This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T12:47:29+00:00 www.secnews.physaphae.fr ZD Net - Magazine Info A popular patient portal now employs an AI bot that thousands of US doctors use to write messages to patients. Disclosure is optional.]]> 2024-09-25T19:01:00+00:00 https://www.zdnet.com/article/asking-medical-questions-through-mychart-your-doctor-may-let-ai-respond/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=8585003 True Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine SonicWall found that data breaches caused by malware attacks on US healthcare organizations have affected 14 million people so far in 2024]]> 2024-09-24T12:45:00+00:00 https://www.infosecurity-magazine.com/news/patients-us-healthcare-data/ www.secnews.physaphae.fr/article.php?IdArticle=8583824 False Malware,Medical None 2.0000000000000000 HackRead - Chercher Cyber Healthcare organizations face a 32% surge in cyberattacks, with sensitive patient data being sold on the Dark Web.…]]> 2024-09-23T16:06:09+00:00 https://hackread.com/dark-web-sales-fuel-healthcare-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8583054 False Medical None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC potential to solve problems that traditional computers cannot handle, it also poses a significant threat to modern cybersecurity practices. Currently, most data encryption systems rely on algorithms that are effective against classical computers. However, quantum computers can break through these encryption methods with relative ease, leading to a new and unprecedented era of vulnerability. This makes quantum computing a double-edged sword—unlocking new possibilities while simultaneously disrupting the security foundations of the digital economy. Many companies that store and transmit sensitive information, such as financial data, health records, or intellectual property, are particularly at risk. Even though quantum computers are not widely accessible yet, the data encrypted today could be harvested and decrypted in the future using quantum technology. This is why businesses must act now to prepare for the quantum future, ensuring they are not caught off guard when this technology becomes mainstream. Being proactive will safeguard data and strengthen cybersecurity systems against emerging threats. Understanding Quantum Risks  The advent of quantum computing introduces a series of unprecedented risks to the current landscape of cybersecurity. While traditional cryptographic algorithms such as RSA and elliptic curve cryptography (ECC) have long been trusted to protect sensitive data, they are now under threat from quantum computers\' immense processing power. Quantum computing can break the mathematical problems that these encryption methods rely on, making them obsolete. ]]> 2024-09-23T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/quantum-computing-and-cybersecurity-preparing-for-a-new-age-of-threats www.secnews.physaphae.fr/article.php?IdArticle=8582817 False Vulnerability,Threat,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Inc ransomware - one of the most popular among cybercriminals today - meets healthcare, the industry sector most targeted by RaaS.]]> 2024-09-19T20:36:34+00:00 https://www.darkreading.com/threat-intelligence/vice-society-inc-ransomware-healthcare-attack www.secnews.physaphae.fr/article.php?IdArticle=8579839 False Ransomware,Medical None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Steven Martin a détaillé les travaux qui se sont retrouvés pour se remettre de l'attaque de ransomware de février, soulignant que le bilan mental était la partie la plus difficile de tous.

---

>Steven Martin detailed the work that went into recovering from February\'s ransomware attack, emphasizing that the mental toll was the toughest part of all. ]]> 2024-09-19T19:33:09+00:00 https://cyberscoop.com/unitedhealth-group-steven-martin-ciso-ransomware-attack-recovery/ www.secnews.physaphae.fr/article.php?IdArticle=8579791 False Ransomware,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital\'s systems are held hostage by ransomware, it\'s not just data at risk - it\'s the care of patients who depend on life-saving treatments. Imagine an attack that forces emergency care to halt, surgeries]]> 2024-09-19T16:30:00+00:00 https://thehackernews.com/2024/09/healthcares-diagnosis-is-critical-cure.html www.secnews.physaphae.fr/article.php?IdArticle=8579572 False Ransomware,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant\'s threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832). "Vanilla Tempest receives hand-offs from GootLoader infections by the threat actor Storm-0494,]]> 2024-09-19T15:42:00+00:00 https://thehackernews.com/2024/09/microsoft-warns-of-new-inc-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8579547 False Ransomware,Threat,Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial According to new data from Check Point Research (CPR) for January to September 2024, the global weekly average... ]]> 2024-09-17T17:34:31+00:00 https://industrialcyber.co/medical/cpr-data-reports-32-rise-this-year-as-global-healthcare-sector-faces-surge-in-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8578546 False Studies,Industrial,Medical None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Dans un monde de criminalité, n'attendez aucune pitié.La cybercriminalité va dur après son objectif, ce qui est le plus souvent un gain financier.Les pirates choisissent leurs victimes en conséquence, où ils sont les plus susceptibles de réussir et où se trouvent les données les plus précieuses.Il n'est donc pas surprenant que la troisième cible la plus courante des cyberattaques soit les soins de santé.Selon les données de Check Point Research (RCR), à partir de janvier & # 8211;Septembre 2024, le nombre moyen mondial d'attaques par organisation dans l'industrie de la santé était de 2 018, ce qui représente une augmentation de 32%, par rapport à la même période de l'année dernière.Partout dans le monde, les organisations de soins de santé [& # 8230;]

---

>In a world of crime, expect no mercy. Cybercrime goes hard after its goal, which is most often financial gain. Hackers choose their victims accordingly, where they are most likely to succeed and where the most valuable data is located. It is therefore not surprising that the third most common target of cyber attacks is healthcare. According to data from Check Point Research (CPR), from January – September 2024, the global weekly average number of attacks per organization within the healthcare industry was 2,018, representing a 32% increase, compared to the same period last year. Around the world, healthcare organisations […] ]]> 2024-09-17T13:00:31+00:00 https://blog.checkpoint.com/research/cyber-predators-target-vulnerable-victims-hackers-blackmail-hospitals-trade-patient-data-and-find-partners-through-darknet-ads/ www.secnews.physaphae.fr/article.php?IdArticle=8578372 False Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Over 600 patients and employees of Lehigh Valley Health Network in Pennsylvania had their medical record photos hacked and posted on the internet]]> 2024-09-13T12:30:00+00:00 https://www.infosecurity-magazine.com/news/record-settlement-hacked-patient/ www.secnews.physaphae.fr/article.php?IdArticle=8575924 False Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) a publié mardi quatre avis ICS (systèmes de contrôle industriel), fournissant ...

---

>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published four ICS (industrial control systems) advisories on Tuesday, providing... ]]> 2024-09-12T09:21:54+00:00 https://industrialcyber.co/cisa/cisa-warns-of-ics-vulnerabilities-in-viessmann-ininet-rockwell-automation-bpl-medical-technologies/ www.secnews.physaphae.fr/article.php?IdArticle=8575139 False Vulnerability,Industrial,Medical None 4.0000000000000000 SecurityWeek - Security News Lehigh Valley Health Network a accepté de payer un règlement de 65 millions de dollars dans une recours collective déposée contre une violation de données de 2023.

