Security News

The FBI warns of a threat against the healthcare sector from Ryuk ransomware, and one that's already affected some hospitals. The healthcare industry continues to be a prime target for ransomware, so much so that the FBI and two other government agencies are now warning this sector of impending attacks using the infamous Ryuk ransomware.

Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "Imminent cybercrime threat to U.S. hospitals and healthcare providers." The agencies on the conference call, which included the U.S. Department of Health and Human Services, warned participants about "Credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers."

The US Federal Bureau of Investigation, Departments of Homeland Security, and Health and Human Services issued a joint alert Wednesday warning of an "Imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the Sector with TrickBot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services," the Cybersecurity and Infrastructure Security Agency said in its advisory.

While hotel Wi-Fi is convenient, security is not the priority, federal government says.

The Federal Bureau of Investigation issued a flash alert warning of hackers stealing data from U.S. government agencies and enterprise organizations via internet-exposed and insecure SonarQube instances. Vulnerable SonarQube servers have been actively exploited by attackers since April 2020 to gain access to data source code repositories owned by both government and corporate entities, later exfiltrating it and leaking it publicly.

The report concludes that, far from modern phones being a bastion of privacy and security, there are in fact routinely rifled through for trivial crimes without a warrant in sight. The report gives numerous other examples of phones taken from their owners and searched for evidence, without a warrant - many in cases where the value of the information was negligible such as cases involving graffiti, shoplifting, marijuana possession, prostitution, vandalism, car crashes, parole violations, petty theft, and public intoxication.

The Federal Bureau of Investigation issued a flash alert to warn of the potential use of spoofed US Census Bureau domains in future malicious campaigns including phishing and credential theft attacks. The US Census Bureau is a federal government statistical agency that collects statistical data on the US economy and population, data used by the federal government to allocate over $675B in federal funds to tribal, local, and state governments each year.

European and American officials said Thursday that they have arrested 20 people in several countries for allegedly belonging to an international ring that laundered millions of euros stolen by cybercriminals through malware schemes. The international police operation "2BaGoldMule" led by Portuguese investigators and the FBI included 14 more European countries, under the umbrella of Europol.

A man who spied on unsuspecting victims through their webcams has escaped a prison sentence after buying off-the-shelf LuminosityLink malware and using CCTV software to spy on them. Crown prosecutor Russell Pyne told the court that Wood had been caught by police as part of a wider multinational investigation into LuminosityLink creator Colton Grubbs, who pleaded guilty to US criminal charges over the malware in 2018.

A man who spied on unsuspecting victims through their webcams has escaped a prison sentence after buying off-the-shelf LuminosityLink malware and using CCTV software to spy on them. Crown prosecutor Russell Pyne told the court that Wood had been caught by police as part of a wider multinational investigation into LuminosityLink creator Colton Grubbs, who pleaded guilty to US criminal charges over the malware in 2018.