This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T13:24:45+00:00 www.secnews.physaphae.fr SecurityWeek - Security News RansomHub extorque les soins de santé des changements, menaçant de publier des données volées dans une attaque de ransomware Blackcat de février 2024.

---

>RansomHub is extorting Change Healthcare, threatening to release data stolen in a February 2024 BlackCat ransomware attack. ]]> 2024-04-09T10:18:23+00:00 https://www.securityweek.com/second-ransomware-group-extorting-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8478634 False Ransomware,Medical None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC subtextual attacks. These aren\'t your run-of-the-mill security breaches; they\'re cunningly crafted messages that may look harmless—but they actually carry a dangerous payload within them. Join me as we take a closer look at this under-the-radar, but still dangerous, threat. We\'ll explore how these deceptive messages can sneak past our defenses, trick people into taking unwanted actions, and steal sensitive information without ever tripping an alarm. The Rise of Subtextual Attacks Unlike traditional cyber attacks, which are often direct and identifiable, subtextual attacks rely on subtlety and deception. Attackers craft messages that on the surface appear harmless or unrelated to any malicious activity. However, embedded within these communications are instructions, links, or information that can compromise security, manipulate behavior, or extract sensitive data. And not only is big data paramount in advertising and other avenues, but it’s also like keeping everything in your wallet—it’s convenient, helpful even, but signals to attackers that you’re indeed willing to put all your eggs in one basket when it comes to communications. These attacks exploit the nuances of language and context and require a sophisticated understanding of human communication and digital interaction patterns. For instance, a seemingly benign email might include a specific choice of words or phrases that, when interpreted correctly, reveal a hidden command or a disguised link to a malicious site. Psychological Manipulation Through Subtext Subtextual attacks also leverage psychological manipulation, influencing individuals to act in ways that compromise security or divulge confidential information. By understanding the psychological triggers and behavioral patterns of targets, attackers craft messages that subtly guide the recipient\'s actions. For instance, an attacker might use social engineering techniques combined with subtextual cues to convince a user to bypass normal security protocols. An email that seems to come from a trusted colleague or superior, containing subtle suggestions or cues, can be more effective in eliciting certain actions than a direct request or command. Attackers can also exploit the principle of urgency or scarcity, embedding subtle cues in communications that prompt the recipient to act quickly, bypassing their usual critical thinking or security procedures. The Evolution of Digital Forensics To combat the growing rise of subtextual attacks, the field of digital forensics has evolved significantly over the past decade. Initially focused on recovering and analyzing electronic information to investigate crime, digital forensics now incorporates advanced linguistic analysis, data pattern recognition, and machine learning to detect hidden threats. Modern digital forensic tools can analyze vast qua]]> 2024-04-09T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-hidden-threat-in-plain-sight-analyzing-subtextual-attacks-in-digital-communications www.secnews.physaphae.fr/article.php?IdArticle=8478586 False Ransomware,Tool,Vulnerability,Threat,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.]]> 2024-04-08T20:49:32+00:00 https://www.darkreading.com/cyberattacks-data-breaches/round-2-change-healthcare-targeted-second-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8478306 False Ransomware,Medical None 2.0000000000000000 The Register - Site journalistique Anglais Theories abound over who\'s truly responsible Change Healthcare is allegedly being extorted by a second ransomware gang, mere weeks after recovering from an ALPHV attack.…]]> 2024-04-08T13:00:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/08/change_healthcare_ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8478100 False Ransomware,Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Threat actors are socially engineering healthcare IT helpdesk staff to steal money, the government has warned]]> 2024-04-08T09:00:00+00:00 https://www.infosecurity-magazine.com/news/hospital-it-helpdesks-voice/ www.secnews.physaphae.fr/article.php?IdArticle=8477999 False Threat,Medical None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Alors que le groupe de ransomwares se déplace pour cacher ses 22 millions de dollars, son encoche d'affiliation est à la hauteur après avoir été affaibli en paiement.

---

>As the ransomware group moves to hide its $22 million, its affiliate notchy is laying low after reportedly being stiffed on payment.  ]]> 2024-04-05T17:25:00+00:00 https://cyberscoop.com/alphv-steps-up-laundering-of-change-healthcare-ransom-payments/ www.secnews.physaphae.fr/article.php?IdArticle=8476614 False Ransomware,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Tokyo-based eyeglass and medical lens-maker Hoya said the attack has halted production processes in some locations as well as an ordering system for some of its products.]]> 2024-04-04T14:02:46+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cyberattack-shutters-some-operations-at-japanese-lens-manufacturer www.secnews.physaphae.fr/article.php?IdArticle=8475937 False Medical None 2.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique La directive 2 (NIS2) de l'Union européenne est un gros problème pour améliorer la position de la cybersécurité de l'UE.Décourné en janvier 2023 - avec une date limite de conformité du 18 octobre 2024 - La directive est conçue pour renforcer les cyber-défenses dans les secteurs clés.De l'énergie aux soins de santé, la banque aux infrastructures numériques, si vous & # 8217; re dans ces [& # 8230;]

---

>The European Union’s Network and Information Systems Directive 2 (NIS2) is a big deal for improving the EU’s cybersecurity stance. Kicked off in January 2023-with a compliance deadline of October 18, 2024-the Directive is designed to beef up cyber defences across key sectors. From energy to healthcare, banking to digital infrastructure, if you’re in these […] ]]> 2024-04-03T07:01:00+00:00 https://www.netskope.com/blog/understanding-nis2-compliance-and-how-sase-can-help www.secnews.physaphae.fr/article.php?IdArticle=8475048 False Medical None 3.0000000000000000 Dark Reading - Informationweek Branch The initiative is meant to provide more resources and better strategies for healthcare entities that face an increasing amount of cybersecurity challenges.]]> 2024-04-02T19:52:39+00:00 https://www.darkreading.com/cybersecurity-operations/hhs-plans-for-cyber-one-stop-shop-after-change-healthcare-attack www.secnews.physaphae.fr/article.php?IdArticle=8474799 False Medical None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-04-01T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/ai-the-good-bad-and-scary www.secnews.physaphae.fr/article.php?IdArticle=8473954 False Ransomware,Tool,Prediction,Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future Les cyber-extormistes ont publié sur leurs données sur les patients sensibles de Blog Darkweb volées au NHS Dumfries et Galloway, qui fait partie du système de santé écossais, dans le but d'exiger de l'argent du Conseil de santé local.Le service a annoncé plus tôt ce mois

---

Cyber extortionists have published to their darkweb blog sensitive patient data stolen from NHS Dumfries and Galloway, part of the Scottish healthcare system, in a bid to demand money from the local health board. The service announced earlier this month it was the target of “a focused and ongoing cyber attack,” and that while]]> 2024-03-29T12:58:05+00:00 https://therecord.media/healthcare-ransomware-data-breach-nhs-scotland www.secnews.physaphae.fr/article.php?IdArticle=8472556 False Ransomware,Medical None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-29T06:00:11+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/cybersecurity-efficiency-healthcare-attack-surface-insights www.secnews.physaphae.fr/article.php?IdArticle=8472554 False Threat,Medical None 2.0000000000000000 The Register - Site journalistique Anglais ARPA-H joins the challenge, adds $20M to cash rewards Interview  As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC).…]]> 2024-03-26T13:15:12+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/26/aixcc_healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8470761 False Ransomware,Medical None 3.0000000000000000 Security Intelligence - Site de news Américain Alors que nous travaillons au premier trimestre de 2024, divers secteurs s'adaptent continuellement aux menaces de cybersécurité de plus en plus complexes.Des secteurs comme les soins de santé, la finance, l'énergie et le transport élargissent régulièrement leur infrastructure numérique, entraînant des surfaces d'attaque plus importantes et une plus grande exposition aux risques.Kaspersky vient de publier leurs prédictions ICS CERT pour cette année, décrivant la clé [& # 8230;]

