSINT Highlights, 4 March 2024 Ransomware loomed large in cyber security research news this week, with our curated OSINT featuring research on Abyss Locker, BlackCat, and Phobos. Phishing attacks, information stealers, and spyware are also in the mix, highlighting the notable diversity in the cyber threat landscape. The OSINT reporting this week showcases the evolving tactics of threat actors, with operators increasingly employing multifaceted strategies across different operating systems. Further, the targets of these attacks span a wide range, from civil society figures targeted by spyware in the Middle East and North Africa to state and local governments victimized by ransomware. The prevalence of attacks on sectors like healthcare underscores the significant impact on critical infrastructure and the potential for substantial financial gain through ransom payments. 1. [**Abyss Locker Ransomware Evolution and Tactics**](https://ti.defender.microsoft.com/articles/fc80abff): Abyss Locker ransomware, derived from HelloKitty, exfiltrates victim data before encryption and targets Windows systems, with a subsequent Linux variant observed. Its capabilities include deleting backups and employing different tactics for virtual machines, indicating a growing sophistication in ransomware attacks. 2. [**ALPHV Blackcat Ransomware-as-a-Service (RaaS)**:](https://ti.defender.microsoft.com/articles/b85e83eb) The FBI and CISA warn of ALPHV Blackcat RaaS, which targets multiple sectors, particularly healthcare. Recent updates to ALPHV Blackcat include improved defense evasion, encryption capabilities for Windows and Linux, reflecting the increasing sophistication in ransomware operations. 3. [**Phobos RaaS Model**](https://ti.defender.microsoft.com/articles/ad1bfcb4): Phobos ransomware, operating as a RaaS model, frequently targets state and local governments. Its use of accessible open-source tools enhances its popularity among threat actors, emphasizing the ease of deployment and customization for various environments. 4. [**TimbreStealer Phishing Campaign**](https://ti.defender.microsoft.com/articles/b61544ba): Talos identifies a phishing campaign distributing TimbreStealer, an information stealer disguised as Mexican tax-related themes. The threat actor was previously associated with banking trojans, underscoring the adaptability and persistence of malicious actors. 5. [**Nood RAT Malware Features and Stealth**](https://ti.defender.microsoft.com/articles/cc509147): ASEC uncovers Nood RAT, a Linux-based variant of Gh0st RAT, equipped with encryption and disguised as legitimate software. The malware\'s flexibility in binary creation and process naming underscores the threat actor\'s intent to evade detection and carry out malicious activities with sophistication. 6. [**Predator Spyware Infrastructure and Targeting**](https://ti.defender.microsoft.com/articles/7287eb1b): The Insikt Group\'s discovery highlights the widespread use of Predator spyware, primarily targeting journalists, politicians, and activists in various countries. Despite its purported use for counterterrorism and law enforcement, Predator is employed by threat actors outside these contexts, posing significant privacy and safety risks. ## Learn More For the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog: [https://aka.ms/threatintelblog](https://aka.ms/threatintelblog) and the following blog posts: - [Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself](https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/?ocid=magicti_ta_blog#defending-against-ransomware) Microsoft customers can use the following reports in Microsoft Defender Threat Intelligence to get the most up-to-date information about the threat actor, malicious activity, and techniques discussed in this summary. The following | Ransomware Spam Malware Tool Threat Legislation Medical | ★★★★ | |
|
2024-03-06 00:30:09 | L'oncle Sam intervient alors que Change Healthcare Ransomware fiasco crée le chaos Uncle Sam intervenes as Change Healthcare ransomware fiasco creates mayhem (lien direct) |
en tant que escrocs derrière l'attaque - probablement alphv / blackcat - simuler leur propre disparition Le gouvernement américain est intervenu pour aider les hôpitaux et autres fournisseurs de soins de santé touchés par l'infection au ransomware de santé du changement, offrant plus de détenteMedicare règne et exhortant un financement avancé aux fournisseurs.…
As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.… |
Ransomware Medical | ★★★ | |
 |
2024-03-06 00:22:56 | Le groupe Ransomware Blackcat implose après un paiement apparent de 22 millions de dollars par changement de santé BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare (lien direct) |
Il y a des indications que le géant des soins de santé américain Change Healthcare a effectué un paiement d'extorsion de 22 millions de dollars au tristement célèbre groupe de ransomware BlackCat (alias "AlphV") alors que la société a du mal à ramener les services en ligne au milieu d'une cyberattaque qui a perturbé les services de médicaments sur ordonnance à l'échelle nationale pendant des semaines.Cependant, le cybercriminal qui prétend avoir donné à BlackCat un accès au réseau de changement \\ dit que le gang du crime les avait trompés de leur part de la rançon, et qu'ils ont toujours les données sensibles que le changement aurait payé le groupe pour détruire.Pendant ce temps, la divulgation de la filiale \\ semble avoir incité BlackCat à cesser entièrement les opérations.
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change\'s network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data that Change reportedly paid the group to destroy. Meanwhile, the affiliate\'s disclosure appears to have prompted BlackCat to cease operations entirely. |
Ransomware Medical | ★★★ |
To see everything:
Our RSS (filtrered)
