Trisha Anderson, Ashden Fein and James Yoon of Covington & Burling write: On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware. This guide was published the day before OFAC and FinCEN released their…
FIN11: Widespread Email Campaigns as Precursor for Ransomware and Data Theft
Genevieve Stark, Andrew Moore, Vincent Cannon, Jacqueline O’Leary, Nalani Fraser, and Kimberly Goody of FireEye write: Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN (or financially motivated) threat group for the first time since 2017. We have detailed FIN11’s various tactics, techniques and procedures in a report that is available now by…
Universal Health Services reports restoration of services and its IT network three weeks after massive ransomware attack
Universal Health Services issued an update to its status following a massive ransomware attack on September 27. Here is the full text of their October 12 update: Universal Health Services (UHS) confirms that the UHS IT Network has been restored at Corporate and across all Acute Care hospitals, enabling connections to all major systems and…
Norway accuses Russia over cyber attack on parliament
AFP reports: Norway’s government on Tuesday said that it believes Russia was behind an August cyber attack targeting the email system of the country’s parliament. The attack was detected in August, when Norway announced hackers had attacked the parliament’s email system, gaining access to some lawmakers’ messages. Read more on The Local (No).
Oswego Health: Some patient data potentially exposed
Ken Sturtz reports: Oswego Health has notified an unspecified number of patients about a potential leak of personal information via an employee email account earlier this year. In a letter sent to affected patients, Oswego Health said it had discovered “potential unauthorized access to an employee email account” between June 11 and June 15. The…
WA: Patient records stolen from Edmonds clinic, recovered by police
Brian Soergel reports: On Aug. 31, employees of the Health and Wellness Clinic at 22005 76th Ave. W in Edmonds discovered that a storage room where patient records were kept was broken into, according to the clinic’s Jenni Ricker. The clinic offers “natural medicine and physical care solutions for every lifestyle.” The storage room is…