---

>As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure. Kaspersky just released their ICS CERT Predictions for this year, outlining the key […] ]]> 2024-03-26T13:00:00+00:00 https://securityintelligence.com/articles/ics-cert-predictions-2024-need-to-know/ www.secnews.physaphae.fr/article.php?IdArticle=8470760 False Industrial,Medical None 4.0000000000000000 IndustrialCyber - cyber risk firms for industrial A U.S. Senator has introduced the Health Care Cybersecurity Improvement Act of 2024, which proposes providing advance and... ]]> 2024-03-25T15:25:15+00:00 https://industrialcyber.co/regulation-standards-and-compliance/new-legislation-mandates-minimum-cybersecurity-standards-to-safeguard-healthcare-providers-in-case-of-future-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8470227 False Legislation,Medical None 2.0000000000000000 Intigrity - Blog Le secteur de la santé reste une cible principale pour les cybercriminels, avec 90% des établissements de santé qui connaissent & # 160; au moins une violation de sécurité au cours des dernières années.Et les retombées peuvent être énormes.& # 160;En 2023, le coût moyen d'une violation de données dans tous les secteurs était de 4,45 millions de dollars.Cependant, le coût moyen d'une violation de données sur les soins de santé [& # 8230;]

---

>The healthcare sector remains a prime target for cybercriminals, with 90% of healthcare institutions experiencing at least one security breach in the last few years. And the fallout can be huge.   In 2023, the average cost of a data breach across all sectors was $4.45 million. However, the average cost of a healthcare data breach […] ]]> 2024-03-25T12:09:37+00:00 https://blog.intigriti.com/2024/03/25/pentesting-for-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8470147 False Data Breach,Medical None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La nouvelle législation du sénateur Mark Warner intervient alors que les groupes de soins de santé disent qu'ils s'opposeraient à de telles propositions.

---

>The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proposals. ]]> 2024-03-22T19:47:43+00:00 https://cyberscoop.com/cybersecurity-minimum-standards-change-healthcare-mark-warner/ www.secnews.physaphae.fr/article.php?IdArticle=8468662 False Legislation,Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le Centre américain de partage et d'analyse de l'information sur la santé (Santé-ISAC) et l'Australian Critical Infrastructure & # 8211;Partage d'informations et ...

---

>The U.S. Health Information Sharing and Analysis Center (Health-ISAC) and the Australian Critical Infrastructure – Information Sharing and... ]]> 2024-03-22T14:32:35+00:00 https://industrialcyber.co/medical/us-australian-healthcare-agencies-sign-mou-to-collaborate-during-cyber-threats-for-australian-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8468527 False Medical None 2.0000000000000000 BHconsulting - Consulting Conseils, conseils, apprentissage et tendances organisés en cybersécurité et en vie privée, tels que choisis par nos consultants.Les titres mondiaux de la saisie des cyber-risques rampants ne cessent de nous rappeler le fort lien entre un incident de cybersécurité et une perte financière.CNN rapporte que les victimes de ransomwares dans le secteur américain de la santé disent qu'ils «sont« de l'argent avec l'hémorragage », car les perturbations affectent leurs opérations quotidiennes.Certains ...

---

>Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Creeping cyber risk grabbing global headlines Ransomware keeps reminding us of the strong connection between a cybersecurity incident and financial loss. CNN reports that ransomware victims in the US healthcare sector say they\'re “haemorrhaging money”, as disruption affects their daily operations. Some ... ]]> 2024-03-21T14:55:04+00:00 https://bhconsulting.ie/security-roundup-march-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8470788 False Ransomware,Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The ICO said it is assessing the reported breach of Kate Middleton\'s medical records at The London Clinic]]> 2024-03-21T12:30:00+00:00 https://www.infosecurity-magazine.com/news/ico-kate-middleton-medical-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8467891 False Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le fournisseur de solutions de cybersécurité pour les fabricants de dispositifs médicaux (MDMS) MedCrypt a annoncé sa participation au Copilot Microsoft pour la sécurité ...

---

>Cybersecurity solution provider for medical device manufacturers (MDMs) Medcrypt announced its participation in the Microsoft Copilot for Security... ]]> 2024-03-21T11:17:18+00:00 https://industrialcyber.co/news/medcrypt-joins-microsoft-copilot-for-security-partner-private-preview-to-boost-cyber-defenses-with-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8467861 False Medical None 2.0000000000000000 The Register - Site journalistique Anglais Unless you want to be the next Change Healthcare, that is The Feds and friends yesterday issued yet another warning about China\'s Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing.…]]> 2024-03-20T10:15:08+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/20/five_eyes_volt_typhoon/ www.secnews.physaphae.fr/article.php?IdArticle=8467248 False Medical Guam 3.0000000000000000 Recorded Future - FLux Recorded Future Des hauts responsables de la Maison Blanche exhortent un groupe UnitedHealth à fournir à ses clients des évaluations détaillées de cybersécurité des tiers de ses systèmes alors qu'elle se remet à partir d'une cyberattaque. & Nbsp;L'attaque des ransomwares contre UnitedHealth Filial Change Healthcare a provoqué l'une des plus grandes crises de soins de santé depuis des années.L'attaque a coupé un lien central entre les fournisseurs médicaux

---

Senior White House officials are urging UnitedHealth Group to provide its customers with detailed third-party cybersecurity assessments of its systems as it recovers from a cyberattack.  The ransomware attack against UnitedHealth subsidiary Change Healthcare has caused one of the biggest healthcare crises in years. The attack cut off a pivotal link between medical providers]]> 2024-03-19T20:32:50+00:00 https://therecord.media/white-house-official-united-health-certification-assessment www.secnews.physaphae.fr/article.php?IdArticle=8466912 False Ransomware,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future Un homme de l'Idaho qui a piraté et extorqué des cliniques médicales et un service de police ont plaidé coupable mardi devant la Cour fédérale de Géorgie à des accusations de fraude et d'abus informatique. & NBSP;Robert Purbeck, qui a utilisé les alias «Lifelock» et «studmaster», a volé les informations personnelles de plus de 130 000 personnes, selon un communiqué du district du Nord

---

An Idaho man who hacked and extorted medical clinics and a police department pleaded guilty on Tuesday in Georgia federal court to charges of computer fraud and abuse.  Robert Purbeck, who used the aliases “Lifelock” and “Studmaster,” stole the personal information of more than 130,000 people, according to a release from the Northern District]]> 2024-03-19T18:42:07+00:00 https://therecord.media/lifelock-hacker-pleads-guilty-to-attacks-on-medical-clinics www.secnews.physaphae.fr/article.php?IdArticle=8466855 False Legislation,Medical None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-03-18T14:14:00+00:00 https://blog.knowbe4.com/healthcare-organizations-be-wary-of-increased-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8466102 False Ransomware,Medical None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-18T12:03:01+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/fbis-ic3-report-losses-cybercrime-surpass-125-billion-new-record www.secnews.physaphae.fr/article.php?IdArticle=8466192 False Ransomware,Threat,Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le secteur américain de la santé continue de faire face à des défis de cybersécurité, à risquer les données et les infrastructures des patients.Les problèmes incluent ...

---

>The U.S. healthcare sector continues to grapple with cybersecurity challenges, risking patient data and infrastructure. Issues include outdated... ]]> 2024-03-17T18:28:53+00:00 https://industrialcyber.co/features/growing-need-to-address-cybersecurity-challenges-across-us-healthcare-sector-for-improved-resilience/ www.secnews.physaphae.fr/article.php?IdArticle=8465560 False Medical None 3.0000000000000000 Dark Reading - Informationweek Branch Whoopsies in Ireland and Scotland speak to a tenuousness of cyber protections for sensitive private healthcare data.]]> 2024-03-15T20:37:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/nhs-breach-hse-bug-expose-healthcare-data-british-isles www.secnews.physaphae.fr/article.php?IdArticle=8464534 False Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future Scottish Health Service dit que la cyberattaque concentrée et en cours \\ 'peut perturber les services NHS Dumfries et Galloway, qui fait partie du système de santé écossais, a annoncé vendredi qu'il était la cible «d'une cyberattaque ciblée et en cours».La nature de l'incident n'a pas encore été divulguée, bien que le Conseil de santé y annonçait «May B

---

Scottish health service says \'focused and ongoing cyber attack\' may disrupt services NHS Dumfries and Galloway, part of the Scottish healthcare system, announced on Friday it was the target “of a focused and ongoing cyber attack.” The nature of the incident has not yet been disclosed, although the health board announced there “may b]]> 2024-03-15T11:30:03+00:00 https://therecord.media/scottish-nhs-cyberattack-healthcare-dumfries-galloway www.secnews.physaphae.fr/article.php?IdArticle=8464321 False Medical None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Healthcare organizations remain firmly in attackers\' crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023]]> 2024-03-15T11:20:38+00:00 https://www.welivesecurity.com/en/videos/healthcare-target-cybercrime-week-security-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8464943 False Ransomware,Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The US government will investigate whether protected healthcare information was breached in the Change Healthcare ransomware attack, and if the firm complied with HIPAA rules]]> 2024-03-14T14:45:00+00:00 https://www.infosecurity-magazine.com/news/us-investigate-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8463832 False Ransomware,Medical None 3.0000000000000000 SecurityWeek - Security News Le HHS examine si les informations de santé protégées ont été compromises dans la violation des données de santé du changement.

---

>The HHS is investigating whether protected health information was compromised in the Change Healthcare data breach. ]]> 2024-03-14T09:51:11+00:00 https://www.securityweek.com/government-launches-probe-into-change-healthcare-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8463679 False Data Breach,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-03-13T23:16:34+00:00 https://www.darkreading.com/ics-ot-security/claroty-team-82-63-of-known-exploited-vulnerabilities-tracked-by-cisa-are-on-healthcare-organization-networks www.secnews.physaphae.fr/article.php?IdArticle=8463462 False Vulnerability,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future Le département américain de la santé et des services sociaux (HHS) lance une enquête sur l'attaque des ransomwares contre les soins de santé du changement après des semaines de perturbation des opérations de santé et de facturation dans les hôpitaux, les cliniques et les pharmacies à travers le pays. & NBSP;Mercredi, le bureau des droits civils (OCR) a publié mercredi une lettre annonçant l'enquête, avec le directeur

---

The U.S. Department of Health and Human Services (HHS) is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country.  The department\'s Office for Civil Rights (OCR) published a letter on Wednesday announcing the investigation, with Director]]> 2024-03-13T20:10:21+00:00 https://therecord.media/hhs-investigating-unitedhealth-after-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8463390 False Ransomware,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the Change Healthcare platform, in late February. [...]]]> 2024-03-13T16:16:32+00:00 https://www.bleepingcomputer.com/news/security/us-govt-probes-if-ransomware-gang-stole-change-healthcare-data/ www.secnews.physaphae.fr/article.php?IdArticle=8463391 False Ransomware,Medical None 2.0000000000000000 IT Security Guru - Blog Sécurité Les recherches révèlent que les infostellers ciblent HealthcareLes données du secteur sont apparues pour la première fois sur gourou de la sécurité informatique .

---

New research by Netskope Threat Labs has revealed that infostealers were the primary malware and ransowmare families used to target the healthcare sector. Healthcare was among the top sectors impacted during 2023 by mega breaches, an attack where over one million records were stolen. The report also examined the continued increase in cloud app adoption […] The post Research Reveals That Infostealers Target Healthcare Sector Data first appeared on IT Security Guru. ]]> 2024-03-13T16:08:29+00:00 https://www.itsecurityguru.org/2024/03/13/research-reveals-that-infostealers-target-healthcare-sector-data/?utm_source=rss&utm_medium=rss&utm_campaign=research-reveals-that-infostealers-target-healthcare-sector-data www.secnews.physaphae.fr/article.php?IdArticle=8463297 False Malware,Threat,Medical,Cloud None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Claroty, une société de protection des systèmes cyber-physiques (CPS), a annoncé mardi la publication de la détection avancée des menaces d'anomalie (ATD) ...

---

>Claroty, a cyber-physical systems (CPS) protection company, announced Tuesday the release of the Advanced Anomaly Threat Detection (ATD)... ]]> 2024-03-13T12:56:50+00:00 https://industrialcyber.co/news/claroty-launches-advanced-anomaly-threat-detection-for-medigate-to-boost-healthcare-cybersecurity-standards/ www.secnews.physaphae.fr/article.php?IdArticle=8463171 False Threat,Medical None 3.0000000000000000 Data Security Breach - Site de news Francais 2024-03-12T15:35:29+00:00 https://www.datasecuritybreach.fr/change-healthcare-finance-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8462706 False Ransomware,Medical None 2.0000000000000000 The Register - Site journalistique Anglais US senator calls cyber attack \'inexcusable,\' calls for mandatory security rules The Biden administration and US lawmakers are turning up the pressure on UnitedHealth group to ease medical providers\' pain after the ransomware attack on Change Healthcare, by expediting payments to hospitals, physicians and pharmacists – among other tactics.…]]> 2024-03-12T00:02:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/12/white_house_pressures_unitedhealth/ www.secnews.physaphae.fr/article.php?IdArticle=8462353 False Ransomware,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future De nouvelles informations rendues publiques par l'État de Californie montrent qu'une partie importante des courtiers de données collecte et vendent des informations sensibles sur des sujets tels que la santé reproductive, ainsi que les données appartenant aux enfants.Sur 480 courtiers de données enregistré auprès de la California Privacy Protection Agency (CPPA), 24 ont indiqué qu'ils vendaient des données appartenant aux mineurs.

---

New information made public by the state of California shows that a significant portion of data brokers collect and sell sensitive information on topics like reproductive health, as well as data belonging to children. Out of 480 data brokers registered with the California Privacy Protection Agency (CPPA), 24 indicated they sell data belonging to minors.]]> 2024-03-08T21:39:30+00:00 https://therecord.media/dozens-of-data-brokers-disclose-selling-info-on-kids-geolocation-data-reproductive-health www.secnews.physaphae.fr/article.php?IdArticle=8460992 False Medical None 3.0000000000000000 The Register - Site journalistique Anglais 2024-03-08T14:33:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/08/change_healthcare_restores_first_system/ www.secnews.physaphae.fr/article.php?IdArticle=8460848 False Ransomware,Medical None 3.0000000000000000 SecurityWeek - Security News Changer Healthcare dit qu'il a fait des progrès significatifs dans la restauration des systèmes touchés par une récente attaque de ransomware.

