zackwhittaker

zackwhittaker, 2 months ago to random

New: The Dept. of Health and Human Services's Office of Civil Rights has launched an investigation into the Change Healthcare hack, and "whether a breach of protected health information occurred," as well as Change's compliance with HIPAA rules.

Change Healthcare, which handles around one-third to half of all U.S. patient records, has yet to confirm a breach during its ongoing ransomware attack.

My earlier story: https://techcrunch.com/2024/03/09/change-healthcare-fears-data-breach-ransomware/

zackwhittaker, 2 months ago to random

Cyberattacks, regional conflict, weapons of mass destruction, terrorism, commercial spyware, AI, misinformation, disinformation, deepfakes, and TikTok. These are just some of the top perceived threats that the United States faces, according to the U.S. government’s intelligence agency’s latest global risk assessment.

Here's what we learned when U.S. spy chiefs testified to lawmakers today.

New w/ @lorenzofb: https://techcrunch.com/2024/03/11/four-things-we-learned-when-us-spy-chiefs-testified-to-congress/

zackwhittaker, 2 months ago to random

It's time for another ~ this week in security ~ featuring:

• Microsoft says Russia SVR's hack is 'ongoing'
• U.S. issues first-of-its-kind sanctions against spyware chief
• Fears grow Change Healthcare hack could spill patient data
• Unpatched flaws in smart locks
• CISA hacked by way of Ivanti flaw,
• A brand new cyber-cat, and much more.

Sign up/RSS: https://this.weekinsecurity.com

Read online: https://mailchi.mp/weekinsecurity/this-week-in-security-march-10-2024-edition

Donate/support: https://ko-fi.com/thisweekinsecurity

zackwhittaker, 2 months ago to random

Sen. Ron Wyden said in a statement today regarding the Change Healthcare hack that there's "no shortage of blame to go around."

"United Health Group botched basic cybersecurity practices by allowing a single hack to create chaos across the nation’s health care system and should be held accountable. At the same time, federal regulators have been asleep at the wheel on cybersecurity," said Wyden.

https://www.wyden.senate.gov/news/press-releases/wyden-statement-on-the-united-health-group-hack

zackwhittaker, 2 months ago (edited 2 months ago) to random

One cyber director at a large U.S. hospital system told me that though they are in regular contact with Change and its parent company UnitedHealth about the ongoing cyberattack, they have heard nothing yet about the security or integrity of patient records.

The cyber director expressed alarm at the prospect of stolen sensitive patient data leaking online, adding that the patient safety and economic impacts of this cyberattack are "going to be felt for years."

More: https://techcrunch.com/2024/03/09/change-healthcare-fears-data-breach-ransomware/

zackwhittaker, 2 months ago to random

New, by me: As the cyberattack at Change Healthcare drags into its second week, questions remain about the security of millions of people’s highly sensitive medical information handled by the U.S. health tech giant.

For those on the front-lines of healthcare cybersecurity, the worst-case scenario is that stolen patient records become public.

My weekend read: https://techcrunch.com/2024/03/09/change-healthcare-fears-data-breach-ransomware/

zackwhittaker, 2 months ago (edited 2 months ago) to random

Watching founders and investors who pay $8/month for blue checks on X complain that they can't read a deeply reported story by one of the finest tech reporters because it's behind a paywall that costs $7/month is really fucking gross, and sadly just the latest example why media is crumbling.

zackwhittaker, 2 months ago to random

New, by @lorenzofb: Microsoft says it's experiencing an "ongoing attack" from Russian government hackers that first began in November 2023.

Now, Microsoft says the Russian hackers are using secrets they previously stole to keep hacking into its systems.

More: https://techcrunch.com/2024/03/08/microsoft-ongoing-cyberattack-russia-apt-29/

zackwhittaker, 2 months ago to random

AP has a great, detailed story looking at I-Soon, a Chinese government contractor accused of hacking and spyware operations.

More: https://apnews.com/article/chinese-hacking-leak-documents-surveillance-spying-6276e8662ddf6f2c1afbae994d8b3aa2

zackwhittaker, 2 months ago to random

Confirming Reuters story from earlier: A spokesperson for the U.K. National Crime Agency told me in an emailed statement: "I can confirm any recent disruption to ALPHV infrastructure is not a result of NCA activity."

