Private, vetted email list for mental health professionals: clinicians-exchange.org
Open LEMMY instance for all mental health workers: lem.clinicians-exchange.org
.
DATE:
September 11, 2023 at 11:05AM
.
TITLE:
Ransomware group claims responsibility for 2 hospital cyberattacks
.
URL:
beckershospitalreview.com/cybe

<p>Rhysida ransomware group has claimed responsibility for the cyberattacks on Culver City, Calif.-based <a href="beckershospitalreview.com/cybe" target="_blank" rel="noopener">Prospect Medical Holdings</a> and Ocean Springs, Miss.-based <a href="beckershospitalreview.com/cybe" target="_blank" rel="noopener">Singing River Health System</a>, <a href="securityaffairs.com/150585/cyb" target="_blank" rel="noopener"><em>Security Affairs</em></a> reported Sept. 10.&nbsp;&nbsp;&nbsp;</p>

.
.
@infosec

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #hipaa #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords #telehealth #netneutrality #socialengineering

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
135 followers · 204 posts · Server ioc.exchange

This is a great article on Lateral Movement for beginners and experienced analysts. The Analyst1 team not only provides details on what it is and how to detect it but provide steps adversaries may take before and after attempting to laterally move as well as attacks that use it. A great read for a Saturday morning! Enjoy and Happy Hunting!

What Is Lateral Movement in Cybersecurity & How Do You Detect It?
analyst1.com/what-is-lateral-m

#cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
135 followers · 203 posts · Server ioc.exchange

Happy Friday everyone, I hope everyone had a successful week!

The Elastic Security Labs research team takes a deep dive into the loader and highlight the updates and what remains consistent. Armed with an upgraded hashing algorithm it still likes to hide its code in legitimate libraries, which ends up defeating some machine-learning models.

Revisting BLISTER: New development of the BLISTER loader
Elastic Security Labs dives deep into the recent evolution of the BLISTER loader malware family.
elastic.co/security-labs

MITRE ATT&CK TTPs (Thanks to the Elastic Team):
TA0005 - Defense Evasion
T1218.011 - System Binary Proxy Execution: Rundll32
T1480.001 - Execution Guardrails: Environmental Keying
T1036 - Masquerading
T1055.012 - Process Injection: Process Hollowing

TA0003 - Persistence
T1547.001 - Boot or Logon Autostart Execution: Registry Run Keys/ Startup Folder

#blister #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday

Last updated 1 year ago

Private, vetted email list for mental health professionals: clinicians-exchange.org
Open LEMMY instance for all mental health workers: lem.clinicians-exchange.org
.
DATE:
September 07, 2023 at 04:25PM
.
TITLE:
Tennessee hospital pays $1.5M to resolve data breach lawsuit
.
URL:
beckershospitalreview.com/cybe

<p>Knoxville-based East Tennessee Children's Hospital agreed to pay $1.55 million to resolve claims that it failed to protect patient information in a March 2022 data breach, <a href="topclassactions.com/lawsuit-se" target="_blank" rel="noopener"><em>Top Class Actions</em></a> reported Sept. 7.</p>

.
.
@infosec

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #hipaa #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords #telehealth #netneutrality #socialengineering

Last updated 1 year ago

Marcus Hutchins at Malwaretech posted about a new "feature" of Chrome that reports to 3rd parties what websites you visit.

This means YOUR CLIENTS can have the URLs of your TELEHEALTH system reported to 3rd parties.

So -- for example, if you use Psychology Today for telehealth, they will know the client is seeing a mental health professional. If you use Zoom, they will LIKELY just know the client went on a Zoom call -- but then you have a unique Zoom URL link, so its possible someone will bother to catalogue that your particular Zoom link is medical. So, again, same problem.

This is not a HIPAA problem under your control, but perhaps some client education on browser privacy settings is in order?

infosec.exchange/@malwaretech/

For people who for some reason still want to use Chrome:
Settings > Privacy >Ad privacy, then just toggle everything off.

@infosec

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #hipaa #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords #telehealth #netneutrality #socialengineering

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
134 followers · 201 posts · Server ioc.exchange

Summary:
The Cisco Talos Intelligence Group has identified a campaign that has been running since November 2021 that targets victims who deal with 3-D modeling and graphic design. Most of the victims appeared to deal with businesses in the French language-dominant countries. The targets appeared to be in roles and businesses that require the use of high GPU specifications as they are attractive targets for illicit crypto mining.