---

>Change Healthcare says it has made significant progress in restoring systems impacted by a recent ransomware attack. ]]> 2024-03-08T13:35:11+00:00 https://www.securityweek.com/change-healthcare-restores-pharmacy-services-disrupted-by-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8460827 False Ransomware,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future Certains systèmes de Change Healthcare sont fonctionnels à ce vendredi, et d'autres seront en ligne d'ici la mi-mars alors que la réponse continue de cyberattaquer qui a perturbé les opérations pendant des semaines, selon une mise à jour de la société mère UnitedHealth Group.«UnitedHealth Group continue de faire des progrès substantiels dans l'atténuation de l'impact sur les consommateurs et les fournisseurs de soins de

---

Some of Change Healthcare\'s systems are functional as of Friday, and others will be online by mid-March as the response continues to cyberattack that has disrupted operations for weeks, according to an update from parent company UnitedHealth Group. “UnitedHealth Group continues to make substantial progress in mitigating the impact to consumers and care providers of]]> 2024-03-08T13:08:22+00:00 https://therecord.media/change-healthcare-brings-some-systems-online www.secnews.physaphae.fr/article.php?IdArticle=8460823 False Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain Optum\'s Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system. [...]]]> 2024-03-08T12:54:22+00:00 https://www.bleepingcomputer.com/news/security/unitedhealth-brings-some-change-healthcare-pharmacy-services-back-online/ www.secnews.physaphae.fr/article.php?IdArticle=8460910 False Ransomware,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine UnitedHealth said it expects Change Healthcare\'s key systems to be restored by March 18, amid reports it paid a $22m ransom to BlackCat]]> 2024-03-08T11:15:00+00:00 https://www.infosecurity-magazine.com/news/unitedhealth-restore-change/ www.secnews.physaphae.fr/article.php?IdArticle=8460776 False Medical None 3.0000000000000000 The Register - Site journalistique Anglais 2024-03-07T18:34:17+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/07/china_link_change_healthcare_ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8460448 False Ransomware,Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. Department of Health and Human Services (HHS) acknowledges that Change Healthcare, a subsidiary of UnitedHealth Group... ]]> 2024-03-07T12:32:28+00:00 https://industrialcyber.co/medical/hhs-responds-to-change-healthcare-cyberattack-prioritizes-minimizing-healthcare-service-disruptions/ www.secnews.physaphae.fr/article.php?IdArticle=8460307 False Medical None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC AI governance  framework model like the NIST AI RMF to enable business innovation and manage risk is just as important as adopting guidelines to secure AI. Responsible AI starts with securing AI by design and securing AI with Zero Trust architecture principles. Vulnerabilities in ChatGPT A recent discovered vulnerability found in version gpt-3.5-turbo exposed identifiable information. The vulnerability was reported in the news late November 2023. By repeating a particular word continuously to the chatbot it triggered the vulnerability. A group of security researchers with Google DeepMind, Cornell University, CMU, UC Berkeley, ETH Zurich, and the University of Washington studied the “extractable memorization” of training data that an adversary can extract by querying a ML model without prior knowledge of the training dataset. The researchers’ report show an adversary can extract gigabytes of training data from open-source language models. In the vulnerability testing, a new developed divergence attack on the aligned ChatGPT caused the model to emit training data 150 times higher. Findings show larger and more capable LLMs are more vulnerable to data extraction attacks, emitting more memorized training data as the volume gets larger. While similar attacks have been documented with unaligned models, the new ChatGPT vulnerability exposed a successful attack on LLM models typically built with strict guardrails found in aligned models. This raises questions about best practices and methods in how AI systems could better secure LLM models, build training data that is reliable and trustworthy, and protect privacy. U.S. and UK’s Bilateral cybersecurity effort on securing AI The US Cybersecurity Infrastructure and Security Agency (CISA) and UK’s National Cyber Security Center (NCSC) in cooperation with 21 agencies and ministries from 18 other countries are supporting the first global guidelines for AI security. The new UK-led guidelines for securing AI as part of the U.S. and UK’s bilateral cybersecurity effort was announced at the end of November 2023. The pledge is an acknowledgement of AI risk by nation leaders and government agencies worldwide and is the beginning of international collaboration to ensure the safety and security of AI by design. The Department of Homeland Security (DHS) CISA and UK NCSC joint guidelines for Secure AI system Development aims to ensure cybersecurity decisions are embedded at every stage of the AI development lifecycle from the start and throughout, and not as an afterthought. Securing AI by design Securing AI by design is a key approach to mitigate cybersecurity risks and other vulnerabilities in AI systems. Ensuring the entire AI system development lifecycle process is secure from design to development, deployment, and operations and maintenance is critical to an organization realizing its full benefits. The guidelines documented in the Guidelines for Secure AI System Development aligns closely to software development life cycle practices defined in the NSCS’s Secure development and deployment guidance and the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). The 4 pillars that embody the Guidelines for Secure AI System Development offers guidance for AI providers of any systems whether newly created from the ground up or built on top of tools and services provided from]]> 2024-03-07T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/securing-ai www.secnews.physaphae.fr/article.php?IdArticle=8460259 False Tool,Vulnerability,Threat,Mobile,Medical,Cloud,Technical ChatGPT 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-06T13:55:16+00:00 https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bids www.secnews.physaphae.fr/article.php?IdArticle=8459757 False Tool,Threat,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-03-06T01:05:06+00:00 https://community.riskiq.com/article/1fe95f7f www.secnews.physaphae.fr/article.php?IdArticle=8459610 False Ransomware,Spam,Malware,Tool,Threat,Legislation,Medical None 4.0000000000000000 The Register - Site journalistique Anglais As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.…]]> 2024-03-06T00:30:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/06/us_government_change_ransomware_intervention/ www.secnews.physaphae.fr/article.php?IdArticle=8459582 False Ransomware,Medical None 3.0000000000000000 Krebs on Security - Chercheur Américain There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change\'s network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data that Change reportedly paid the group to destroy. Meanwhile, the affiliate\'s disclosure appears to have prompted BlackCat to cease operations entirely.]]> 2024-03-06T00:22:56+00:00 https://krebsonsecurity.com/2024/03/blackcat-ransomware-group-implodes-after-apparent-22m-ransom-payment-by-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8459581 False Ransomware,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch Source code fire sale, stiffing affiliates - are BlackCat admins intentionally burning their RaaS business to the ground? Experts say something\'s up.]]> 2024-03-05T22:20:20+00:00 https://www.darkreading.com/cyberattacks-data-breaches/blackcat-goes-dark-again-reportedly-rips-off-change-healthcare-ransom www.secnews.physaphae.fr/article.php?IdArticle=8459540 False Medical None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Alphv / Blackcat aurait reçu 22 millions de dollars de Change Healthcare avant de directement arnaquer ses affiliés avant un éventuel rebrand.

---

>ALPHV/BlackCat reportedly received $22 million from Change Healthcare before scamming its affiliates ahead of a possible rebrand. ]]> 2024-03-05T20:49:07+00:00 https://cyberscoop.com/ransomware-group-behind-change-healthcare-attack-goes-dark/ www.secnews.physaphae.fr/article.php?IdArticle=8459496 False Ransomware,Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-03-05T19:03:47+00:00 https://community.riskiq.com/article/ed40fbef www.secnews.physaphae.fr/article.php?IdArticle=8459485 False Ransomware,Malware,Tool,Vulnerability,Threat,Studies,Medical,Technical APT 28,ChatGPT,APT 4 2.0000000000000000 Recorded Future - FLux Recorded Future L'impact économique du changement de cyberattaque des soins de santé continue de se concentrer, les experts affirmant que certains grands acteurs de l'industrie - tels que les réseaux d'hôpital et de pharmacie - sont confrontés à des perturbations coûtant plus de 100 millions de dollars par jour.Selon Toby Gouker, un cadre de Cybersecurity Company First Health Advisory.

---

The economic impact of the Change Healthcare cyberattack continues to come into focus, with experts saying some large industry players - such as hospital and pharmacy networks - are facing disruptions costing upwards of $100 million a day. It\'s not necessarily lost money, according to Toby Gouker, an executive at cybersecurity company First Health Advisory.]]> 2024-03-05T18:23:00+00:00 https://therecord.media/cash-flow-disruptions-hospitals-change-healthcare www.secnews.physaphae.fr/article.php?IdArticle=8459456 False Medical None 2.0000000000000000 CrowdStrike - CTI Society When Tahir Ali became CTO and CISO at Montage Health in 2021, he inherited a unique set of cybersecurity challenges. For one, the healthcare sector was getting bombarded with attacks, including distributed denial of service (DDoS), phishing and social engineering attacks.  At the same time, the California-based nonprofit healthcare system was integrating more networked medical […]]]> 2024-03-04T21:23:36+00:00 https://www.crowdstrike.com/blog/montage-health-consolidates-cybersecurity-strategy-with-crowdstrike/ www.secnews.physaphae.fr/article.php?IdArticle=8463759 False Medical None 2.0000000000000000 The Register - Site journalistique Anglais No honor among thieves? ALPHV/BlackCat, the gang behind the Change Healthcare cyberattack, has received more than $22 million in Bitcoin in what might be a ransomware payment.…]]> 2024-03-04T21:01:06+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/04/alphv_ransom_payment/ www.secnews.physaphae.fr/article.php?IdArticle=8458989 False Ransomware,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future L'American Hospital Association accuse la société mère de Change Healthcare - qui, pendant deux semaines, a traité un incident de cybersécurité qui a provoqué des perturbations dans les pharmacies à l'échelle nationale - de ne pas résoudre adéquatement les problèmes auxquels les prestataires de soins sont confrontés à être remboursés pour les services en raison de la suite des problèmes des problèmes de santé pour être remboursé pour les services en raison de laattaque.Vendredi, UnitedHealth Group,

---

The American Hospital Association is accusing the parent company of Change Healthcare - which for two weeks has dealt with a cybersecurity incident that has caused disruptions at pharmacies nationwide - of failing to adequately address the issues healthcare providers face getting reimbursed for services as a result of the attack. On Friday, UnitedHealth Group,]]> 2024-03-04T20:39:11+00:00 https://therecord.media/healthcare-industry-needs-relief-after-change-cyber-incident-hospital-association www.secnews.physaphae.fr/article.php?IdArticle=8458990 False Medical None 3.0000000000000000 Wired Threat Level - Security News The transaction, visible on Bitcoin\'s blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.]]> 2024-03-04T17:41:48+00:00 https://www.wired.com/story/alphv-change-healthcare-ransomware-payment/ www.secnews.physaphae.fr/article.php?IdArticle=8458928 False Ransomware,Medical None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes de cyber-recherche pour la semaine du 4 mars, veuillez télécharger notre bulletin Threat_Intelligence.Les meilleures attaques et violations UnitedHealth Group ont confirmé que sa filiale avait été attaquée par le gang de ransomware Alphv.6 téraoctets de données ont été volés dans l'attaque et Change Healthcare, un intermédiaire crucial entre les pharmacies et les compagnies d'assurance, était [& # 8230;]

---

>For the latest discoveries in cyber research for the week of 4th March, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES UnitedHealth Group confirmed its subsidiary was attacked by the ALPHV ransomware gang. 6 terabytes of data were stolen in the attack, and Change Healthcare, a crucial intermediary between pharmacies and insurance companies, was […] ]]> 2024-03-04T13:59:28+00:00 https://research.checkpoint.com/2024/4th-march-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8458846 False Ransomware,Threat,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million. [...]]]> 2024-03-04T12:44:36+00:00 https://www.bleepingcomputer.com/news/security/blackcat-ransomware-turns-off-servers-amid-claim-they-stole-22-million-ransom/ www.secnews.physaphae.fr/article.php?IdArticle=8458929 False Ransomware,Medical None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les prestataires médicaux subissent une pression financière et les patients sont confrontés à des défis dans le remplissage des ordonnances en raison de l'attaque des ransomwares.

---

>Medical providers are under financial pressure and patients are facing challenges in filling prescriptions due to the ransomware attack. ]]> 2024-03-01T21:36:55+00:00 https://cyberscoop.com/alphv-website-ransomware-attack-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8457701 False Ransomware,Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future Le géant de l'assurance médicale UnitedHealth Group a confirmé jeudi que la cyberattaque affectant les opérations de sa filiale Change Healthcare avait été effectuée par le BlackCat / AlphV Ransomware Group.Après des jours de publication de la même mises à jour en ligne sur un «problème de cybersécurité», modifiez les soins de santéa déclaré jeudi que l'attaque a été «perpétrée par un acteur de menace de cybercriminalité qui a

---

Medical insurance giant UnitedHealth Group confirmed Thursday that the cyberattack affecting the operations of its subsidiary Change Healthcare was carried out by the Blackcat/AlphV ransomware group. After days of posting the same updates online about a “cyber security issue,” Change Healthcare said on Thursday the attack was “perpetrated by a cybercrime threat actor who has]]> 2024-02-29T21:04:18+00:00 https://therecord.media/change-healthcare-ransomware-attack-blackcat-alphv www.secnews.physaphae.fr/article.php?IdArticle=8457183 False Ransomware,Threat,Medical None 2.0000000000000000 ZoneAlarm - Security Firm Blog Au cours des derniers mois, le secteur américain de la santé a été assiégé par une série d'attaques sophistiquées des ransomwares, les hôpitaux à l'échelle nationale confrontés à des perturbations opérationnelles importantes et au compromis des données sensibles des patients.Le coupable derrière cette augmentation des cyber-menaces est le groupe BlackCat Ransomware, également connu sous le nom d'ALPHV, qui a tiré parti des tactiques avancées & # 8230;

---

>In recent months, the US healthcare sector has been under siege by a series of sophisticated ransomware attacks, with hospitals nationwide facing significant operational disruptions and the compromise of sensitive patient data. The culprit behind this surge in cyber threats is the BlackCat ransomware group, also known as ALPHV, which has been leveraging advanced tactics … ]]> 2024-02-29T14:06:18+00:00 https://blog.zonealarm.com/2024/02/fbi-and-cisa-alert-us-hospitals-to-targeted-attacks-by-blackcat-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8456973 False Ransomware,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare]]> 2024-02-29T13:00:00+00:00 https://www.infosecurity-magazine.com/news/healthcare-biggest-target-blackcat/ www.secnews.physaphae.fr/article.php?IdArticle=8456954 False Threat,Medical None 2.0000000000000000 SecurityWeek - Security News Le gang de ransomware Alphv / BlackCat affirme que 6 téraoctets de données ont été volés à la société de technologies de santé Change Healthcare.

