HC3 has published another guidance (TLP:WHITE) for the healthcare sector. In this one, they discuss how the same tools used to operate, maintain and secure healthcare systems and networks can also be turned against their own infrastructure. The paper includes: Cobalt Strike PowerShell Mimikatz Sysinternals Anydesk Brute Ratel Access the paper on HHS.
Search Results for: HCA
Netwalker Affiliate, Sebastian Vachon-Desjardins, Sentenced to 20 years in prison
A Canadian man was sentenced to 20 years in prison and ordered to forfeit $21,500,000 today for his role in NetWalker ransomware attacks. The Court will order restitution at a later date. According to court documents, Sebastian Vachon-Desjardins, 35, of Gatineau, Quebec, participated in a sophisticated form of ransomware known as NetWalker. NetWalker ransomware has…
The Coeur Group notifies patients of data breach
DataBreaches has not seen anything on HHS’s public breach tool, but the Coeur Group in Omaha, Nebraska, published a legal notice about a cybersecurity incident involving patient information. According to their statement, an employee’s email account in Coeur Group’s business email system was compromised between June 7 and July 12, 2022. The breach was discovered on…
US says ex-Army major and his wife tried to leak military health data to Russia
Reuters reports: A former US Army major and his anesthesiologist wife have been criminally charged for allegedly plotting to leak highly sensitive healthcare data about military patients to Russia, the Justice Department revealed on Thursday. Jamie Lee Henry, the former major who was also a doctor at Fort Bragg in North Carolina, and his wife,…
SCOOP: Australian national known as “DR32” to stand trial in U.S. on hacking charges
Australia has ordered an Australian national, David Kee Crees, extradited to the U.S., where he faces 22 counts involving hacking, fraud, and aggravated identity theft. Two of Crees’ better-known aliases were “Abdilo” and “DR32.” “Abdilo” DataBreaches started reporting on Crees in 2015 when he was known to this site as “Abdilo.” At the time, he…
HC3: APT41 and Recent Activity
The Office of Information Security and the Health Sector Cybersecurity Coordination Center (HC3) have published a new threat brief on APT41. The brief is TLP:WHITE. Overview Chinese State-Sponsored Threat Actor Members of APT41 have been actively tracked since 2012 Also Known As: Double Dragon, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie…