US Government Agencies Impersonated in Aggressive DocuSign Phishing Scams

DocuSign phishing scams surged by 98%, with hundreds of daily attacks impersonating US government agencies like HHS and…...

Planned Parenthood partly offline after ransomware attack

In late August, Intermountain Planned Parenthood of Montana suffered a cyberattack which is still under investigation. The attack has been claimed by a ransomware group. Intermountain Planned Parenthood Inc., doing business as Planned Parenthood Of Montana, is a nonprofit organization that provid...

HHS OIG Report Underscores Challenges of Securing the Cloud

On July 22, 2024, HHS Health and Human Services OIG published a report identifying a need for the Department of Health and Human Services, Office of the Secretary HHS OS to improve key security controls to better protect cloud information systems. The report, while focused on HHS OS, underscores...

apps.hhs.texas.gov Cross Site Scripting vulnerability OBB-3943207

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ALPHV is singling out healthcare sector, say FBI and CISA

In an updated StopRansomware security advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as...

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

The U.S. government is warning about the resurgence of BlackCat aka ALPHV ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in a...

CISA, FBI, and HHS Release an Update to #StopRansomware Advisory on ALPHV Blackcat

Today, CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS released an update to the joint advisory StopRansomware: ALPHV Blackcat to provide new indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with the ALPHV...

HHS Launches 'Digiheals' Project to Better Protect US Hospitals From Ransomware

An innovation agency within the US Department of Health and Human Services will fund research into better defenses for the US health care system’s digital infrastructure...

Several hospitals still counting the cost of widespread ransomware attack

The 16 hospitals struck down by ransomware last week are still dealing with the fallout from the attack. The healthcare facilities located in Connecticut, Pennsylvania, Rhode island, and California had the ransomware attack confirmed by the FBI. Issues started to emerge last Thursday with patient...

Health Industry Cybersecurity Best Practices 2023

This blog explains the new resources of health industry cybersecurity practices and landscape analysis which the HHS U.S. Department of Health and Human Services released in Apr 2023...

Royal Ransomware Threat Takes Aim at U.S. Healthcare System

The U.S. Department of Health and Human Services HHS has cautioned of ongoing Royal ransomware attacks targeting healthcare entities in the country. "While most of the known ransomware operators have performed Ransomware-as-a-Service, Royal appears to be a private group without any affiliates whi...

#StopRansomware: Hive Ransomware

Actions to Take Today to Mitigate Cyber Threats from Ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable and enforce multifactor authentication with strong passwords. 3. Close unused ports and remove any application not deemed necessary for day-to-day operations...

#StopRansomware: Hive

Today, CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS released joint Cybersecurity Advisory CSA StopRansomware: Hive Ransomware to provide network defenders tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated wi...

US agencies issue warning about DAIXIN Team ransomware

The FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of Health and Human Services HHS have issued a joint advisory about DAIXIN Team, a fledgling ransomware and data exfiltration group that has been targeting US healthcare. First spotted in June 2022, the DAIXIN Team...

FIN7 Mails Malicious USB Sticks to Drop Ransomware

Ransomware gangs are mailing malicious USB drives, posing as the U.S. Department of Health and Human Services HHS and/or Amazon to target the transportation, insurance and defense industries for ransomware infection, the FBI warned on Friday. In a security alert sent to organizations, the FBI sai...

Avoid oversights in HIPAA risk management

Since HIPAA regulations first came about in 1996, organizations have looked for ways to analyze and manage risk within this complex framework. Although guided by the HIPAA Security Rule as well as additional guidance from the U.S. Department of Health and Human Services HHS and Office for Civil...

Latest round of OCR audits highlight HIPAA risk analysis and risk management shortcomings

The Office for Civil Rights OCR at the U.S. Department of Health and Human Services HHS has released its latest report with findings from their 2016 and 2017 series of audits as required under the Health Insurance Portability and Accountability Act of 1996 HIPAA/HITECH Privacy, Security, and Brea...

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

On Monday, Oct. 26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the Unit...

Ransomware Activity Targeting the Healthcare and Public Health Sector

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the U.S. Department of Health and Human Services HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS have...

Coronavirus related cyber attacks hit HHS in US, testing center in Czech

By Deeba Ahmed Who could have imagined cyber criminals will use Coronavirus pandemic to steal data and make quick money? This is a post from HackRead.com Read the original post: Coronavirus related cyber attacks hit HHS in US, testing center in Czech...