Cybercrimeinfo.nl reports: Hackers have spent three weeks trying to break into the ICT environment of Gelre hospitals. They failed to loot privacy-sensitive data or other information. As a precaution, the healthcare institutions have increased the security measures. Gelre Hospitals (Dutch: Gelre Ziekenhuizen) is a group of hospitals comprising hospitals in Apeldoorn and Zutphen, and an outpatient clinic…
Here’s how information stealers pose a threat beyond ransomware
From Intel 471: Ransomware is a top threat that security teams should be tailoring their systems to defend against. But in order to do so, they may need to look further than the ransomware itself. And by widening that scope, these teams may protect their enterprise beyond the damage that ransomware can cause. The activity…
Conti ransomware prioritizes revenue and cyberinsurance data theft
Lawrence Abrams points us to some interesting findings by Advanced Intel, who pored through the Conti manuals and materials recently dumped by a disgruntled affiliate. An interesting tactic used by the ransomware gang is using the legitimate Atera remote access software as a backdoor for continued persistence. When conducting an attack, ransomware operations commonly deploy…
Secret terrorist watchlist with 2 million records exposed online
Ax Sharma reports: A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. Read more on BleepingComputer. The government wouldn’t respond to inquiries by BleepingComputer as to whether this was the government’s Terrorist Screening Center list, and whether…
Healthcare provider expected to lose $106.8 million following ransomware attack
Sometimes (but not always), breaches have steep consequences. Catalin Cimpanu reports: Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. “Operating revenues and operating expenses for the quarter ended…
Exclusive: Attack on HVAC vendor gave threat actor access to Boston Children’s Hospital
If you think about “supply chain attack” and “HVAC,” you will probably immediately think of the headline-making Target breach of 2013. But that wasn’t the only breach via a third-party HVAC vendor. Just this month, several hospitals in Boston may have narrowly escaped potentially serious breaches when their HVAC vendor was hacked and the threat…