Mark Wilson

Photo of author
Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.

North Korean Cyber Group Teams Up with Play Ransomware in Attack

The North Korean cyber group, Jumpy Pisces, recently collaborated with the Play ransomware network in an attacks. The link up is the first recorded instance of North Korean state-backed hackers using an existing ransomware infrastructure, a development with implications for … Read more

Sniper Dz Credential Theft Scams

How Sniper Dz Enables Over 140,000 Credential Theft Scams

In the past year, the phishing-as-a-service (PhaaS) platform known as Sniper Dz has facilitated over 140,000 cyberattacks. The free platform offers tools to help cybercriminals target user credentials, making phishing campaigns easier to launch even for those with limited skills. … Read more

North Corea Sparkling Pisces New Malware

Sparkling Pisces Unleashes New Malware: KLogEXE and FPSpy

Sparkling Pisces is a North Korean threat actor group recognized for its cyberespionage operations and spear-phishing campaigns. Unit 42 researchers recently identified two new malware variants linked to this group, named KLogEXE and FPSpy. These additions to the group’s toolkit … Read more

U.S. Indicts Three Iranians in Trump Campaign Hack

The U.S. Department of Justice recently announced charges against three Iranian operatives accused of hacking into former President Donald Trump’s campaign and leaking confidential documents. The indictment details the hacking operations linked to Iran’s Islamic Revolutionary Guard Corps (IRGC) and … Read more

CrowdStrike’s Apology and the Fallout from the Global IT Outage

The prominent cybersecurity company “CrowdStrike”, recently issued a public apology after a widespread IT outage caused by its Falcon Sensor software update brought many systems to a standstill. Affecting an estimated 8.5 million Windows PCs globally, the incident on July … Read more

PondRAT Backdoor Hidden in Python Packages Hits Developers

Researchers at Unit 42 have uncovered a new campaign that involves the delivery of Linux and macOS backdoors through poisoned Python packages. These packages are uploaded to the popular PyPI repository, and have been linked to a North Korean-affiliated group … Read more

Europol Leads International Effort to Shut Down Phone Unlocking Phishing Scheme

An international criminal network responsible for a large-scale phishing scheme targeting mobile phone credentials has been dismantled in a coordinated operation led by Europol and law enforcement agencies across six countries. The operation, codenamed “Operation Kaerb,” successfully shut down the … Read more

Disney Phasing Out Slack After Massive Data Breach

In July 2024, The Walt Disney Company faced a cybersecurity breach when over 1TB of sensitive data was stolen from its internal Slack channels. The breach was carried out by the group ‘NullBulge,’ exposing confidential company information, including project details, … Read more

Capita

High Court Battle Looms for Capita Over Major Data Breach in 2023

Nearly 8,000 individuals are set to join a High Court case against the outsourcing firm ‘Capita’ , following a cyberattack that occurred in March 2023. Barings Law, the Manchester-based legal firm representing the claimants, has criticized Capita’s handling of the … Read more

The Resurgence of TeamTNT

Recent investigations suggest that the well-known threat group “TeamTNT”, may be back in operation. The group that is infamous for targeting cloud environments like Docker, Kubernetes, and Redis, has left traces in new attacks observed from 2023 through 2024, raising … Read more

AI Industry Leaders to Combat Image-Based Sexual Abuse

The U.S. government has received a set of voluntary commitments from AI industry leaders aimed at addressing the issue of image-based sexual abuse, including non-consensual intimate images (NCII) and child sexual abuse material (CSAM). Big players such as Adobe, Anthropic, … Read more

New Phishing Attack Targeting Major Sectors

A new type of phishing attack is deceiving users into giving up sensitive login credentials. Researchers from Palo Alto Networks’ Unit 42 have found these phishing campaigns that use refresh entries in HTTP response headers to automatically redirect users to … Read more

Russian GRU Unit 29155 Targeting Infrastructure Worldwide

In a recent advisory issued on September 5th, 2024, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) discuss the cyber activities of Russia’s GRU Unit 29155. This military intelligence … Read more

