For the past few weeks, @Chum1ng0 has been reporting on the Guacamaya hacktivists’ activities. They have already caused some consternation and problems in Mexico and Chile. Now there is an even more concerning aspect to the leaks. Bill Toulas reports: Identities of secret agents working for the Australian Federal Police (AFP) have been exposed after…
Category: Of Note
NHS vendor Advanced won’t say if patient data was stolen during ransomware attack
Carly Page reports: Advanced, an IT service provider for the U.K.’s National Health Service (NHS), has confirmed that attackers stole data from its systems during an August ransomware attack, but refuses to say if patient data was compromised. Advanced first confirmed the ransomware incident on August 4 following widespread disruption to NHS services across the U.K. The attack…
Quarter of Healthcare Ransomware Victims Forced to Halt Operations – Report
Trend Micro Incorporated, a global cybersecurity leader, today revealed that 86% of global healthcare organizations (HCOs) that have been compromised by ransomware suffered operational outages. Most (57%) global HCOs admit being compromised by ransomware over the past three years, according to the study. Of these, 25% say they were forced to completely halt operations, while…
Does your risk assessment include drone-delivered exploits?
Greg Linares tweeted a thought-provoking thread that is reminder that what we speculated about in one year comes to pass in another year. His thread begins: This will be a thread discussing a real world breach involving a drone delivered exploit system that occurred this summer Some details I am not able to discuss, however…
UK: Home Office warned after sensitive documents left at London venue
The ICO has issued a formal reprimand to the Home Office, after sensitive documents were found at a public London venue. The documents, which were handed by venue staff to police in September 2021, included two Extremism Analysis Unit Home Office reports and a Counter Terrorism Policing report. The reports contained personal data, including that of…
HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.