---

>Lehigh Valley Health Network has agreed to pay a $65 million settlement in a class-action suit filed over a 2023 data breach. ]]> 2024-09-12T08:45:36+00:00 https://www.securityweek.com/pennsylvania-healthcare-provider-to-pay-65m-settlement-following-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8575141 False Ransomware,Data Breach,Medical None 3.0000000000000000 The Register - Site journalistique Anglais Would paying a ransom - or better security - have been cheaper and safer? A US healthcare giant will pay out $65 million to settle a class-action lawsuit brought by its own patients after ransomware crooks stole their data – including their nude photographs – and published at least some of them online.…]]> 2024-09-12T02:24:17+00:00 https://go.theregister.com/feed/www.theregister.com/2024/09/12/lvhn_lawsuit_ransom/ www.secnews.physaphae.fr/article.php?IdArticle=8574965 False Ransomware,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-11T20:20:08+00:00 https://community.riskiq.com/article/3de6b9a1 www.secnews.physaphae.fr/article.php?IdArticle=8574837 False Ransomware,Malware,Tool,Vulnerability,Threat,Patching,Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-10T00:52:06+00:00 https://community.riskiq.com/article/6d135763 www.secnews.physaphae.fr/article.php?IdArticle=8573565 False Malware,Tool,Vulnerability,Threat,Medical,Cloud None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'Agence américaine de sécurité de cybersécurité et d'infrastructure (CISA) a publié quatre avis concernant les systèmes de contrôle industriel (ICS), y compris ...

---

>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued four advisories concerning industrial control systems (ICS), including... ]]> 2024-09-09T17:09:16+00:00 https://industrialcyber.co/industrial-cyber-attacks/cisa-issues-ics-advisories-highlighting-vulnerabilities-in-critical-infrastructure-systems-medical-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8573345 False Vulnerability,Industrial,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Designed to be more than a one-time assessment- Wing Security\'s SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture-and it\'s free! Introducing SaaS Pulse: Free Continuous SaaS Risk Management  Just like waiting for a medical issue to become critical before seeing a doctor, organizations can\'t afford to overlook the constantly]]> 2024-09-09T16:00:00+00:00 https://thehackernews.com/2024/09/wing-security-saas-pulse-continuous.html www.secnews.physaphae.fr/article.php?IdArticle=8573182 False Medical,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-09T11:04:46+00:00 https://community.riskiq.com/article/563312a4 www.secnews.physaphae.fr/article.php?IdArticle=8573205 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction,Medical,Commercial APT 38,APT 29 2.0000000000000000 Dark Reading - Informationweek Branch The vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.]]> 2024-09-06T19:44:38+00:00 https://www.darkreading.com/ics-ot-security/cisa-flags-ics-bugs-in-baxter-mitsubishi-products www.secnews.physaphae.fr/article.php?IdArticle=8571473 False Vulnerability,Industrial,Medical None 2.0000000000000000 HackRead - Chercher Cyber A misconfigured server from a US-based AI healthcare firm Confidant Health exposed 5.3 TB of sensitive mental health…]]> 2024-09-06T17:13:08+00:00 https://hackread.com/ai-firm-misconfigured-server-exposed-mental-health-data/ www.secnews.physaphae.fr/article.php?IdArticle=8571372 False Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-06T14:59:38+00:00 https://community.riskiq.com/article/818f5bec www.secnews.physaphae.fr/article.php?IdArticle=8571332 False Malware,Tool,Vulnerability,Threat,Studies,Medical,Conference None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Kaspersky has discovered that an advanced persistent threat (APT) group, Tropic Trooper, also known as KeyBoy and Pirate Panda, has been linked to a series of targeted attacks on a government entity in the Middle East. This is a strategic expansion for the group, which has historically focused on sectors like government, healthcare, transportation, and [...]]]> 2024-09-06T07:02:16+00:00 https://informationsecuritybuzz.com/tropic-trooper-target-middle-east-govt/ www.secnews.physaphae.fr/article.php?IdArticle=8571055 False Threat,Medical None 2.0000000000000000 HackRead - Chercher Cyber RansomHub claims to have breached Intermountain Planned Parenthood, stealing 93GB of data. The healthcare provider is investigating the…]]> 2024-09-05T23:21:52+00:00 https://hackread.com/ransomhub-planned-parenthood-hack-steals-data/ www.secnews.physaphae.fr/article.php?IdArticle=8570851 False Hack,Medical None 3.0000000000000000 CyberArk - Software Vendor Ransomware attacks have a profound impact on healthcare organizations, extending well beyond financial losses and the disrupted sleep of staff and shareholders. A University of Minnesota School of Public Health study highlighted by The HIPAA...]]> 2024-09-05T17:23:20+00:00 https://www.cyberark.com/blog/how-overreliance-on-edr-is-failing-healthcare-providers/ www.secnews.physaphae.fr/article.php?IdArticle=8570654 False Ransomware,Studies,Medical None 3.0000000000000000 Contagio - Site d infos ransomware 2024-09-03T13:33:53+00:00 https://contagiodump.blogspot.com/2024/09/2024-09-02-abyss-ransomware-windows-and.html www.secnews.physaphae.fr/article.php?IdArticle=8569212 False Ransomware,Vulnerability,Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-02T19:54:58+00:00 https://community.riskiq.com/article/161e114f www.secnews.physaphae.fr/article.php?IdArticle=8568711 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud APT 41,APT 32 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services,]]> 2024-09-02T19:03:00+00:00 https://thehackernews.com/2024/09/ransomhub-ransomware-group-targets-210.html www.secnews.physaphae.fr/article.php?IdArticle=8568551 False Ransomware,Threat,Medical None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La loi sur la cybersécurité des soins de santé appelle à la CISA et au HHS à collaborer à la défense des établissements de santé des cyber-incidents.

---

>The Healthcare Cybersecurity Act calls on CISA and HHS to collaborate on defending health facilities from cyber incidents. ]]> 2024-08-29T14:25:55+00:00 https://cyberscoop.com/house-bill-cyber-health-care-data/ www.secnews.physaphae.fr/article.php?IdArticle=8566238 False Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-28T21:59:39+00:00 https://community.riskiq.com/article/bf7946e8 www.secnews.physaphae.fr/article.php?IdArticle=8565718 True Ransomware,Malware,Tool,Threat,Medical None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC allow heart attack patients to share their health data continuously, leading to better monitoring and higher completion rates of rehabilitation programs​​. IoB devices also increase efficiency and accuracy in medical interventions. An example of this are digital pills equipped with sensors that provide precise medication management by transmitting data about ingestion to healthcare providers. These devices help reduce medication errors and improve adherence to prescribed treatment plans​​. The enhanced data collection and analysis that comes as a result of IoB devices contribute to better health outcomes. The vast amounts of data generated help better understand health patterns and predict potential issues. As an example, smart thermometers used in Shanghai\'s Public Health Clinical Center during the COVID-19 pandemic allowed for ]]> 2024-08-26T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-hidden-risks-of-internet-of-bodies-iob-cybersecurity-in-healthcare-devices www.secnews.physaphae.fr/article.php?IdArticle=8563999 False Vulnerability,Threat,Prediction,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Healthcare has been the most targeted sector according to Barracuda analysis of 200 reported ransomware incidents from August 2023 to July 2024]]> 2024-08-21T11:00:00+00:00 https://www.infosecurity-magazine.com/news/healthcare-fifth-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8561359 False Ransomware,Medical None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-08-20T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/securing-networks-evaluating-hardware-firewalls www.secnews.physaphae.fr/article.php?IdArticle=8560902 False Malware,Tool,Vulnerability,Threat,Mobile,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Healthcare organization Jewish Home Lifecare has revealed that a 2024 data breach hit over 100,000 customers]]> 2024-08-20T09:00:00+00:00 https://www.infosecurity-magazine.com/news/jewish-home-lifecare-100000/ www.secnews.physaphae.fr/article.php?IdArticle=8560722 False Ransomware,Data Breach,Medical None 3.0000000000000000 SecurityWeek - Security News Les données comprennent les noms, les dates de naissance, les adresses physiques, les numéros de sécurité sociale, les informations médicales et de diagnostic et les détails de l'assurance maladie.

