Skip to main content

Cybersecurity Update
- Aurora Medical Center Bay Area of Marinette, WI notified an unknown number of patients that their PHI was exposed after an email phishing attack.
- Beaumont Health of Detroit, MI notified 112,000 patients that their PHI was exposed after an email phishing attack.
- Brandywine Counseling of Wilmington, DE, notified an unknown number of patients that their PHI was exposed after ransomware attack.
- The Horst Gortz Institute reports it found security vulnerability in Xilinx FPGA (field programmable gate array) chips commonly used in control systems, could data centers, cellular base stations, medical devices and aviation systems
- Microsoft is warning customers of an uptick in malware attacks using Trickbot to deliver ransomware.
- PrimoHoagies Inc., headquartered in Westville, NJ, with locations in 8 states on East Coast, notified customers that their card payment info was exposed after hacking incident.
- Cognizant Inc., a national managed IT services headquartered in Teaneck, NJ, notified an unknown number of customers that their info may have been exposed after a Maze ransomware attack.
- Banner Health agreed to pay $8.9 million to settle claims made after breach exposed PHI of 2.9 million patients.
- Mercy Health of Muskegon, Michigan announced that it had fired a nurse named Justin Howe after illegally accessing the PHI of multiple patients.
- CTI League announced it has struck down more than 2800 cybercriminal assets on the Internet and identified 2000 security vulnerabilities in healthcare organizations
- Bloomberg News reports a 4300% increase in spam email related to COVID-19.
- Google reports that more than 4300 domains related to federal stimulus packages, many of them are malicious as hackers try to cash in on COVID-19 pandemic.
- Trustwave reports on 2019 cybersecurity:
o 18% of network compromises in U.S. were ransomware, up 4%
o 17% of attacks focused on financial data
o Attackers were able to work inside the network for average of 86 days
o 28% of email was spam
- The Small Business Administration notified 7,913 businesses that their info was compromised after a breach.
- Bitdefender is reported that a spearfishing campaign named “Agent Tesla” is targeting oil and gas companies.
o Goal is to plant malware in networks to extract valuable info.
- Confiant Security published report stating that 60 Revive ad servers have been compromised by the Tag Barnackle hacker group to insert malicious ads into online ad inventory to direct unsuspecting viewers to malware download sites.
- Nintendo has notified an unknown number of its video gaming users that their accounts have been hacked.
- Nathan Wyatt (aka Crafty ****ney) has been charged in Eastern District of Missouri Court for his alleged role in hacking attempts by thedarkoverlord.
o Pleaded not guilty to charge of blackmailing healthcare providers
o Trial scheduled for 6/15/2020
- Hackers using computer fans to steal data?
o The Ben-Gurion University in Israel is reporting that hackers can steal data by listening to the vibrations of the computer’s cooling fans.
o Using AiR-ViBeR malware, can encode binary info and modulate it over low frequency vibrational carrier
o Vibrations then sensed and decoded by a nearby smartphone that also has been infected with malware
- The Southern Ute Indian Tribe in Colorado is reporting that the U.S. Treasury Department leaked info on its members by inadvertently exposing it on the web.
- The City of Torrance, CA notified its citizens that their info may have been exposed after a ransomware attack.
- Hackers posted nearly 25,000 email addresses and passwords that belonged to employees of the World Health Organization, National Institutes of Health and The Gates Foundation.
- Sodinokibi ransomware has hit SeaChange, a video delivery software company based in Massachusetts.
o The hackers posted stolen data -- including a bank statement, insurance certificates and a driver's license -- from the company, which services the BBC, Cox, DirecTV, DISH and Verizon.
- ZDNET has identified 9 different hacking groups that will expose confidential info from companies/organizations if they do not pay a ransom after a ransomware attack:
o CLOP, DopplePaymer, Maze, Netfilim, Nemty, RagnarLocker, REvil Sodinokibi, Sekhmet, Snatch

If you like something I've posted please feel free to click the "like" button!

Original Post

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×