It's unclear why ALPHV's website is currently offline, but some security researchers say it's a sign of an "exit scam" — essentially calling quits and taking off with the money.

More from Reuters: https://www.reuters.com/technology/cybersecurity/blackcat-ransomware-site-claims-it-was-seized-uk-law-enforcement-denies-being-2024-03-05/

zackwhittaker, 2 months ago to random

Happy Sunday, it's ~ this week in security ~ time:

• Change Healthcare hit by ALPHV ransomware
• NSA warns Ivanti hacks hitting defense sector
• US agencies are snooping on phone push notifications
• US bans sale of Americans' data to adversaries
• Anycubic 3D printers mass-hack
• Popular video doorbells have simple bugs
• A rare 2-for-1 cyber cat special, and more

Sign up/RSS: https://this.weekinsecurity.com

Read online: https://mailchi.mp/weekinsecurity/this-week-in-security-march-3-2024-edition

Donate/support: https://ko-fi.com/thisweekinsecurity

zackwhittaker, 2 months ago to random

UnitedHealth has now published a cybersecurity incident site about the ongoing ransomware attack at Change Healthcare.

UHG is not yet saying if patient data was stolen. ALPHV/BlackCat, which took credit for the cyberattack, claims (without evidence) that it has stolen millions of Americans' patient records.

https://www.unitedhealthgroup.com/changehealthcarecyberresponse

zackwhittaker, 2 months ago to random

New, by me: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users’ access to their Facebook, Google and TikTok accounts.

The SMS routing company's database was connected to the internet with no password.

More: https://techcrunch.com/2024/02/29/leaky-database-two-factor-codes/

zackwhittaker, 2 months ago to random

BREAKING: U.S. health insurance giant UnitedHealth Group has confirmed a ransomware attack on its health tech subsidiary Change Healthcare, which continues to disrupt hospitals and pharmacies across the United States.

UnitedHealth confirmed the ransomware gang behind the attack is ALPHV, or BlackCat, a Russia-based gang.

More: https://techcrunch.com/2024/02/29/unitedhealth-change-healthcare-ransomware-alphv-blackcat-pharmacy-outages/

zackwhittaker, 2 months ago to random

New by @lorenzofb: Several internet-connected doorbell cameras have a security flaw that allows hackers to take over the camera by just holding down a button, among other issues.

Walmart and Temu removed the buggy whitelabeled doorbell cameras from sale after we reached out. Amazon is still selling the buggy doorbell cameras, and did not comment.

More: https://techcrunch.com/2024/02/29/popular-video-doorbells-eken-tuck-hijacked-researchers/

zackwhittaker, 2 months ago to random

So glad that Mastodon is a place free from the constant deluge of "guest post" spam... oh, for fuck's sake!

zackwhittaker, 2 months ago to random

New, by me: Anycubic customers are reporting that their 3D printers have been hacked and now display a message warning of an alleged security flaw in the company’s systems.

"Immediate action is strongly advised to prevent potential exploitation," reads the message planted on Anycubic 3D printers.

Anycubic's app appears down at the time of publication.

More: https://techcrunch.com/2024/02/28/anycubic-users-3d-printers-hacked-warning/

zackwhittaker, 2 months ago to random

Cencora (formerly AmerisourceBergen) says it was hacked and that resulted in the exfiltration (read: theft) of an unspecified amount of personal information. It's unclear if the breach relates to the company's ~44,000 or so employees or patients/customers.

Spox. Mike Iorfino would not comment beyond the 8-K filed with the SEC yesterday, but confirmed that there is "no reason to believe there is a connection between the incident at Change Healthcare," whose hack happened on the same day.

zackwhittaker, 2 months ago to random

I have to admit, this CAPTCHA stumped me.

GossiTheDog, 1 year ago to random

The Guardian (who are themselves working out of a pub still due to a ransomware attack in December 2022) are reporting #Capita (a major IT supplier) have a "IT incident", staff have been told to not use VPN, and they are working with pen and paper since this morning. Thread follows. https://www.theguardian.com/business/2023/mar/31/capita-it-systems-fail-cyber-attack-nhs-fears?CMP=share_btn_tw