---

>The Alphv/BlackCat ransomware gang says 6 terabytes of data were stolen from healthcare technology firm Change Healthcare. ]]> 2024-02-29T11:57:53+00:00 https://www.securityweek.com/blackcat-ransomware-gang-claims-attack-on-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8456953 False Ransomware,Medical None 2.0000000000000000 The Register - Site journalistique Anglais Brags it lifted 6TB of data, but let\'s remember these people are criminals and not worthy of much trust The ALPHV/BlackCat cybercrime gang has taken credit – if that\'s the word – for a ransomware infection at Change Healthcare that has disrupted thousands of pharmacies and hospitals across the US, and also claimed that the amount of sensitive data stolen and affected health-care organizations is much larger than the victims initially disclosed.…]]> 2024-02-29T00:29:15+00:00 https://go.theregister.com/feed/www.theregister.com/2024/02/29/alphv_change_healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8456692 False Ransomware,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator\'s]]> 2024-02-28T18:36:00+00:00 https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456448 False Ransomware,Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future Les pharmacies à travers le pays rencontrent des problèmes pour remplir les ordonnances en raison d'un cyber-incident affectant un conglomérat de soins de santé de plusieurs milliards de dollars impliqués dans le traitement de la moitié de toutes les revendications médicales des États-Unis..com / incidents / hqpjz25fn3n7 "> a annoncé pour la première fois des perturbations à certaines applications tôt mercredi, avant de dire dans l'après-midi que la société« vivait un réseau

---

Pharmacies across the country are running into issues filling prescriptions due to a cyber incident affecting a multibillion-dollar healthcare conglomerate involved in processing half of all medical claims in the U.S. Nashville-based Change Healthcare first announced disruptions to certain applications early on Wednesday, before saying in the afternoon that the company was “experiencing a network]]> 2024-02-22T20:02:28+00:00 https://therecord.media/prescriptions-nationwide-impacted-by-change-healthcare-incident www.secnews.physaphae.fr/article.php?IdArticle=8453835 False Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The incident has impacted numerous Change Healthcare applications, including pharmacy, medical records]]> 2024-02-22T15:15:00+00:00 https://www.infosecurity-magazine.com/news/change-healthcare-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8453732 False Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light-it wasn\'t just computer networks that were brought to a halt, but actual patient]]> 2024-02-21T14:50:00+00:00 https://thehackernews.com/2024/02/cybersecurity-for-healthcarediagnosing.html www.secnews.physaphae.fr/article.php?IdArticle=8453138 False Ransomware,Threat,Medical None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Anyone that utilizes technology in their daily lives understands that it is ever-changing, and the sentiment is especially true within the cybersecurity industry. Adversaries continue to evolve with new tactics to bypass defenses, so it is necessary that the methods of detecting and preventing these threats do so at an even more rapid pace. However, keeping up with all the changes can be quite difficult, even for the most seasoned cybersecurity professional. The way in which we work has changed not just in where but also in how. Today employees conduct business from multiple devices, with some being company-issued and others being privately owned. Sensitive data is being stored across many locations including on these devices, within corporate data centers, and in the cloud. This means that organizations likely need more than one technology to defend their endpoints against security breach or data loss. With cybersecurity vendors marketing a wide range of branded product names for their offers, it may be challenging to determine which are ideal for your particular environment. This article aims to help demystify the various endpoint security technologies you may come across during your research, highlight the primary differences, and explain how they can complement each other. This is not intended to be an exhaustive list and it should be noted that there are some technologies that may fall into more than one category, for example, endpoint and cloud security. Four key endpoint security technologies To begin, let’s define exactly what an endpoint is. At the most fundamental level, an endpoint is any device that connects and exchanges data on a network. That could include traditional desktop and laptop computers, tablets, smartphones, printers, and servers. Endpoints also encompass network appliances like routers, switches, or firewalls, and a wide range of IoT devices such as wearables, security cameras, sensors, and connected medical or manufacturing equipment.​ But we must also think beyond the physical devices and consider virtual machines that host applications and data in public or private clouds. ​Although this may seem trivial, it is important to note because they all represent entry points into the network that can be exploited and opportunities for sensitive data loss. As such, they must all be accounted for when building an endpoint security strategy. The following are some of the more common endpoint security technologies you are likely to encounter: Unified endpoint management (UEM) or mobile device management (MDM): There is a widely accepted concept within the cybersecurity industry that you cannot effectively protect what you can’t see. Therefore, the first step in building a comprehensive endpoint security policy is to inventory all the devices accessing your network, and this can be accomplished with UEM or MDM technologies. The primary difference between the two is that MDM is for iOS and Android operating systems (OS), while UEM includes those OS plus Windows and Mac operating systems--even productivity devices and wearables in some cases. Once the devices are discovered and profiled, administrators will be able to apply consistent security policies across them, regardless of where the endpoint is located. A key feature of both UEM and MDM is that they allow an organization to set standards regarding the security posture of devices accessing the network. For example, rules can be created that a device cannot be jailbroken and must be running on the latest O]]> 2024-02-20T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/a-fundamental-guide-to-endpoint-security www.secnews.physaphae.fr/article.php?IdArticle=8452746 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch To thwart cybercriminals, medical device manufacturers and hospitals must understand each other\'s roles and shared responsibilities in protecting health information.]]> 2024-02-08T15:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/how-hospitals-can-help-improve-medical-device-data-security www.secnews.physaphae.fr/article.php?IdArticle=8448048 False Medical None 3.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

Three quarters of Healthcare organisations would relinquish control for quicker decision making on cyber threats, finds new report - Special Reports]]> 2024-02-05T12:42:48+00:00 https://www.globalsecuritymag.fr/three-quarters-of-healthcare-organisations-would-relinquish-control-for-quicker.html www.secnews.physaphae.fr/article.php?IdArticle=8446903 False Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le centre de coordination de la cybersécurité du secteur de la santé (HC3) dans le département américain de la santé & # 38;Services humains (HHS) émis ...

---

>The Health Sector Cybersecurity Coordination Center (HC3) in the U.S. Department of Health & Human Services (HHS) issued... ]]> 2024-01-23T15:36:45+00:00 https://industrialcyber.co/medical/hc3-warns-healthcare-sector-of-unauthorized-access-threats-from-screenconnect-tool/ www.secnews.physaphae.fr/article.php?IdArticle=8442167 False Tool,Medical None 3.0000000000000000 AhnLab - Korean Security Firm Ahnlab Security Intelligence Center (ASEC) a découvert que plusieurs souches de malware smokeloder sont distribuées au gouvernement ukrainien etentreprises.Il semble que le nombre d'attaques ciblant l'Ukraine ait récemment augmenté.Les objectifs confirmés jusqu'à présent comprennent le ministère ukrainien de la Justice, les institutions publiques, les compagnies d'assurance, les institutions médicales, les entreprises de construction et les entreprises de fabrication.L'e-mail distribué suit le format illustré à la figure 1 écrite en ukrainien.Le corps comprenait des informations liées à une facture, incitant le lecteur à exécuter ...

---

AhnLab SEcurity intelligence Center (ASEC) discovered that multiple SmokeLoader malware strains are being distributed to the Ukrainian Government and companies. It seems that the number of attacks targeting Ukraine has increased recently. The targets confirmed so far include the Ukrainian Department of Justice, public institutions, insurance companies, medical institutions, construction companies, and manufacturing companies. The distributed email follows the format shown in Figure 1 written in Ukrainian. The body included information related to an invoice, prompting the reader to execute... ]]> 2024-01-19T00:32:31+00:00 https://asec.ahnlab.com/en/60703/ www.secnews.physaphae.fr/article.php?IdArticle=8441452 False Malware,Medical None 3.0000000000000000 Wired Threat Level - Security News More than 4 million school records, including safety procedures, student medical files, and court documents, were also publicly accessible online.]]> 2024-01-11T12:00:00+00:00 https://www.wired.com/story/us-school-shooter-emergency-plans-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8437841 False Medical None 4.0000000000000000 SecurityWeek - Security News Les informations compromises comprennent les noms, les coordonnées, les dates de naissance, les informations sur la santé, les détails du traitement médical, les numéros de sécurité sociale et les dossiers des employés.