Why RansomHub is a Growing Threat Across Sectors

Since its emergence in early 2024, RansomHub has quickly expanded its operations and now affects over 210 victims across various sectors. This ransomware-as-a-service (RaaS) variant has become a player in the world of cybercrime, targeting infrastructure and large industries with … Read more

The Rise of In-Memory Threat ‘PEAKLIGHT’

Recent cybersecurity research has uncovered an attack chain utilizing a memory-only malware downloader, known as PEAKLIGHT. This PowerShell-based downloader uses a multi-stage infection process, with a range of obfuscation techniques to evade detection and deliver infostealers such as CRYPTBOT, SHADOWLADDER, … Read more

The Full Breakdown of Delta’s IT Woes

Delta Air Lines is contending with the aftermath of an IT outage that disrupted its operations for several days in July, resulting in thousands of canceled flights and financial losses. The outage, which was caused by a faulty software update … Read more

The Cyber Espionage Campaign Threatening Japan

A newly discovered cyber espionage operation, referred to as “Cuckoo Spear,” has brought to light the ongoing activities of a state-backed Chinese hacking group that has been quietly infiltrating Japanese organizations. This covert campaign is alarming due to its use … Read more

How to Identify Phishing Emails

Investigations of cyberattacks and data breaches often reveal the initial access vector to be a phishing email. Phishing provides threat actors with a foothold from where they can achieve an organziation-wide compromise, so teaching employees how to identify phishing emails … Read more

Social Media and HIPAA Compliance

Social Media and HIPAA Compliance

The challenge with social media and HIPAA compliance is that covered entities and business associates cannot disclose Protected Health Information unless the disclosure is permitted by the Privacy Rule. This restriction should apply to members of the workforce. Yet it … Read more

Med-Data Settles Data Breach Legal Case Through $7 Million Agreement

Med-Data Inc., a revenue cycle management services provider based in Spring, TX, has reached a $7 million settlement to address all claims arising from a data breach spanning from 2018 to 2019, affecting around 136,000 individuals. Between December 2018 and … Read more

Green Ridge Behavioral Health Faces OCR HIPAA Action After Ransomware Attack

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), has announced the settlement of a ransomware investigation involving Green Ridge Behavioral Health, LLC, a Maryland-based psychiatric practice, highlighting the growing cybersecurity threats facing the healthcare … Read more

BlackCat Ransomware Group Behind Change Healthcare Cyberattack

Change Healthcare, a leading provider of healthcare billing and data systems, finds itself grappling with a severe cybersecurity crisis following the detection of a malicious cyberattack on February 21, 2024. This attack, attributed to the BlackCat ransomware group, has put … Read more

Integris Health Reports 2.39 Million People Impacted by Cyberattack

Integris Health has finished the analysis of the files that were viewed/stolen as a result of a cyberattack in November 2023. It has submitted the breach report to the Department of Health and Human Services (HHS) Office for Civil Rights … Read more

$4.75 Million HIPAA Penalty on Montefiore Medical Center Due to Malicious Insider Incident

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reported the first financial penalty issued in 2024 to settle alleged HIPAA violations. Montefiore Medical Center has consented to pay a $4.75 million penalty to settle the … Read more

Patch for Fortra GoAnywhere Critical Vulnerability and Unauthorized Remote Access Using the ScreenConnect Tool

Fortra has announced a critical vulnerability identified in its GoAnywhere Managed File Transfer (MFT) solution and also issued a patch. Vulnerability CVE-2024-0204 is an authentication bypass bug caused by a path traversal weakness. An unauthenticated user can exploit the vulnerability … Read more

Data Breach Reports by Columbus Regional Healthcare System, Senior PsychCare, and Aria Care Partners

133K Record Data Breach at Columbus Regional Healthcare System Columbus Regional Healthcare System located in Whiteville, NC, has informed the Maine Attorney General about a patient data theft due to a cybersecurity incident. Unauthorized people got access to its system … Read more

Data Breach Reports by Electrostim Medical Services, Meridian Behavioral Healthcare and Network 180