---

>Data includes names, dates of birth, physical addresses, Social Security Numbers, medical and diagnosis information, and health insurance details. ]]> 2024-08-19T14:31:35+00:00 https://www.securityweek.com/carespring-data-breach-exposes-personal-and-medical-information-of-nearly-77000-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8560351 False Data Breach,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-16T16:09:23+00:00 https://community.riskiq.com/article/ded5ac3e www.secnews.physaphae.fr/article.php?IdArticle=8558803 False Ransomware,Malware,Vulnerability,Threat,Medical None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Over the last few years, attacks against the healthcare sector have been severe and widespread, targeting sensitive patient data and critical medical operations. The 2020 ransomware attack on Universal Health Services, which led to the shutdown of systems across 400 facilities in the U.S., significantly affected patient care and operations. In 2021, Ireland’s Health Service [...]]]> 2024-08-16T07:07:14+00:00 https://informationsecuritybuzz.com/cybersecurity-healthcare-regulation-sa/ www.secnews.physaphae.fr/article.php?IdArticle=8558551 False Ransomware,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch Teams designed AI systems to secure open-source infrastructure software to be used in industry sectors such as financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize.]]> 2024-08-15T22:25:24+00:00 https://www.darkreading.com/application-security/darpa-announces-ai-cyber-challenge-finalists www.secnews.physaphae.fr/article.php?IdArticle=8558648 False Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Tenable detailed two privilege escalation vulnerabilities in the Azure Health Bot Service, one of which has been rated critical]]> 2024-08-14T11:15:00+00:00 https://www.infosecurity-magazine.com/news/critical-vulnerability-microsoft/ www.secnews.physaphae.fr/article.php?IdArticle=8557543 False Vulnerability,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.]]> 2024-08-14T10:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/inc-ransomware-encryptor-contains-keys-to-victim-data-recovery www.secnews.physaphae.fr/article.php?IdArticle=8557214 False Ransomware,Threat,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-13T19:36:37+00:00 https://community.riskiq.com/article/d82834d0 www.secnews.physaphae.fr/article.php?IdArticle=8557212 False Ransomware,Malware,Tool,Threat,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers\' resources.]]> 2024-08-13T18:36:28+00:00 https://www.darkreading.com/application-security/microsoft-azure-ai-health-bot-infected-with-critical-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=8557167 False Vulnerability,Medical None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Medical organizations must implement robust cybersecurity solutions due to the sensitivity of the data they handle and the increasing frequency of cyberattacks. As these organizations rely more heavily on technology for storing and managing patient data in the digital era, their vulnerability to cyber threats, such as ransomware, DDoS attacks, and IP address manipulation, also [...]]]> 2024-08-13T04:18:01+00:00 https://informationsecuritybuzz.com/reasons-healthcare-needs-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8556754 False Ransomware,Vulnerability,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T21:01:31+00:00 https://community.riskiq.com/article/ee29bc18 www.secnews.physaphae.fr/article.php?IdArticle=8556583 False Malware,Threat,Mobile,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T19:53:21+00:00 https://community.riskiq.com/article/23e31fb6 www.secnews.physaphae.fr/article.php?IdArticle=8556555 False Malware,Tool,Threat,Medical APT 41 3.0000000000000000 Dark Reading - Informationweek Branch The American Hospital Association and the Health-ISAC issued a joint threat bulletin warning healthcare IT providers that their ransomware plans need to consider third-party risk.]]> 2024-08-10T01:59:25+00:00 https://www.darkreading.com/endpoint-security/healthcare-providers-must-plan-for-ransomware-attacks-on-third-party-suppliers www.secnews.physaphae.fr/article.php?IdArticle=8554657 False Ransomware,Threat,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A ransomware tabletop exercise was conducted against a fictious hospital, aiming to educate attendees of how to fight against such threats]]> 2024-08-08T14:45:00+00:00 https://www.infosecurity-magazine.com/news/ransomware-drill-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8554128 False Ransomware,Medical None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Résumé Le ransomware de jeu, également connu sous le nom de PlayCrypt, est un ransomware qui a émergé pour la première fois en juin 2022. Le ransomware cible des industries telles que les soins de santé et les télécommunications ainsi qu'un large éventail de régions telles que l'Amérique latine, l'Europe et l'Amérique du Nord.Les ransomwares de lecture sont connus pour avoir accès aux réseaux via un compromis [& # 8230;]

---

>Summary The Play Ransomware, also known as PlayCrypt, is a ransomware that first emerged in June 2022. The ransomware has been targeting industries such as healthcare and telecommunication as well as a wide range of regions such as Latin America, Europe, and North America. Play Ransomware is known for gaining access to networks through compromised […] ]]> 2024-08-08T14:00:20+00:00 https://www.netskope.com/blog/replay-revisiting-play-ransomware-anti-analysis-techniques www.secnews.physaphae.fr/article.php?IdArticle=8554095 False Ransomware,Medical None 3.0000000000000000 ZoneAlarm - Security Firm Blog Une récente attaque de ransomware contre One Llood, un grand fournisseur de sang, a gravement perturbé la chaîne d'approvisionnement en sang en Floride, ce qui a provoqué des avertissements urgents et un appel à des dons.Cette cyberattaque souligne la vulnérabilité critique des infrastructures de santé et les implications de grande envergure de ces violations.Oneblood est un fournisseur de sang de premier plan dans le sud-est des États-Unis, & # 8230;

---

>A recent ransomware attack on OneBlood, a major blood supplier, has severely disrupted the blood supply chain in Florida, prompting urgent health warnings and a call for donations. This cyberattack underscores the critical vulnerability of healthcare infrastructures and the far-reaching implications of such breaches. OneBlood is a leading blood supplier in the southeastern United States, … ]]> 2024-08-08T11:14:03+00:00 https://blog.zonealarm.com/2024/08/ransomware-attack-on-blood-supplier-oneblood-disrupts-healthcare-system/ www.secnews.physaphae.fr/article.php?IdArticle=8554012 False Ransomware,Vulnerability,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future 2024-08-08T01:54:03+00:00 https://therecord.media/michigan-hospital-system-struggling-after-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8553772 False Ransomware,Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine DARPA\'s AI Cyber Challenge is enlisting AI to fight software vulnerabilities, with the healthcare sector closely watching the semi-finals as a potential solution to rising cyber threats]]> 2024-08-07T13:30:00+00:00 https://www.infosecurity-magazine.com/news/darpas-ai-cyber-challenge-heats-up/ www.secnews.physaphae.fr/article.php?IdArticle=8553428 False Vulnerability,Medical None 3.0000000000000000 BBC - BBC News - Technology The 2022 breach included medical records and information on gaining entry to the homes of 890 people.]]> 2024-08-06T23:04:10+00:00 https://www.bbc.com/news/articles/c78llg7n5d5o www.secnews.physaphae.fr/article.php?IdArticle=8553026 False Hack,Medical None 2.0000000000000000 Security Intelligence - Site de news Américain Les cyberattaques se développent chaque année en sophistication et en fréquence, et le coût des violations de données continue de monter avec eux.Un nouveau rapport d'IBM et du Ponemon Institute, l'étude sur le coût de la violation des données de 2024, détaille les impacts financiers des attaques dans plusieurs secteurs.Le coût moyen mondial d'une violation de données a atteint un historique [& # 8230;]

