Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 11, 2023 at 05:18PM
.
TITLE:
Pennsylvania health system CISO looks to launch ransomware board game
.
URL:
https://www.beckershospitalreview.com/cybersecurity/pennsylvania-health-system-ciso-looks-to-launch-ransomware-board-game.html

<p>Aaron Weismann, the chief information security officer of Radnor Township, Penn.-based Main Line Health, is <a href="https://www.kickstarter.com/projects/827155571/guardians-of-the-grid-a-cybersecurity-tabletop-boardgame/description" target="_blank" rel="noopener">looking</a> to launch Guardians of the Grid, a ransomware board game that simulates a cyberattack.</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 11, 2023 at 11:05AM
.
TITLE:
Ransomware group claims responsibility for 2 hospital cyberattacks
.
URL:
https://www.beckershospitalreview.com/cybersecurity/ransomware-group-claims-responsibility-for-2-hospital-cyberattacks.html

<p>Rhysida ransomware group has claimed responsibility for the cyberattacks on Culver City, Calif.-based <a href="https://www.beckershospitalreview.com/cybersecurity/ransomware-gang-reportedly-selling-prospect-medical-patient-data.html" target="_blank" rel="noopener">Prospect Medical Holdings</a> and Ocean Springs, Miss.-based <a href="https://www.beckershospitalreview.com/cybersecurity/systems-taken-offline-at-mississippi-health-system-due-to-cyberattack.html" target="_blank" rel="noopener">Singing River Health System</a>, <a href="https://securityaffairs.com/150585/cyber-crime/rhysida-ransomware-us-hospitals.html" target="_blank" rel="noopener"><em>Security Affairs</em></a> reported Sept. 10.&nbsp;&nbsp;&nbsp;</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

This is a great article on Lateral Movement for beginners and experienced analysts. The Analyst1 team not only provides details on what it is and how to detect it but provide steps adversaries may take before and after attempting to laterally move as well as attacks that use it. A great read for a Saturday morning! Enjoy and Happy Hunting!

What Is Lateral Movement in Cybersecurity & How Do You Detect It?
https://analyst1.com/what-is-lateral-movement/

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 08, 2023 at 10:49AM
.
TITLE:
Growth in cyberattacks puts patients at risk, AHA says
.
URL:
https://www.beckershospitalreview.com/cybersecurity/growth-in-cyberattacks-puts-patients-at-risk-aha-says.html

<p>A record number of cyberattacks in 2023 is putting patients at risk as attackers knock out services, according to John Riggi, national advisor for the American Hospital Association, <a href="https://www.wsj.com/articles/record-hacks-on-hospitals-endanger-patients-cyber-official-says-25a7ad3b"><em>The Wall Street Journal</em></a> reported Sept. 7.</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 08, 2023 at 10:15AM
.
TITLE:
US hospitals paid $100M to Russian ransomware hackers
.
URL:
https://www.beckershospitalreview.com/cybersecurity/us-hospitals-paid-100m-to-russian-ransomware-hackers.html

<p>The Justice Department revealed U.S. hospitals have paid millions of dollars in ransom to a cybercriminal network with suspected ties to Russian intelligence, according to <a href="https://www.cnn.com/2023/09/07/politics/us-indicts-alleged-cybercriminals/index.html" target="_blank" rel="noopener"><em>CNN</em></a>.</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Happy Friday everyone, I hope everyone had a successful week!

The Elastic Security Labs research team takes a deep dive into the #Blister loader and highlight the updates and what remains consistent. Armed with an upgraded hashing algorithm it still likes to hide its code in legitimate libraries, which ends up defeating some machine-learning models.

Revisting BLISTER: New development of the BLISTER loader
Elastic Security Labs dives deep into the recent evolution of the BLISTER loader malware family.
https://www.elastic.co/security-labs

MITRE ATT&CK TTPs (Thanks to the Elastic Team):
TA0005 - Defense Evasion
T1218.011 - System Binary Proxy Execution: Rundll32
T1480.001 - Execution Guardrails: Environmental Keying
T1036 - Masquerading
T1055.012 - Process Injection: Process Hollowing

TA0003 - Persistence
T1547.001 - Boot or Logon Autostart Execution: Registry Run Keys/ Startup Folder

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 07, 2023 at 04:25PM
.
TITLE:
Tennessee hospital pays $1.5M to resolve data breach lawsuit
.
URL:
https://www.beckershospitalreview.com/cybersecurity/tennessee-hospital-pays-1-5m-to-resolve-data-breach-lawsuit.html

<p>Knoxville-based East Tennessee Children's Hospital agreed to pay $1.55 million to resolve claims that it failed to protect patient information in a March 2022 data breach, <a href="https://topclassactions.com/lawsuit-settlements/open-lawsuit-settlements/east-tennessee-childrens-hospital-etch-data-breach-1-55m-class-action-settlement/" target="_blank" rel="noopener"><em>Top Class Actions</em></a> reported Sept. 7.</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 07, 2023 at 04:03PM
.
TITLE:
1,500 Avera Health patients affected by vendor breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/1-500-avera-health-patients-affected-by-vendor-breach.html

<p>Sioux Falls, S.D.-based Avera Health's imaging vendor, DMS Health Technologies, experienced a cybersecurity event that affected 1,500 of the health system's patients, <a href="https://www.keloland.com/news/local-news/avera-imaging-firm-confirms-data-breach/" target="_blank" rel="noopener"><em>KELO</em></a> reported Sept. 6.&nbsp;</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Marcus Hutchins at Malwaretech posted about a new "feature" of Chrome that reports to 3rd parties what websites you visit.

This means YOUR CLIENTS can have the URLs of your TELEHEALTH system reported to 3rd parties.