543,000 Electrostim Medical Services Patients Affected by Data Breach The medical device firm Electrostim Medical Services, Inc. in Florida, which is also called EMSI, has reported that it encountered a cyberattack in May 2023 which involved access to sections of … Read more

Cyberattack and Data Breaches at Anna Jaques Hospital, NYC Health + Hospitals, and Corewell Health Business Associate

Anna Jaques Hospital Cyberattack on Christmas Day Anna Jaques Hospital located in Newburyport, MA, encountered a cyberattack on Christmas Day that caused an interruption to its health record system. It was decided to redirect ambulances to other nearby hospitals until … Read more

New York Presbyterian Hospital Pays $300K Fine for Using Website Pixel

New York Presbyterian Hospital has decided to resolve alleged Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule violations by paying the New York Attorney General a $300,000 financial penalty. NYP manages 10 hospitals around New York City and has … Read more

Urgent Action Needed on Citrix Bleed Vulnerability as Ransomware Attacks Increase

Ransomware groups are exploiting a critical vulnerability identified in NetScaler ADS (earlier known as Citrix ADC) and NetScaler Gateway (Citrix Gateway) devices, referred to as Citrix Bleed. On October 10, 2023, Citrix released a security alert concerning the vulnerability and … Read more

Data Breaches Reported by State of Maine, Affinity Legacy, The Charles Lea Center and Detroit Chassis

State of Maine Data Breach Impacts 450,000 Records The State of Maine has reported the theft of the protected health information (PHI) of 453,894 persons in the latest mass exploitation of a zero-day vulnerability in the MOVEit Transfer solution by … Read more

Advisories on Critical ownCloud Vulnerabilities, Critical FortiSIEM Vulnerability and Emotet Malware Threat

HC3 Alerts HPH Sector Regarding Critical FortiSIEM Vulnerability and Ongoing Emotet Malware Threat The Health Sector Cybersecurity Coordination Center (HC3) has alerted healthcare companies that utilize Fortinet’s FortiSIEM platform to fix a critical vulnerability that is probably exploited by malicious … Read more

Guidance on Managing Legacy Medical Devices and Advisory Against Rhysida Ransomware Attacks

FDA Releases Guidance on Managing Legacy Medical Device Cybersecurity Risks The U.S. Food and Drug Administration (FDA) has released a report that recommends how to handle the cybersecurity problems of legacy medical gadgets. Legacy medical gadgets are considered devices that … Read more

Data Breaches at Medical Eye Services, PeakMed, Prospect Medical Services, and 4 More Healthcare Providers

Medical Eye Services Says PHI of 370,000 Patients Stolen in MOVEit Transfer Hack Medical Eye Services, Inc. based in California recently reported the theft of the protected health information (PHI) of 346,828 persons. The PHI was stolen from the MOVEIt … Read more

HIPAA Cases Against Doctors’ Management Services and Wright & Filippis Resolved

Doctors’ Management Services Resolves OCR HIPAA Case for $100,000 The HHS’ Office for Civil (OCR) has consented to resolve an investigation of a ransomware attack and data breach that revealed several potential HIPAA Security Rule violations of Doctors’ Management Services … Read more

Cyberattacks on Westchester Medical Center Health Network, Fellowship Village, Meadville Medical Center, and BHI Energy Health Plan

Westchester Medical Center Health Network (WMCHealth) has encountered a cyberattack that impacted its IT systems. The health network discovered the attack last week. On October 20, 2023, at 10 p.m., all connected systems were shut down. The downtime was estimated … Read more

Data Breaches Reported by Fairfax Oral and Maxillofacial Surgery, Henwood Family Dentistry, Piedmont Healthcare and Surround Care

Fairfax Oral and Maxillofacial Surgery Ransomware Attack Impacts 236,000 Individuals Fairfax Oral and Maxillofacial Surgery based in Virginia has reported the potential compromise of the protected health information (PHI) of around 235,931 persons in a ransomware attack last May 2023. … Read more