---

>Cyberattacks grow every year in sophistication and frequency, and the cost of data breaches continues to rise with them. A new report by IBM and the Ponemon Institute, the 2024 Cost of Data Breach Study, details the financial impacts of attacks across multiple industries. The global average cost of a data breach reached an all-time […] ]]> 2024-08-06T13:00:00+00:00 https://securityintelligence.com/articles/cost-of-a-data-breach-healthcare-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8552773 False Data Breach,Studies,Medical None 2.0000000000000000 The State of Security - Magazine Américain Cybercriminals are notorious for their opportunism. No situation is off limits: whether they exploit conflict and human suffering, blackmail vulnerable individuals by threatening to leak therapy notes, or even bring healthcare organizations to their knees, cybercriminals will stop at nothing to make a quick buck. Hurricane season is a particularly lucrative time of year for cybercriminals. Every year, inclement weather rips through the Atlantic and Gulf of Mexico, causing billions of dollars in damage and putting lives at risk. This year\'s season began with unusual ferocity as Hurricane Beryl...]]> 2024-08-06T03:41:20+00:00 https://www.tripwire.com/state-of-security/hurricane-season-scams-what-you-need-know www.secnews.physaphae.fr/article.php?IdArticle=8552632 False Threat,Medical None 2.0000000000000000 SecurityWeek - Security News Oneblood, une banque de sang à but non lucratif desservant plus de 300 hôpitaux américains, a été frappée par une attaque de ransomware perturbatrice.

---

>OneBlood, a non-profit blood bank serving more than 300 U.S. hospitals, has been hit by a disruptive ransomware attack. ]]> 2024-07-31T17:13:07+00:00 https://www.securityweek.com/ransomware-attack-hits-oneblood-blood-bank-disrupts-medical-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8548195 False Ransomware,Medical None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC affecting 66% of organizations in 2023 and pulling over $1 billion from the victims. These attacks have increased in frequency and sophistication, resulting in significant financial loss, operation disruption, theft of sensitive data, and reduced productivity rates. Also, it damages the organization\'s reputation and results in the loss of customer trust and compliance violations. An organization needs a comprehensive protection strategy to reduce the frequency of these attacks and the risks they pose. Ransomware Business Model: How These Attacks Are Evolving? In the past, ransomware attacks mainly relied on phishing emails, remote desktop protocol exploits, and vulnerable ports to increase their chances of success. Additionally, these attacks employ evasion techniques to bypass traditional security measures like firewalls or antivirus software. These methods have resulted in famous attacks like WannaCry, TeslaCrypt, and NotPetya. With time, ransomware attackers have evolved and have become more sophisticated, targeted, and profitable for cybercriminals. Below is an insight into the latest trends that hackers adopt to launch a successful ransomware attack: Exploiting Zero-Day Vulnerabilities The shift in ransomware gangs and their sophisticated tactics and procedures (TTPs) raise the number of ransomware attacks. . Previously, REvil, Conti, and LockBit were the famous ransomware gangs, but now Clop, Cuban, and Play are gaining immense popularity by employing advanced hacking techniques like zero-day vulnerabilities. Sophos\'s State of Ransomware 2024 revealed exploited vulnerabilities as the root cause of ransomware attacks. The Clop ransomware gang has used the zero-day vulnerability in the MOVEit Transfer platform to steal the sensitive data of different organizations. This group also targeted the GoAnywhere zero-day vulnerability in January 2023, affecting 130 organizations, and exploited the Accellion FTA servers in 2020. Similarly, Cuban and Play used the same attacking technique to compromise the unpatched Microsoft Exchange servers. Double and Triple Extortion Another reason for the rise in ransomware attacks is the introduction of the double or triple extortion technique. Cybersecurity firm Venafi reported that 83% of ransomware attacks included multiple ransom demands in 2022. Cybercriminals encrypt the data, exfiltrate sensitive information, and threaten to release it or sell it on the dark web if the ransom is not paid in a double extortion scheme. This tactic prove]]> 2024-07-31T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/are-ransomware-attacks-still-a-growing-threat-in-2024 www.secnews.physaphae.fr/article.php?IdArticle=8547886 False Ransomware,Malware,Tool,Vulnerability,Threat,Studies,Legislation,Prediction,Medical,Technical NotPetya,Wannacry,Deloitte 3.0000000000000000 Recorded Future - FLux Recorded Future 2024-07-30T09:45:00+00:00 https://therecord.media/ibm-breach-report-cost-rise-to-5-million www.secnews.physaphae.fr/article.php?IdArticle=8547178 False Medical None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   Overview In mid-2022, Mandiant\'s Managed Defense detected multiple intrusions involving QAKBOT, leading to the deployment of BEACON coupled with other pre-ransomware indicators. This marked Mandiant\'s initial identification of UNC4393, the primary user of BASTA ransomware. Mandiant has responded to over 40 separate UNC4393 intrusions across 20 different industry verticals. While healthcare organizations have not traditionally been a focus for UNC4393, several breaches in the industry this year indicate a possible expansion of their interests. However, this represents only a fraction of the cluster\'s victims, with the Black Basta data leak site purporting over 500 victims since inception. Over the course of this blog post, Mandiant will detail the evolution of UNC4393\'s operational tactics and malware usage throughout its active lifespan, with a focus on the period following the QAKBOT botnet takedown. We will highlight the cluster\'s transition from readily available tools to custom malware development as well as its evolving reliance on access brokers and diversification of initial access techniques. Figure 1: UNC4393 intrusion lifecycle Attribution and Targeting UNC4393 is a financially motivated threat cluster, and the primary user of BASTA ransomware, tracked since mid-2022 but likely active since early 2022 based on activity on the BASTA DLS.  The group has overwhelmingly leveraged initial access gained via UNC2633 and UNC2500 QAKBOT botnet infections to deploy BASTA ransomware. QAKBOT is typically distributed via phishing emails containing malicious links or attachments. In some cases, HTML smuggling has also been used to distribute ZIP files containing IMG files that house LNK files and QAKBOT payloads.  Mandiant suspects BASTA operators maintain a private or small, closed-invitation affiliate model whereby only trusted third-party actors are provided with use of the BASTA encryptor. Unlike traditional ransomware-as-a-service (RaaS), BASTA is not publicly marketed and its operators do not appear to actively recruit affiliates to deploy the ransomware. Instead, they focus on acquiring initial access via partnerships or purchases in underground communities. This deviates from traditional RaaS models, which focus on the ransomware development and related services such as the data leak site (DLS) that are provided to affiliates in exchange for directly distributing the ransomware. While UNC4393 is the only currently active threat cluster deploying BASTA that Mandiant tracks, we cannot rule out the possibility that other, vetted threat actors may also be given access to the encrypter. The hundreds of BASTA ransomware victims claimed on the DLS appear credible due to UNC4393\'s rapid operational tempo. With a median time to ransom of approximately 42 hours, UNC4393 has demonstrated p]]> 2024-07-29T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight/ www.secnews.physaphae.fr/article.php?IdArticle=8546627 False Ransomware,Malware,Tool,Threat,Prediction,Medical,Cloud None 2.0000000000000000 The Register - Site journalistique Anglais No mention of malware or ransomware – somewhat of a rarity these days HealthEquity, a US fintech firm for the healthcare sector, admits that a "data security event" it discovered at the end of June hit the data of a substantial 4.3 million individuals. Stolen details include addresses, telephone numbers and payment data.…]]> 2024-07-29T13:45:41+00:00 https://go.theregister.com/feed/www.theregister.com/2024/07/29/healthequity_says_data_breach_affects/ www.secnews.physaphae.fr/article.php?IdArticle=8546628 False Ransomware,Malware,Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-29T10:58:35+00:00 https://community.riskiq.com/article/72f3426d www.secnews.physaphae.fr/article.php?IdArticle=8546560 False Ransomware,Data Breach,Spam,Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Industrial,Medical APT 28,APT 36 2.0000000000000000 Dark Reading - Informationweek Branch Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.]]> 2024-07-26T20:36:57+00:00 https://www.darkreading.com/cybersecurity-operations/crowdstrike-outage-losses-estimated-staggering-54b www.secnews.physaphae.fr/article.php?IdArticle=8544995 False Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-26T18:40:00+00:00 https://community.riskiq.com/article/ff2603f2 www.secnews.physaphae.fr/article.php?IdArticle=8544962 False Ransomware,Malware,Tool,Vulnerability,Threat,Medical,Cloud,Technical None 3.0000000000000000 Dark Reading - Informationweek Branch The individual is part of a DPRK-backed group known as Andariel, which is known for using the \'Maui\' ransomware strain to target and extort healthcare entities.]]> 2024-07-26T18:19:12+00:00 https://www.darkreading.com/threat-intelligence/us-offers-10m-reward-for-information-on-north-korean-hacker www.secnews.physaphae.fr/article.php?IdArticle=8544937 False Ransomware,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. "Rim Jong Hyok and his co-conspirators deployed]]> 2024-07-26T14:25:00+00:00 https://thehackernews.com/2024/07/us-doj-indicts-north-korean-hacker-for.html www.secnews.physaphae.fr/article.php?IdArticle=8544659 False Ransomware,Medical None 3.0000000000000000 SecurityWeek - Security News Un homme qui aurait mené des attaques pour une agence de renseignement militaire nord-coréen a été inculpé de complot en vue de pirater les entreprises de soins de santé, la NASA, les bases militaires et d'autres entités.

