Carly Page reports: Advanced, an IT service provider for the U.K.’s National Health Service (NHS), has confirmed that attackers stole data from its systems during an August ransomware attack, but refuses to say if patient data was compromised. Advanced first confirmed the ransomware incident on August 4 following widespread disruption to NHS services across the U.K. The attack…
Category: Of Note
Quarter of Healthcare Ransomware Victims Forced to Halt Operations – Report
Trend Micro Incorporated, a global cybersecurity leader, today revealed that 86% of global healthcare organizations (HCOs) that have been compromised by ransomware suffered operational outages. Most (57%) global HCOs admit being compromised by ransomware over the past three years, according to the study. Of these, 25% say they were forced to completely halt operations, while…
Does your risk assessment include drone-delivered exploits?
Greg Linares tweeted a thought-provoking thread that is reminder that what we speculated about in one year comes to pass in another year. His thread begins: This will be a thread discussing a real world breach involving a drone delivered exploit system that occurred this summer Some details I am not able to discuss, however…
UK: Home Office warned after sensitive documents left at London venue
The ICO has issued a formal reprimand to the Home Office, after sensitive documents were found at a public London venue. The documents, which were handed by venue staff to police in September 2021, included two Extremism Analysis Unit Home Office reports and a Counter Terrorism Policing report. The reports contained personal data, including that of…
HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.
Bankrupt Crypto Lender Celsius Reveals Thousands of Users’ Transaction Histories in Court Filing
Will McCurdy reports: Troubled crypto lender Celsius has revealed the names and transaction history of hundreds of thousands of its customers in a court filing. The 14,500-page long document contained information such as customer names, crypto wallet IDs, transaction types and amounts, which services the customer had used, and the types and quantities of tokens held. Read…