Warning Against LokiBot Malware and Increasing Remote Access Software Threats

HHS Publishes Alert Against LokiBot Malware The Health Sector Cybersecurity Coordination Center (hC3) has publicized an Analyst Note regarding LokiBot – one of the most common and persistent malware variants. LokiBot, also known as Loki PWS, has been employed in … Read more

Community First Medical Center Data Breach, AlphV and CommonSpirit Health Ransomware Attack

Community First Medical Center based in Chicago, IL started telling 216,047 patients about a cyberattack that allowed an unauthorized entity to obtain access to its computer system on July 12, 2023. According to the September 26, 2023 breach notification, the … Read more

Advisory on Snatch Ransomware and the Lazarus Group

Feds Release Snatch Ransomware Alert After an Attack on Hospital The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint security alert regarding Snatch ransomware. The Snatch ransomware group carried out … Read more

Health Care Service Corporation and Schneck Medical Center Face Lawsuit

HIPAA Lawsuit Against Schneck Medical Center Resolved Schneck Medical Center based in Seymour, IN has resolved a lawsuit with Attorney General Todd Rokita of Indiana, regarding a ransomware attack and data breach in 2021 that impacted 89,707 Indiana locals. Schneck … Read more

Cyberattacks and Data Breaches Reported by Texas Medical Liability Trust, Bloom Health Centers and Other Healthcare Organizations

60,000 People Impacted by Texas Medical Liability Trust Data Breach The Texas Medical Liability Trust (TMLT) submitted a data breach report to the Maine Attorney General representing itself and its affiliate companies, Physicians Insurance Company, Texas Medical Insurance Company, and … Read more

Finding the Common Causes of Hacking/IT Incidents

The common source of healthcare data breach data is HHS Office for Civil Rights Breach Report. Although it is an important source of data to know the developments in data breaches, the Breach Report has limited scope since it merely … Read more

Sentinel Event Alert and State of External Exposure Management

Joint Commission Issues Guidance on Ensuring Patient Safety After a Cyberattack The Joint Commission has published a Sentinel Event Alert offering guidance on keeping patient safety after a cyberattack. There has been an increase in sophisticated healthcare cyberattacks. The question … Read more

Vulnerabilities Found in 1,900 Citrix NetScaler Devices and Limited Use of Generative AI by Malicious Actors

Malicious Actors Still Limit the Use of Generative AI It is feared that malicious actors will take advantage of generative AI to support their malicious pursuits; nevertheless, the use of generative AI by malicious actors seems to be minimal, definitely … Read more

Data Breaches Reported by Cummins Behavior Health, Redwood Coast Regional Center and Other Healthcare Entities

Data of 4 Million Coloradans Exposed in MOVEit Transfer Attack The Colorado Department of Health Care Policy and Financing (HCPF), which supervises the Medicaid program of the state and the Child Health Plan Plus (CHP+) program, has just reported the … Read more

Top Industries Targeted by Cyber Threat Actors and 2022’s Most Often Exploited Vulnerabilities

Top Targets for Cyber Threat Actors According to Blackberry’s most recent Global Threat Intelligence Report, the two most attacked sectors are healthcare and financial services. The information for the report was gathered between March and May 2023 from its cybersecurity … Read more

VUMC and Norton Healthcare Face Class Action Lawsuit

Class Action Lawsuit Filed Against Norton Healthcare Over BlackCat Cyberattack Norton Healthcare based in Kentucky operates over 140 clinics and hospitals all across Kentucky and Southern Indiana. It is confronted with a class action lawsuit in association with a cyberattack … Read more

Approved Information Blocking Penalties and the Mission of OSHA

Approved Final Rule for Information Blocking Penalties of Up to $1 Million for Health IT Companies HHS-OIG already approved the civil monetary penalties for health IT companies that are found engaging in information blocking. Penalties of as much as $1 … Read more

Delaware’s Comprehensive Data Privacy Law and HSCC’s Coordinated Healthcare Incident Response Plan Template

Comprehensive Data Privacy Law Passed by the Delaware Legislature The Delaware legislature passed a comprehensive new data privacy law. Delaware Governor John Charles Carney Jr is likely to sign the Personal Data Privacy Act making Delaware the 12th U.S. state … Read more