---

>A man who allegedly carried out attacks for a North Korean military intelligence agency has been indicted in a conspiracy to hack healthcare firms, NASA, military bases and other entities. ]]> 2024-07-25T19:18:34+00:00 https://www.securityweek.com/north-korean-charged-in-ransomware-attacks-on-american-hospitals/ www.secnews.physaphae.fr/article.php?IdArticle=8544313 False Ransomware,Hack,Medical None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   Executive Summary APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009. APT45 has gradually expanded into financially-motivated operations, and the group\'s suspected development and deployment of ransomware sets it apart from other North Korean operators.  APT45 and activity clusters suspected of being linked to the group are strongly associated with a distinct genealogy of malware families separate from peer North Korean operators like TEMP.Hermit and APT43.  Among the groups assessed to operate from the Democratic People\'s Republic of Korea (DPRK), APT45 has been the most frequently observed targeting critical infrastructure. Overview Mandiant assesses with high confidence that APT45 is a moderately sophisticated cyber operator that supports the interests of the DPRK. Since at least 2009, APT45 has carried out a range of cyber operations aligned with the shifting geopolitical interests of the North Korean state. Although the group\'s earliest observed activities consisted of espionage campaigns against government agencies and defense industries, APT45 has expanded its remit to financially-motivated operations, including targeting of the financial vertical; we also assess with moderate confidence that APT45 has engaged in the development of ransomware. Additionally, while multiple DPRK-nexus groups focused on healthcare and pharmaceuticals during the initial stages of the COVID-19 pandemic, APT45 has continued to target this vertical longer than other groups, suggesting an ongoing mandate to collect related information. Separately, the group has conducted operations against nuclear-related entities, underscoring its role in supporting DPRK priorities. Shifts in Targeting and Expanding Operations Similar to other cyber threat activity attributed to North Korea-nexus groups, shifts in APT45 operations have reflected the DPRK\'s changing priorities. Malware samples indicate the group was active as early as 2009, although an observed focus on government agencies and the defense industry was observed beginning in 2017. Identified activity in 2019 aligned with Pyongyang\'s continued interest in nuclear issues and energy. Although it is not clear if financially-motivated operations are a focus of APT45\'s current mandate, the group is distinct from other North Korean operators in its suspected interest in ransomware. Given available information, it is possible that APT45 is carrying out financially-motivated cybercrime not only in support of its own operations but to generate funds for other North Korean state priorities. Financial Sector Like other North Korea]]> 2024-07-25T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machine/ www.secnews.physaphae.fr/article.php?IdArticle=8544047 False Ransomware,Malware,Tool,Threat,Medical APT 37,APT 43 5.0000000000000000 Palo Alto Network - Site Constructeur Une approche collaborative entre Accenture et Palo Alto Networks pour améliorer les résultats et les expériences des patients, les organisations de soins de santé d'aujourd'hui adoptent de plus en plus des technologies innovantes, telles que l'IA, le cloud et l'IoT.Bien que bénéfique, ceux-ci & # 8230;

---

>A Collaborative Approach Between Accenture and Palo Alto Networks To improve patient outcomes and experiences, today\'s healthcare organizations are increasingly adopting innovative technologies, such as AI, Cloud, and IoT. While beneficial, these … ]]> 2024-07-23T13:00:28+00:00 https://www.paloaltonetworks.com/blog/2024/07/strengthening-cybersecurity-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8542812 False Medical,Cloud None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2023 Cost of a Data Breach report reveals. But data breaches aren’t just expensive, they also harm patient privacy, damage organizational reputation, and erode patient trust in healthcare providers. As data breaches are now largely a matter of “when” not “if”, it’s important to devise a solid data breach response plan. By acting fast to prevent further damage and data loss, you can restore operations as quickly as possible with minimal harm done. Contain the Breach Once a breach has been detected, you need to act fast to contain it, so it doesn’t spread. That means disconnecting the affected system from the network, but not turning it off altogether as your forensic team still needs to investigate the situation. Simply unplug the network cable from the router to disconnect it from the internet. If your antivirus scanner has found malware or a virus on the system, quarantine it, so it can be analyzed later. Keep the firewall settings as they are and save all firewall and security logs. You can also take screenshots if needed. It’s also smart to change all access control login details. Strong complex passwords are a basic cybersecurity feature difficult for hackers and software to crack. It’s still important to record old passwords for future investigation. Also, remember to deactivate less-important accounts. Document the Breach You then need to document the breach, so forensic investigators can find out what caused it, as well as recommend accurate next steps to secure the network now and prevent future breaches. So, in your report, explain how you came to hear of the breach and relay exactly what was stated in the notification (including the date and time you were notified). Also, document every step you took in response to the breach. This includes the date and time you disconnected systems from the network and changed account credentials and passwords. If you use artificial intelligence (AI) tools, you’ll also need to consider whether they played a role in the breach, and document this if so. For example, ChatGPT, a popular chatbot and virtual assistant, can successfully exploit zero-day security vulnerabilities 87% of the time, a recent study by researchers at the University of Illinois Urbana-Champaign found. Although AI is increasingly used in healthcare to automate tasks, manage patient data, and even make tailored care recommendations, it does pose a serious risk to patient data integrity despite the other benefits it provides. So, assess whether AI influenced your breach at all, so your organization can make changes as needed to better prevent data breaches in the future. Report the Breach Although your first instinct may be to keep the breach under wraps, you’re actually legally required to report it. Under the ]]> 2024-07-23T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/what-healthcare-providers-should-do-after-a-medical-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8542852 False Data Breach,Malware,Tool,Vulnerability,Threat,Studies,Medical ChatGPT 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-19T18:51:32+00:00 https://community.riskiq.com/article/3ecd0e46 www.secnews.physaphae.fr/article.php?IdArticle=8540438 False Malware,Tool,Threat,Medical,Cloud APT 41 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-18T22:12:12+00:00 https://community.riskiq.com/article/7df80747 www.secnews.physaphae.fr/article.php?IdArticle=8539871 False Tool,Vulnerability,Threat,Medical None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-07-18T15:30:10+00:00 https://blog.knowbe4.com/change-healthcare-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8540382 False Ransomware,Medical None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   Executive Summary In collaboration with Google\'s Threat Analysis Group (TAG), Mandiant has observed a sustained campaign by the advanced persistent threat group APT41 targeting and successfully compromising multiple organizations operating within the global shipping and logistics, media and entertainment, technology, and automotive sectors. The majority of organizations were operating in Italy, Spain, Taiwan, Thailand, Turkey, and the United Kingdom. APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims\' networks since 2023, enabling them to extract sensitive data over an extended period.  APT41 used a combination of ANTSWORD and BLUEBEAM web shells for the execution of DUSTPAN to execute BEACON backdoor for command-and-control communication. Later in the intrusion, APT41 leveraged DUSTTRAP, which would lead to hands-on keyboard activity. APT41 used publicly available tools SQLULDR2 for copying data from databases and PINEGROVE to exfiltrate data to Microsoft OneDrive. Overview Recently, Mandiant became aware of an APT41 intrusion where the malicious actor deployed a combination of ANTSWORD and BLUEBEAM web shells for persistence. These web shells were identified on a Tomcat Apache Manager server and active since at least 2023. APT41 utilized these web shells to execute certutil.exe to download the DUSTPAN dropper to stealthily load BEACON.  As the APT41 intrusion progressed, the group escalated its tactics by deploying the DUSTTRAP dropper. Upon execution, DUSTTRAP would decrypt a malicious payload and execute it in memory, leaving minimal forensic traces. The decrypted payload was designed to establish communication channels with either APT41-controlled infrastructure for command and control or, in some instances, with a compromised Google Workspace account, further blending its malicious activities with legitimate traffic. The affected Google Workspace accounts have been successfully remediated to prevent further unauthorized access. Furthermore, APT41 leveraged SQLULDR2 to export data from Oracle Databases, and used PINEGROVE to systematically and efficiently exfiltrate large volumes of sensitive data from the compromised networks, transferring to OneDrive to enable exfiltration and subsequent analysis. ]]> 2024-07-18T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/apt41-arisen-from-dust/ www.secnews.physaphae.fr/article.php?IdArticle=8539580 False Ransomware,Malware,Tool,Threat,Patching,Medical,Cloud APT 41 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial U.S. Senator Mark R. Warner calls upon the administration to swiftly develop and implement mandatory minimum cyber standards... ]]> 2024-07-17T13:42:31+00:00 https://industrialcyber.co/medical/senator-warner-pushes-for-immediate-action-on-mandatory-cybersecurity-standards-for-healthcare-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8538878 False Industrial,Medical APT 42 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial A new bipartisan bill has been introduced by three U.S. senators to bolster cybersecurity across the healthcare and... ]]> 2024-07-16T12:17:24+00:00 https://industrialcyber.co/medical/us-senators-introduce-healthcare-cybersecurity-act-to-boost-sectors-defenses-against-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8538166 False Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-15T11:27:07+00:00 https://community.riskiq.com/article/fdcb22e4 www.secnews.physaphae.fr/article.php?IdArticle=8537522 False Ransomware,Malware,Tool,Vulnerability,Threat,Legislation,Prediction,Medical APT 41,APT 40 2.0000000000000000 Dark Reading - Informationweek Branch 2024-07-12T21:07:09+00:00 https://www.darkreading.com/endpoint-security/healthcare-industry-urged-to-adopt-exponential-it-for-improved-patient-outcomes-and-efficiency www.secnews.physaphae.fr/article.php?IdArticle=8535957 False Medical None 2.0000000000000000 knowbe4 - cybersecurity services ransomware est plus prolifique et coûteux que jamais.Selon la source que vous avez lue, le paiement moyen ou médian des ransomwares était d'au moins plusieurs centaines de milliers de dollars à bien plus de plusieurs millions en 2023. Marsh, un leader de l'assurance cybersécurité, a écrit que ses clients ont payé une moyenne de 6,5 millions de dollars de rançon en 2023 (après avoir simplement payé en moyenne 1,4 million de dollars en 2023).

