FBI Private Industry Notification PIN 20220912-001 TLP: WHITE Summary The FBI has identified an increasing number of vulnerabilities posed by unpatched medical devices that run on outdated software and devices that lack adequate security features. Cyber threat actors exploiting medical device vulnerabilities adversely impact healthcare facilities’ operational functions, patient safety, data confidentiality, and data integrity….
Category: Commentaries and Analyses
Lorenz ransomware breaches corporate network via phone systems
Sergiu Gatlan reports: The Lorenz ransomware gang now uses a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises, using their phone systems for initial access to their corporate networks. Arctic Wolf Labs security researchers spotted this new tactic after observing a significant overlap with Tactics, Techniques, and Procedures (TTPs) tied to ransomware attacks…
Ransomware gangs switching to new intermittent encryption tactic
Bill Toulas reports: … SentinelLabs has posted a report examining a trend started by LockFile in mid-2021 and now adopted by the likes of Black Basta, ALPHV (BlackCat), PLAY, Agenda, and Qyick. These groups actively promote the presence of intermittent encryption features in their ransomware family to entice affiliates to join the RaaS operation. Read more at…
What’s the impact of ransomware attacks on healthcare entities? Did you ask the people who really know?
Expect some buzz next week about a new report with significant findings about the impact of cyberattacks on patient care and mortality. The study was funded by Proofpoint and conducted independently by Ponemon Institute. The survey addresses important questions about the impact of various types of cyberattacks on patient safety and care. While DataBreaches appreciates…
HEALTHCARE: Still Ransomed – RedSense Fact Sheet
Seen on RedSense.com: Since early 2022, leading security industry experts have made broad estimations that ‘ransomware is on the decline’, but did they properly contextualize their data and findings? Given destabilization from the Russia-Ukraine conflict and tightening U.S. and EU law enforcement activities, ‘ransomware is on the decline’ proponents underestimate their adversaries’ motivations, resiliency, and…
Late notification raises questions about a US Radiology Specialists breach last year
As keen eyes have noticed, two radiology services — Gateway Diagnostic Imaging in Texas and Radiology Ltd in Arizona — recently submitted breach notices to the Montana Attorney General’s Office. Both notices reported an incident in December 2021. But were these separate incidents, or were they both the result of a third-party breach? Both Gateway…