I hope you enjoy and Happy Hunting!

Cybercriminals target graphic designers with GPU miners
blog.talosintelligence.com/cyb

#cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
134 followers · 201 posts · Server ioc.exchange

Good day all! The Computer Emergency Response Team of Ukraine, CERT-UA reports on a targeted attack attributed to they observed on critical energy infrastructure facility in Ukraine. It started with a email that contained a link to an archive that led to a downloaded zip file that contained three decoy JPGs and a bat file that would run on the victims computer. The BAT file would, again, open some decoy web pages, but more importantly would create a .bat and .vbs file. There was some discovery commands issued, TOR program downloaded and hidden on the victim's computer as a hidden service, and abused common ports (445,389,3389,443). Last but not least, a PowerShell script was used to collect the password hash of the account. Enjoy and Happy Hunting!

cert.gov.ua/article/5702579

#apt28 #phishing #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday #certua

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
130 followers · 196 posts · Server ioc.exchange

Does anyone else enjoy a 40 page intel report to start their morning? Well, here it is!

The Morphisec research team provides an in-depth technical report on the $ malware. First discovered by Cybereason, the malware was seen targeting e-commerce customers in Latin America and now is on its 4th generation and has received some upgrades which include increases stealth capabilities and a shift to . The malware includes 7 different modules which exhibit different behaviors. I won't spoil the rest of the fun, you're going to have to read on for yourself (honestly I couldn't fit all the relevant details in here there are so many!). Enjoy and Happy Hunting!

Threat Profile: Chae$ 4 Malware
morphisec.com/hubfs/Morphisec_

#chae #python #cyborgsecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
130 followers · 197 posts · Server ioc.exchange

While most of us celebrate Labor Day let's all try to take a moment to remember those who don't get to spend time with their loved ones today, wherever they may be and whatever they may be doing!

I don't know how this report slid under my radar but the ESET researched team unveil a "Marioesque" themed adversary, ! They are a cyberespionage group that targets foreign embassies in Belarus with the use of their ISP level access and their tools and . Using their (assumed) unique level of access, they compromise their targets by redirecting them to a fake update site which loads JavaScript code then leads to a zip file being downloaded. The team wasn't able to get the zip file, but they were still able to identify some TTPs and abuse, such as creating a malicious scheduled task. I hope you enjoy and Happy Hunting!

#moustachedbouncer #Nightclub #disco #microsoft #lolbins #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday #laborday

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
128 followers · 193 posts · Server ioc.exchange

Good day everyone! The Microsoft Threat Intelligence team has discovered activity from a group known as . They are a nation-state group from China that targeted organizations in Taiwan. While the group leverages tools that are commonly used, like , , and , they also rely on abusing , or Living-off-the-land binaries and scripts (tools that exist and come with the native operating system). Some of their TTPs include using registry key modification for persistence, using , , or to download tools, and accessing process memory and Security Account Manager registry hive for credential access. This is a great article that not only provides high-level details but it provides a starting point for any organization to start threat hunting by using the technical details provided! Enjoy your weekend and !

#powershell #certutil #bitsadmin #Lsass #happyhunting #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #readoftheday #flaxtyphoon #ChinaChopper #metasploit #mimikatz #lolbins

Last updated 1 year ago

CitizenFortress · @CitizenFortress
20 followers · 583 posts · Server social.chiefgyk3d.com
Just Another Blue Teamer · @LeeArchinal
124 followers · 189 posts · Server ioc.exchange

Happy Friday everyone! Two weeks ago I put this poll up on LinkedIn to help the community answer the question of: If you are a threat hunter, what roles/skills did you hold or gain to get there! And here are the results! Enjoy and Happy Hunting!

#cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting

Last updated 1 year ago

Vitex · @vitex
111 followers · 1515 posts · Server f.cz

@kayla_eilhart @ondrej Nedavno jsem sebral odvahu a nasadil na svoji infrastrukturu a jsem zděšen! Kdybych každý den opravil jednu věc co se tomu nelíbí, tak nebudu nikdy hotov.

#wazuh #itsecurity

Last updated 1 year ago