So -- for example, if you use Psychology Today for telehealth, they will know the client is seeing a mental health professional. If you use Zoom, they will LIKELY just know the client went on a Zoom call -- but then you have a unique Zoom URL link, so its possible someone will bother to catalogue that your particular Zoom link is medical. So, again, same problem.

This is not a HIPAA problem under your control, but perhaps some client education on browser privacy settings is in order?

https://infosec.exchange/@malwaretech/111019619190896517

For people who for some reason still want to use Chrome:
Settings > Privacy >Ad privacy, then just toggle everything off.

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Summary:
The Cisco Talos Intelligence Group has identified a campaign that has been running since November 2021 that targets victims who deal with 3-D modeling and graphic design. Most of the victims appeared to deal with businesses in the French language-dominant countries. The targets appeared to be in roles and businesses that require the use of high GPU specifications as they are attractive targets for illicit crypto mining.

I hope you enjoy and Happy Hunting!

Cybercriminals target graphic designers with GPU miners
https://blog.talosintelligence.com/cybercriminals-target-graphic-designers-with-gpu-miners/

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 06, 2023 at 04:36PM
.
TITLE:
Hospitals, health systems dealing with cybersecurity incidents
.
URL:
https://www.beckershospitalreview.com/cybersecurity/hospitals-health-systems-dealing-with-cybersecurity-incidents.html

<p>Here are four hospitals and health systems dealing with cyberattacks <em>Becker's</em> has reported on since Aug. 5:</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Good day all! The Computer Emergency Response Team of Ukraine, CERT-UA reports on a targeted attack attributed to #APT28 they observed on critical energy infrastructure facility in Ukraine. It started with a #phishing email that contained a link to an archive that led to a downloaded zip file that contained three decoy JPGs and a bat file that would run on the victims computer. The BAT file would, again, open some decoy web pages, but more importantly would create a .bat and .vbs file. There was some discovery commands issued, TOR program downloaded and hidden on the victim's computer as a hidden service, and abused common ports (445,389,3389,443). Last but not least, a PowerShell script was used to collect the password hash of the account. Enjoy and Happy Hunting!

https://cert.gov.ua/article/5702579

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #CERTUA

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 05, 2023 at 10:32AM
.
TITLE:
Mississippi health system shuts down cyberattack in 17 minutes
.
URL:
https://www.beckershospitalreview.com/cybersecurity/mississippi-health-system-shuts-down-cyberattack-in-17-minutes.html

<p>Tupelo-based North Mississippi Health Services shut down a data breach within 17 minutes of its IT system being accessed, the health system <a href="https://www.nmhs.net/policies-notices/notice-of-data-incident/" target="_blank" rel="noopener">said</a>.</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open LEMMY instance for all mental health workers: https://lem.clinicians-exchange.org
.
DATE:
September 05, 2023 at 09:54AM
.
TITLE:
New York hospitals report cyberattack
.
URL:
https://www.beckershospitalreview.com/cybersecurity/new-york-hospitals-report-cyberattack.html

<p>Two New York hospitals reported a cyberattack on Aug. 31 that disrupted operations, according to a report from <a href="https://www.wwnytv.com/2023/09/04/carthage-area-hospital-claxton-hepburn-outpatient-appointments-rescheduled-no-indication-personal-information-was-compromised-cyber-attack/" target="_blank" rel="noopener"><em>7 News</em></a>.</p>

.
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Does anyone else enjoy a 40 page intel report to start their morning? Well, here it is!

The Morphisec research team provides an in-depth technical report on the #Chae$ malware. First discovered by Cybereason, the malware was seen targeting e-commerce customers in Latin America and now is on its 4th generation and has received some upgrades which include increases stealth capabilities and a shift to #Python. The malware includes 7 different modules which exhibit different behaviors. I won't spoil the rest of the fun, you're going to have to read on for yourself (honestly I couldn't fit all the relevant details in here there are so many!). Enjoy and Happy Hunting!

Threat Profile: Chae$ 4 Malware
https://www.morphisec.com/hubfs/Morphisec_Chae$4_Threat_Profile.pdf

#CyborgSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

While most of us celebrate Labor Day let's all try to take a moment to remember those who don't get to spend time with their loved ones today, wherever they may be and whatever they may be doing!

I don't know how this report slid under my radar but the ESET researched team unveil a "Marioesque" themed adversary, #MoustachedBouncer! They are a cyberespionage group that targets foreign embassies in Belarus with the use of their ISP level access and their tools #NightClub and #Disco. Using their (assumed) unique level of access, they compromise their targets by redirecting them to a fake #Microsoft update site which loads JavaScript code then leads to a zip file being downloaded. The team wasn't able to get the zip file, but they were still able to identify some TTPs and #LOLBINS abuse, such as creating a malicious scheduled task. I hope you enjoy and Happy Hunting!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #LaborDay

Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as #FlaxTyphoon. They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like #ChinaChopper, #MetaSploit, and #Mimikatz, they also rely on abusing #LOLBINS, or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using #powershell, #certutil, or #bitsadmin to download tools, and accessing #LSASS process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and #HappyHunting!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #readoftheday

#it #itadmin #itsecurity #network #networking #cisco #netgear #switch #router #techie #infosec

Happy Friday everyone! Two weeks ago I put this poll up on LinkedIn to help the community answer the question of: If you are a threat hunter, what roles/skills did you hold or gain to get there! And here are the results! Enjoy and Happy Hunting!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting

@kayla_eilhart @ondrej Nedavno jsem sebral odvahu a nasadil na svoji infrastrukturu #wazuh a jsem zděšen! Kdybych každý den opravil jednu věc co se tomu nelíbí, tak nebudu nikdy hotov. #ITSecurity