---

>The compromised information includes names, contact information, dates of birth, health information, medical treatment details, Social Security numbers, and employee records. ]]> 2024-01-10T17:13:00+00:00 https://www.securityweek.com/hmg-healthcare-says-data-breach-impacts-40-facilities/ www.secnews.physaphae.fr/article.php?IdArticle=8437583 False Data Breach,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic, which was previously known as X-Mode Social, from sharing or selling any sensitive location data with third-parties. The ban is part of a settlement over allegations that the company "sold precise location data that could be used to track people\'s visits to sensitive locations such as medical and]]> 2024-01-10T14:17:00+00:00 https://thehackernews.com/2024/01/ftc-bans-outlogic-x-mode-from-selling.html www.secnews.physaphae.fr/article.php?IdArticle=8437452 False Medical None 3.0000000000000000 Dark Reading - Informationweek Branch Threat actors leave medical centers with the difficult choice of paying the ransom or witnessing patients suffer the consequences.]]> 2024-01-08T18:22:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/swatting-latest-extortion-tactic-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8436755 False Ransomware,Threat,Medical None 3.0000000000000000 The Register - Site journalistique Anglais Remember the good old days when ransomware crooks vowed not to infect medical centers? Extortionists are now threatening to swat hospital patients - calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims\' homes - if the medical centers don\'t pay the crooks\' ransom demands.…]]> 2024-01-05T21:54:33+00:00 https://go.theregister.com/feed/www.theregister.com/2024/01/05/swatting_extorion_tactics/ www.secnews.physaphae.fr/article.php?IdArticle=8435314 False Ransomware,Threat,Medical None 4.0000000000000000 Dark Reading - Informationweek Branch IoT surge across the Middle East spawns demand for more secure devices in business, healthcare, and energy.]]> 2024-01-05T18:30:00+00:00 https://www.darkreading.com/ics-ot-security/dubai-us-deal-aims-secure-medical-iot-devices-middle-east www.secnews.physaphae.fr/article.php?IdArticle=8435244 False Medical None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Antoinette Hodes est un architecte mondial de solutions, spécialisée dans l'IoT, et sert d'évangéliste au bureau de point de contrôle du CTO.Elle travaille en tant qu'ingénieur depuis plus de 25 ans et est une architecte de solutions de sécurité expérimentée dans l'industrie de la cybersécurité.L'Internet des choses médicales, IOMT a révolutionné l'industrie des soins de santé.En connectant les dispositifs médicaux, les capteurs et autres équipements à Internet, les hôpitaux peuvent améliorer les soins aux patients, réduire les coûts et améliorer l'efficacité.Maintenant, dans le passé, les hôpitaux de l'ère covide étaient en sous-effectif, et si cela requis de la distanciation sociale requis, la solution IoT était la réponse à [& # 8230;]

---

>Antoinette Hodes is a Global Solutions Architect, specializing in IoT, and serves as an Evangelist with the Check Point Office of the CTO. She has worked as an engineer in IT for over 25 years and is an experienced security solutions architect in the cyber security industry. The Internet of Medical Things, IoMT has revolutionized the healthcare industry. By connecting medical devices, sensors, and other equipment to the internet, hospitals can improve patient care, reduce costs, and improve efficiency. Now in the past COVID era hospitals were understaffed, and if present required social distancing, IoT solution were the answer to […] ]]> 2024-01-05T13:00:25+00:00 https://blog.checkpoint.com/security/iot-the-key-to-connected-care-excellence/ www.secnews.physaphae.fr/article.php?IdArticle=8435095 False Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine HealthEC said that sensitive medical data was exposed in the breach, which is now thought to have impacted 4.5 million people]]> 2024-01-04T14:00:00+00:00 https://www.infosecurity-magazine.com/news/healthec-breach-millions-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8434419 False Data Breach,Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le US Government Accountability Office (GAO) a recommandé la Food and Drug Administration (FDA) et la cybersécurité ...

---

>The U.S. Government Accountability Office (GAO) has recommended that the Food and Drug Administration (FDA) and the Cybersecurity... ]]> 2024-01-04T10:21:41+00:00 https://industrialcyber.co/medical/gao-recommends-fda-cisa-update-agreement-to-address-medical-device-cybersecurity-challenges/ www.secnews.physaphae.fr/article.php?IdArticle=8434320 False Medical None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le rapport GAO indique que le pacte de la FDA \\ avec CISA sur les protocoles de cybersécurité pour les dispositifs médicaux a cinq ans et doit être mis à jour.

---

>GAO report says FDA\'s pact with CISA on cybersecurity protocols for medical devices is five years old and needs to be updated. ]]> 2024-01-02T16:40:20+00:00 https://fedscoop.com/fda-cisa-medical-devices-cybersecurity-agreement-updated-gao/ www.secnews.physaphae.fr/article.php?IdArticle=8433033 False Medical None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC AT&T along with AST-Science successfully made a call. Well, in the 21st century that’s not very “Mr. Watson, come here. I want to see you.”, but this call was on another level, or as one could say, out of this world! To back up a bit, telecommunications as we know it has been a terrestrial endeavor since those words were uttered by Dr. Alexander Graham Bell to Mr. Watson. While we are all too familiar with the telephone poles and cables outside our homes, alongside highways (at least as my mom remembers), and train lines (from my grandfather), there are in fact an additional 745,645 miles of cables in the ocean floor connecting various countries. Why are these bits of cable important, you may ask? Well, as much as we may love our movies and media and their portrayal of communication between 2 super villains using phones that bounce signals off various satellites and detour them to different countries to set off a countdown of a doomed nuclear missile countdown, the reality is that the longest distance your wireless signal travels from your mobile phone is to your closest cell phone tower. Let me repeat that again-when you call your friends to your house for “Thanksgiving leftover pizza” the longest distance the wireless signal travels from your mobile phone is to your closest cell phone tower. No bouncy-bouncy, no detours. Sorry Hollywood! Hello, practical physics! If that didn’t make you question reality, let me explain this (consider this my PSA for the day!) a little more. Each time you pick up your mobile phone to make a call, your analog voice is converted to digital (that Matrix style 0’s and 1’s) and sent via electromagnetic waves through your phone\'s antenna to the closest cell phone tower. From the tower, these waves are converted to light pulses (I know this is more fun than the bouncy-bouncy!!) which are then carried at the speed of light via underground optical fiber cables (see I told you those cables were important) to the destination cell tower where they are converted back to electromagnetic waves and sent to the mobile phone of the person you are calling and converted back to analog-all in a split second. Now there is other fun stuff happening, like locating the cell phone, knowing if the phone is busy, and worrying about frequency bandwidths, but hey, I am taking a little bit of Hollywood artistic license here. Not to mention, I have completely skipped voice-over internet/data. But we do have to get back to AT&T and AST. According to their website, AST SpaceMobile is building the first and only global cellular broadband network in space to operate directly with standard, unmodified mobile devices based on an over 2600 IP and patent portfolio. In 2022, AST launched “Bluewalker3” satellite to communicate directly with unmodified mobile phones, with a future goal of launching multiple commercial satellites aptly named “BlueBirds”-well, kudos to whoever came up with the names, competitively speaking that is, without naming names. While September 2023 was n]]> 2024-01-02T14:58:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/cord-cutting-cables-that-you-didnt-know-about www.secnews.physaphae.fr/article.php?IdArticle=8432999 False Mobile,Medical,Commercial None 3.0000000000000000 Recorded Future - FLux Recorded Future La série de cyberattaques dommageables contre les établissements de santé américains s'est poursuivie cette semaine alors qu'un incident a éliminé le système de dossiers de santé électronique dans un hôpital du Massachusetts et a fait que l'établissement refuse les ambulances le jour de Noël.L'hôpital Anna Jaques, à environ 35 miles au nord de Boston, était «ouvert à tous les patients» vendredi car il

