U.S. healthcare provider Ascension has provided more details of its “cyber security event” last month, admitting that data was stolen, with some reports also suggesting that the Black Basta ransomware gang was behind the attack.
One of the largest nonprofit and Catholic health systems in the U.S. and also the second-largest operator of hospitals in the U.S. as of 2019, Ascension first disclosed that it had suffered a security issue on May 5.
Read more…
Source: SiliconAngle
Related:
- CISA Binding Operational Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities
November 3, 2021
A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security (DHS) to develop and oversee the implementation of binding operational directives. Federal agencies are required to comply ...
- US sanctions NSO Group, Israeli spyware company at centre of Pegasus Papers
November 3, 2021
The US is sanctioning an Israeli spyware company that it accused of supplying technology to foreign governments “to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers”. NSO Group had been accused of assisting despotic regimes in targeting journalists, political dissidents, and human rights activists in reports earlier this year. The company responded at the ...
- ‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks
November 3, 2021
A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted the malicious campaign a few weeks ago, on Oct. 12. Tortilla, ...
- Medical school exposes personal data of thousands of students
November 3, 2021
A US medical training school exposed the personally identifiable information (PII) of thousands of students. On Wednesday, vpnMentor published a report on the security incident, in which an unsecured bucket was left exposed online. The server, which did not have authentication controls in place and was, therefore, accessible by anyone to view, contained 157GB of data, or ...
- New White House Cyber Director Wants to Fight Like Cobra Kai
November 1, 2021
The first U.S. National Cyber Director wants the government to take a tougher, more proactive approach to those who threaten America’s networks: degrade their capabilities and demonstrate how they would suffer should they attack. John “Chris” Inglis’ vision for his brand-new office somewhat resembles the match-day strategy employed by the Cobra Kai dojo in the original ...
- TrickBot malware dev extradited to U.S. faces 60 years in prison
October 29, 2021
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. 38-year old Vladimir Dunaev, also known as FFX, was a malware developer that supervised the creation of TrickBot’s browser injection module, the indictment ...