---

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over several million in 2023. Marsh, a leader in cybersecurity insurance, wrote that its customers paid an average of $6.5 million in ransom in 2023 (after just paying an average of $1.4 million in 2023).]]> 2024-07-11T18:01:48+00:00 https://blog.knowbe4.com/ransomware-killing-people-for-sure www.secnews.physaphae.fr/article.php?IdArticle=8535675 False Ransomware,Medical None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Les organisations se retrouvent à l'intersection du progrès et du péril dans le paysage des soins de santé numérique en évolution rapide.Les dernières données soulignent que les compromis sont importants et présentent des risques substantiels pour les établissements de santé. L'un des principaux obstacles est la déconnexion entre les cadres supérieurs et les priorités de cybersécurité.Malgré la reconnaissance de la cyber-résilience comme un impératif crucial, de nombreuses organisations de soins de santé ont du mal à obtenir le soutien et les ressources du leadership le plus élevé.Ce manque d'engagement entrave les progrès et laisse les institutions vulnérables aux violations potentielles. Pendant ce temps, la technologie continue d'avancer à un rythme étonnamment rapide, tout comme les risques posés par les cyber-menaces.Le niveau de niveau et le commerce de niveau 2024;Le rapport révèle que ce délicat équilibre entre l'innovation et la sécurité au sein de l'industrie des soins de santé.Notre analyse complète identifie les opportunités d'alignement plus approfondi entre le leadership exécutif et les équipes techniques. Rapport. & nbsp; & nbsp; & nbsp; La quête insaisissable de la cyber-résilience dans les soins de santé Imaginez un monde où les institutions de soins de santé sont imperméables aux cybermenaces & mdash; où chaque aspect d'une organisation est fortifié contre les perturbations.C'est l'idéal élevé de la cyber-résilience, mais il reste un objectif insaisissable pour de nombreuses organisations de soins de santé.L'évolution rapide de l'informatique a transformé le paysage informatique, brouillant les lignes entre les systèmes hérités, le cloud computing et les initiatives de transformation numérique.Bien que ces progrès apportent des avantages indéniables, ils introduisent également des risques sans précédent. Nos recherches indiquent que 83% des leaders informatiques des soins de santé reconnaissent que l'innovation de l'innovation augmente l'exposition aux risques.Dans un monde où les cybercriminels deviennent de plus en plus sophistiqués, le besoin de cyber-résilience n'a jamais été aussi urgent.Des attaques de ransomwares aux incidents DDOS débilitants, les organisations de soins de santé opèrent dans un climat où une seule violation peut avoir des conséquences catastrophiques. Exploration de la relation entre le leadership et la cyber-résilience Notre enquête auprès de 1 050 C-suite et cadres supérieurs, dont 180 de l'industrie des soins de santé dans 18 pays, met en évidence le besoin urgent de cyber-résilience.Le rapport est conçu pour favoriser des discussions réfléchies sur les vulnérabilités et les opportunités d'amélioration. Dans le rapport, vous & rsquo; ll: - Découvrez pourquoi les chefs de santé et les équipes technologiques doivent hiérarchiser la cyber-résilience. - Découvrez les obstacles critiques à la réalisation de la cyber-résilience. - Découvrez l'importance du contexte commercial et des problèmes opérationnels pour hiérarchiser la résilience. Reconnaissant l'impératif de la cyber-résilience, les chefs de soins de santé sont appelés Ã]]> 2024-07-11T13:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/2024-cyber-resilience-research-unveils-healthcare-sector-challenges www.secnews.physaphae.fr/article.php?IdArticle=8534987 False Ransomware,Vulnerability,Medical,Cloud,Technical None 2.0000000000000000 Palo Alto Network - Site Constructeur Tapan Mehta discute des défis, des opportunités et de l'avenir de l'IA dans la protection de l'infrastructure et des données des soins de santé.

---

>Tapan Mehta discusses the challenges, opportunities and future of AI in protecting healthcare infrastructure and data. ]]> 2024-07-10T13:00:43+00:00 https://www.paloaltonetworks.com/blog/2024/07/ai-provides-an-rx-for-cybersecurity-in-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8534395 False Medical None 3.0000000000000000 The Register - Site journalistique Anglais BlackByte, LockBit among the criminals using bespoke tools As ransomware crews increasingly shift beyond just encrypting victims\' files and demanding a payment to unlock them, instead swiping sensitive info straight away, some of the more mature crime organizations are developing custom malware for their data theft.…]]> 2024-07-10T10:00:15+00:00 https://go.theregister.com/feed/www.theregister.com/2024/07/10/ransomware_data_exfil_malware/ www.secnews.physaphae.fr/article.php?IdArticle=8534148 False Ransomware,Malware,Medical None 3.0000000000000000 Global Security Mag - Site de news francais mise à jour malveillant

---

Blackfog Ransomware Report - LockBit dominates, Play makes moves, Healthcare sector highest risk of attack - Malware Update]]> 2024-07-09T08:46:30+00:00 https://www.globalsecuritymag.fr/blackfog-ransomware-report-lockbit-dominates-play-makes-moves-healthcare-sector.html www.secnews.physaphae.fr/article.php?IdArticle=8533350 False Ransomware,Medical None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   As North Atlantic Treaty Organization (NATO) members and partners gather for a historic summit, it is important to take stock of one of its most pressing challenges-the cyber threat. The Alliance faces a barrage of malicious cyber activity from all over the globe, carried out by emboldened state-sponsored actors, hacktivists, and criminals who are willing to cross lines and carry out activity that was previously considered unlikely or inconceivable. In addition to military targets, NATO must consider the risks that hybrid threats like malicious cyber activity pose to hospitals, civil society, and other targets, which could impact resilience in a contingency. The war in Ukraine is undoubtedly linked to escalating cyber threat activity, but many of these threats will continue to grow separately and in parallel.  NATO must contend with covert, aggressive malicious cyber actors that are seeking to gather intelligence, preparing to or currently attacking critical infrastructure, and working to undermine the Alliance with elaborate disinformation schemes. In order to protect its customers and clients, Google is closely tracking cyber threats, including those highlighted in this report; however, this is just a glimpse at a much larger and evolving landscape. Cyber Espionage NATO\'s adversaries have long sought to leverage cyber espionage to develop insight into the political, diplomatic, and military disposition of the Alliance and to steal its defense technologies and economic secrets. However, intelligence on the Alliance in the coming months will be of heightened importance. This year\'s summit is a transition period, with the appointment of Mark Rutte as the new Secretary General and a number of adaptations expected to be rolled out to shore up the Alliance\'s defense posture and its long-term support for Ukraine. Successful cyber espionage from threat actors could potentially undermine the Alliance\'s strategic advantage and inform adversary leadership on how to anticipate and counteract NATO\'s initiatives and investments. NATO is targeted by cyber espionage activity from actors around the world with varying capabilities. Many still rely on technically simple but operationally effective methods, like social engineering. Others have evolved and elevated their tradecraft to levels that distinguish themselves as formidable adversaries for even the most experienced defenders. APT29 (ICECAP) Publicly attributed to the Russian Foreign Intelligence Services (SVR) by several governments, APT29 is heavily focused on diplomatic and political intelligence collection, principally targeting Europe and NATO member states. APT29 has been involved in multiple high-profile breaches of technology firms that were designed to provide access to the public sector. In the past year, Mandiant has observed APT29 targeting technology companies and IT service providers in NATO member countries to facilitate third-party and software supply chain compromises of government and poli]]> 2024-07-08T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-facing-nato/ www.secnews.physaphae.fr/article.php?IdArticle=8532698 False Ransomware,Malware,Tool,Vulnerability,Threat,Legislation,Medical,Cloud,Technical APT 29,APT 28 3.0000000000000000 The State of Security - Magazine Américain Each day, it seems that we hear of another healthcare organization being compromised by a cyber attack. It is clear that the healthcare industry is the new favorite target amongst cybercriminals. Fortunately, vigorous efforts are available to combat these threats. We recently spoke to Errol Weiss, Chief Security Officer at Health-ISAC. Errol spearheads the information sharing and analysis center, helping to make the healthcare sector better informed and more resilient. Tell us about how you became involved in the cybersecurity profession. I got interested in cybersecurity as a teen, reading...]]> 2024-07-08T02:59:40+00:00 https://www.tripwire.com/state-of-security/guarding-health-errol-weiss-protecting-healthcare-sector-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8532649 False Medical None 3.0000000000000000 knowbe4 - cybersecurity services 2024-07-05T18:00:10+00:00 https://blog.knowbe4.com/state-sponsored-phishing-campaigns-target-40000-vip-individuals www.secnews.physaphae.fr/article.php?IdArticle=8531259 False Threat,Medical,Cloud None 3.0000000000000000 The Register - Site journalistique Anglais Skin-sparing mastectomy and breast reconstruction scrapped as result of ransomware at supplier Exclusive  The latest figures suggest that around 1,500 medical procedures have been canceled across some of London\'s biggest hospitals in the four weeks since Qilin\'s ransomware attack hit pathology services provider Synnovis. But perhaps no single person was affected as severely as Johanna Groothuizen.…]]> 2024-07-05T17:00:11+00:00 https://go.theregister.com/feed/www.theregister.com/2024/07/05/qilin_impacts_patient/ www.secnews.physaphae.fr/article.php?IdArticle=8531234 False Ransomware,Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Health Sector Cybersecurity Coordination Center (HC3) of the U.S. Department of Health & Human Services (HHS) has... ]]> 2024-07-05T10:21:19+00:00 https://industrialcyber.co/medical/hc3-warns-of-critical-vulnerabilities-in-moveit-platform-that-pose-enhanced-risk-to-healthcare-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8531079 False Vulnerability,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Healthcare fintech firm HealthEquity is warning that it suffered a data breach after a partner\'s account was compromised and used to access the Company\'s systems to steal protected health information. [...]]]> 2024-07-03T15:34:40+00:00 https://www.bleepingcomputer.com/news/security/healthequity-data-breach-exposes-protected-health-information/ www.secnews.physaphae.fr/article.php?IdArticle=8530105 False Data Breach,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch The cyberattack disrupted national laboratory services, which could slow response to disease outbreaks such as mpox, experts warn.]]> 2024-07-03T07:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/south-africa-healthcare-lab-still-reeling-from-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8529723 False Ransomware,Medical None 3.0000000000000000 SecurityWeek - Security News La compagnie d'assurance-vie Landmark Admin indique que les informations personnelles, médicales et d'assurance ont été compromises dans une violation de données de mai.