---

The string of damaging cyberattacks against U.S. healthcare facilities continued this week as an incident knocked out the electronic health records system at a Massachusetts hospital and caused the facility to turn away ambulances on Christmas Day. Anna Jaques Hospital, about 35 miles north of Boston, was “open to all patients” on Friday as it]]> 2023-12-29T19:30:00+00:00 https://therecord.media/cyberattack-on-massachusetts-hospital-disrupted-health-record-system www.secnews.physaphae.fr/article.php?IdArticle=8430929 False Guideline,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack that\'s now stored on the servers of a Boston cloud storage company. [...]]]> 2023-12-29T15:20:27+00:00 https://www.bleepingcomputer.com/news/security/hospitals-ask-courts-to-force-cloud-storage-firm-to-return-stolen-data/ www.secnews.physaphae.fr/article.php?IdArticle=8430945 False Ransomware,Legislation,Medical,Cloud None 3.0000000000000000 ProofPoint - Firm Security 2023-12-29T14:34:43+00:00 https://www.proofpoint.com/us/newsroom/news/2024-healthcare-cybersecurity-mastering-fundamentals www.secnews.physaphae.fr/article.php?IdArticle=8431210 False Guideline,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future Un nouveau rapport du National Institute of Standards and Technology (NIST) sur la cybersécurité des données génomiques a trouvé des lacunes de confidentialité majeures dans la façon dont les données sont générées, stockées et partagées.The paper argues that a NIST privacy framework focusing on the uniqueness of genomic data sensitivity should be established to help organizations that aggregateles données

---

A new National Institute of Standards and Technology (NIST) report on the cybersecurity of genomic data found major privacy gaps in how the data is generated, stored and shared. The paper argues that a NIST privacy framework focusing on the uniqueness of genomic data sensitivity should be established to help organizations that aggregate the data]]> 2023-12-21T17:15:00+00:00 https://therecord.media/nist-identifies-privacy-gaps-genomic-data www.secnews.physaphae.fr/article.php?IdArticle=8426910 False Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future Des millions de personnes aux États-Unis ont vu leurs informations exposées à la suite d'une attaque de ransomware contre une entreprise qui fournit des logiciels aux hôpitaux et aux services médicaux d'urgence.Dans des documents déposés auprès de plusieurs régulateurs de l'État, les solutions ESO basées à Austin ont déclaré qu'elle avait «détecté et arrêté» une attaque de ransomware «sophistiquée» le 28 septembre mais a déterminé le 23 octobre que le

---

Millions of people across the U.S. had their information exposed following a ransomware attack on a company that provides software to hospitals and emergency medical services. In documents filed with several state regulators, Austin-based ESO Solutions said it “detected and stopped” a “sophisticated” ransomware attack on September 28 but determined on October 23 that the]]> 2023-12-20T15:45:00+00:00 https://therecord.media/nearly-three-mil-affected-ransomware-medtech www.secnews.physaphae.fr/article.php?IdArticle=8426180 False Ransomware,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud.  These applications contain a wealth of data, from minimally sensitive general]]> 2023-12-18T20:10:00+00:00 https://thehackernews.com/2023/12/top-7-trends-shaping-saas-security-in.html www.secnews.physaphae.fr/article.php?IdArticle=8424859 False Prediction,Medical,Cloud None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Surveillance non contrainte : Les législateurs ont noté les pharmacies & # 8217;Politiques de publication des dossiers médicaux à une lettre datée mardi au ministère de la Santé et des services humains(HHS) Secrétaire Xavier Becerra.La lettre & # 8212; signée par le sénateur Ron Wyden (D-Ore.), Le représentant Pramila Jayapal (D-Wash.), Et la représentante Sara Jacobs (D-Calif.) & # 8212;Briefings avec huit grands fournisseurs de médicaments sur ordonnance. Ils comprennent les sept plus grandes chaînes de pharmacies du pays: CVS Health, Walgreens Boots Alliance, Cigna, Optum RX, Walmart Stores, Inc., The Kroger Company et Rite Aid Corporation.Les législateurs ont également parlé avec Amazon Pharmacy ...

---

More unconstrained surveillance: Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.), and Rep. Sara Jacobs (D-Calif.)—said their investigation pulled information from briefings with eight big prescription drug suppliers. They include the seven largest pharmacy chains in the country: CVS Health, Walgreens Boots Alliance, Cigna, Optum Rx, Walmart Stores, Inc., The Kroger Company, and Rite Aid Corporation. The lawmakers also spoke with Amazon Pharmacy...]]> 2023-12-18T15:37:14+00:00 https://www.schneier.com/blog/archives/2023/12/police-get-medical-records-without-a-warrant.html www.secnews.physaphae.fr/article.php?IdArticle=8424845 False Medical None 3.0000000000000000 Dark Reading - Informationweek Branch Health professionals and patients in underserved areas to benefit from free, easy, and safe access to top medical specialists.]]> 2023-12-14T22:00:00+00:00 https://www.darkreading.com/cloud-security/swinfen-charitable-trust-uva-health-telemedicine-ai-and-mitre-collaborate-on-secure-global-health-telemedicine www.secnews.physaphae.fr/article.php?IdArticle=8422885 False Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial A report from GlobalData addressed the rapid integration of new technology and digital health devices into healthcare systems... ]]> 2023-12-14T15:50:22+00:00 https://industrialcyber.co/news/globaldata-predicts-1-1-billion-growth-in-medical-device-cybersecurity-market-amid-rising-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8422702 False Medical None 2.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

According to the recent report, Cybersecurity in Medical Devices, the market for cybersecurity in medical devices is expected to grow at a CAGR of 12.2% between 2022 and 2027, reaching $1.1 billion, forecasts GlobalData, a leading data and analytics company. - Special Reports]]> 2023-12-14T09:18:02+00:00 https://www.globalsecuritymag.fr/GlobalData-predicts-1-1-billion-growth-in-medical-device-cybersecurity-market.html www.secnews.physaphae.fr/article.php?IdArticle=8422531 False Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Let\'s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum?  Surprisingly, it\'s the EHR, and the difference is stark: according to a study, EHRs can sell for up to $1,000 each, compared to a mere $5 for a credit card number and $1 for a social]]> 2023-12-12T23:39:00+00:00 https://thehackernews.com/2023/12/unveiling-cyber-threats-to-healthcare.html www.secnews.physaphae.fr/article.php?IdArticle=8421650 False Studies,Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future Le Département américain de la Santé et des Services sociaux (HHS) a accepté un Settlement de 480 000 $ avec le groupe médical basé en Louisiane Lafourche Medical Group à la suite d'une cyberattaque de 2021 qui a exposé les informations sensibles de près de 35 000 personnes.En plus de la sanction monétaire, la société a accepté de subir des audits périodiques de HHS pendant deux ans.HHS a noté

---

The U.S. Department of Health and Human Services (HHS) agreed to a settlement of $480,000 with Louisiana-based medical group Lafourche Medical Group following a 2021 cyberattack that exposed the sensitive information of nearly 35,000 people. In addition to the monetary penalty, the company agreed to undergo periodic audits by HHS for two years. HHS noted]]> 2023-12-11T11:00:00+00:00 https://therecord.media/hhs-agrees-to-settlement-with-louisiana-group-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8420987 False Data Breach,Medical None 2.0000000000000000