---

>Life insurance company Landmark Admin says personal, medical, and insurance information was compromised in a May data breach. ]]> 2024-07-01T13:32:13+00:00 https://www.securityweek.com/landmark-admin-discloses-data-breach-impacting-personal-medical-information/ www.secnews.physaphae.fr/article.php?IdArticle=8529238 False Data Breach,Medical None 3.0000000000000000 SecureMac - Security focused on MAC US Interdit le logiciel Kaspersky, citant les risques de sécurité.Changer la santé du piratage expose les données sensibles des patients.Apple paie Bug Bounty pour la vulnérabilité Vision Pro.

---

>US bans Kaspersky software, citing security risks. Change Healthcare hack exposes sensitive patient data. Apple pays bug bounty for Vision Pro vulnerability. ]]> 2024-06-28T20:37:57+00:00 https://www.securemac.com/news/checklist-381-kaspersky-ban-the-change-hack-and-virtual-bugs www.secnews.physaphae.fr/article.php?IdArticle=8527457 False Hack,Vulnerability,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Though the Chicago-area hospital did not pay a ransom, a host of sensitive medical information is now at risk.]]> 2024-06-28T17:00:07+00:00 https://www.darkreading.com/cyberattacks-data-breaches/hundreds-of-thousands-impacted-children-hospital-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8527315 False Medical None 2.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux / / affiche

---

A third of Americans have had their Social Security numbers leaked in healthcare breaches - Special Reports / affiche]]> 2024-06-28T07:46:47+00:00 https://www.globalsecuritymag.fr/a-third-of-americans-have-had-their-social-security-numbers-leaked-in.html www.secnews.physaphae.fr/article.php?IdArticle=8527035 False Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization. [...]]]> 2024-06-27T19:17:15+00:00 https://www.bleepingcomputer.com/news/security/former-it-employee-accessed-data-of-over-1-million-us-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8527175 False Data Breach,Medical None 3.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

Menlo Security Exposes Three New Nation-State Campaigns State-sponsored threat actors seen employing evasive techniques to target government, banking, and healthcare organizations - Special Reports]]> 2024-06-27T13:47:57+00:00 https://www.globalsecuritymag.fr/menlo-security-exposes-three-new-nation-state-campaigns.html www.secnews.physaphae.fr/article.php?IdArticle=8526584 False Threat,Medical None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2024-06-26T06:47:47+00:00 https://blog.incogni.com/medical-data-breaches-research/ www.secnews.physaphae.fr/article.php?IdArticle=8525799 False Ransomware,Prediction,Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Federal Bureau of Investigation (FBI) and the U.S. Department of Health and Human Services (HHS) have issued... ]]> 2024-06-25T14:12:22+00:00 https://industrialcyber.co/medical/fbi-and-hhs-release-joint-cybersecurity-advisory-on-social-engineering-threats-affecting-healthcare-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8525385 False Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Health Sector Cybersecurity Coordination Center (HC3) of the U.S. Department of Health & Human Services (HHS) has... ]]> 2024-06-24T17:31:43+00:00 https://industrialcyber.co/medical/hc3-releases-threat-profile-on-qilin-ransomware-targeting-global-healthcare-other-critical-sectors/ www.secnews.physaphae.fr/article.php?IdArticle=8524790 False Ransomware,Threat,Medical None 3.0000000000000000 SecurityWeek - Security News Livanova USA affirme que les informations personnelles et médicales de 130 000 personnes ont été compromises dans une violation de données d'octobre 2023.

---

>LivaNova USA says the personal and medical information of 130,000 individuals was compromised in an October 2023 data breach. ]]> 2024-06-24T13:56:50+00:00 https://www.securityweek.com/livanova-usa-discloses-data-breach-impacting-130000-individuals/ www.secnews.physaphae.fr/article.php?IdArticle=8524729 False Data Breach,Medical None 2.0000000000000000 AhnLab - Korean Security Firm Étant donné que les serveurs Web sont exposés à l'extérieur pour fournir des services Web à tous les utilisateurs disponibles, ils ont été des objectifs majeurs pourMenace les acteurs depuis le passé.Ahnlab Security Intelligence Center (ASEC) surveille les attaques contre des serveurs Web vulnérables qui ont des vulnérabilités non corrigées ou qui sont mal gérés, et partage les cas d'attaque qui ont été confirmés par le biais de son blog ASEC.L'ASEC a récemment identifié des cas d'attaque où une institution médicale coréenne a été ciblée, entraînant l'installation de co -miners.Le ciblé ...

---

Since web servers are externally exposed to provide web services to all available users, they have been major targets for threat actors since the past. AhnLab SEcurity Intelligence Center (ASEC) is monitoring attacks against vulnerable web servers that have unpatched vulnerabilities or are being poorly managed, and is sharing the attack cases that have been confirmed through its ASEC Blog. ASEC recently identified attack cases where a Korean medical institution was targeted, resulting in the installation of CoinMiners. The targeted... ]]> 2024-06-24T00:48:56+00:00 https://asec.ahnlab.com/en/66994/ www.secnews.physaphae.fr/article.php?IdArticle=8524326 False Vulnerability,Threat,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July. [...]]]> 2024-06-21T12:10:25+00:00 https://www.bleepingcomputer.com/news/security/change-healthcare-lists-the-medical-data-stolen-in-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8522814 False Ransomware,Data Breach,Medical None 2.0000000000000000