#socialengineering
Health IT Security Robot
.
DATE:
December 04, 2023 at 05:36PM
.
TITLE:
New Jersey hospitals no longer in divert status after Ardent attack
.
URL:
https://www.beckershospitalreview.com/cybersecurity/new-jersey-hospitals-no-longer-in-divert-status-after-ardent-attack.html
.
<p>Mountainside Medical Center in Montclair, N.J., and Pascack Valley Medical Center in Westwood, N.J., are no longer refusing ambulances after a cyberattack on Ardent Health Services caused the hospitals to divert them, <a href="https://patch.com/new-jersey/montclair/montclair-hospital-no-longer-diverting-ambulances-after-cyber-attack" target="_blank" rel="noopener">patch.com</a> reported Dec. 4. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Exploring the impact of generative AI in the 2024 presidential election https://www.helpnetsecurity.com/2023/12/05/presidential-election-genai-impact-video/ #socialengineering #cybersecurity #GenerativeAI #socialmedia #Don'tmiss #Hotstuff #Fortra #Video #video
Health IT Security Robot
.
DATE:
December 04, 2023 at 12:33PM
.
TITLE:
HHS urges healthcare orgs to nix vulnerability
.
URL:
https://www.beckershospitalreview.com/cybersecurity/hhs-urges-healthcare-orgs-to-nix-vulnerability.html
.
<p>The HHS is <a href="https://www.aha.org/system/files/media/file/2023/12/202311301200_Citrix-Bleed-Vulnerability-Sector-Alert-TLPCLEAR.pdf" target="_blank" rel="noopener">urging</a> healthcare organizations to patch a new vulnerability affecting NetScaler ADC, formerly Citrix ADC, and NetScaler Gateway. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
December 04, 2023 at 12:32PM
.
TITLE:
Corewell Health caught in MOVEit breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/corewell-health-caught-in-moveit-breach.html
.
<p>Patient information may have been <a href="https://www.beaumont.org/health-wellness/press-releases/welltok-inc-data-security-event-no-fraudulent-activity-detected" target="_blank" rel="noopener">compromised</a> at Corewell Health as the communications software company the organization uses was hit by the massive MOVEit breach that affected companies around the U.S.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
December 04, 2023 at 11:01AM
.
TITLE:
Fred Hutch takes IT systems offline following cyberattack
.
URL:
https://www.beckershospitalreview.com/cybersecurity/fred-hutch-takes-it-systems-offline-following-cyberattack.html
.
<p>Seattle-based Fred Hutchinson Cancer Center took its IT systems down following a Thanksgiving-week cyberattack, the <a href="https://www.seattletimes.com/seattle-news/health/thanksgiving-week-cyberattack-detected-at-fred-hutch-cancer-center/" target="_blank" rel="noopener"><em>Seattle Times</em></a> reported Dec. 1.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Booking.com customers targeted in hotel booking scam https://www.helpnetsecurity.com/2023/12/04/booking-com-hotel-booking-scam/ #hospitalityindustry #socialengineering #accounthijacking #PerceptionPoint #SecureWorks #Don'tmiss #Hotstuff #malware #scams #News
Health IT Security Robot
.
DATE:
December 01, 2023 at 04:10PM
.
TITLE:
Why hackers attacked a health system on Thanksgiving
.
URL:
https://www.beckershospitalreview.com/cybersecurity/why-hackers-attacked-a-health-system-on-thanksgiving.html
.
<p>It likely wasn't by happenstance that cybercriminals <a href="https://www.beckershospitalreview.com/cybersecurity/thanksgiving-outages-at-hospitals-caused-by-ransomware.html" target="_blank" rel="noopener">attacked</a> a major U.S. health system the week of Thanksgiving, IT security chiefs told <em>Becker's</em>.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
December 01, 2023 at 04:04PM
.
TITLE:
Intruder steals medical records from Florida health system
.
URL:
https://www.beckershospitalreview.com/cybersecurity/intruder-steals-medical-records-from-florida-health-system.html
.
<p>Summerfield, Fla.-based Lakeview Healthcare System <a href="https://lvhcs.com/notice-of-data-security-incident/" target="_blank" rel="noopener">discovered</a> that an unauthorized individual forcefully entered its Leesburg, Fla.-based Lakeview Specialist Facility and stole medical records containing protected health information. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
December 01, 2023 at 11:00AM
.
TITLE:
Hacker behind $100M in hospital losses pleads guilty
.
URL:
https://www.beckershospitalreview.com/cybersecurity/hacker-behind-100m-in-hospital-losses-pleads-guilty.html
.
<p>A Russian national <a href="https://www.justice.gov/opa/pr/russian-national-pleads-guilty-trickbot-malware-conspiracy" target="_blank" rel="noopener">pleaded guilty</a> to his involvement in a ransomware plot that attacked U.S. hospitals, causing millions of dollars in losses.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
December 01, 2023 at 10:45AM
.
TITLE:
Thanksgiving ransomware attack impacted 30 hospitals
.
URL:
https://www.beckershospitalreview.com/cybersecurity/thanksgiving-ransomware-attack-impacted-30-hospitals.html
.
<p>The Nov. 23 ransomware attack on Nashville, Tenn.-based Ardent Health Services has impacted 30 hospitals across six states, <a href="https://www.wkrn.com/news/local-news/nashville/hhs-more-than-14-million-people-have-been-affected-by-tn-healthcare-data-breaches/" target="_blank" rel="noopener"><em>WKRN</em></a> reported Nov. 29. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Oh not again. I hate it when “you’hv sent $399.99” to some random account.
Health IT Security Robot
.
DATE:
November 30, 2023 at 12:34PM
.
TITLE:
Another health system hit by MOVEit breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/another-health-system-hit-by-moveit-breach.html
.
<p>Patient information may have been compromised at Premier Health as the communications software company the organization uses was hit by the massive MOVEit breach that affected companies around the U.S., <a href="https://www.daytondailynews.com/business/premier-health-patients-involved-in-data-breach-impacting-84-million-people-tech-company-says/FMGMBV7QLRCTNGJ7I3PYKSXCMI/" target="_blank" rel="noopener"><em>Dayton Daily News</em></a> reported Nov. 28. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
https://www.econlib.org/hazony-on-liberal-and-conservative-premises/
Hazony on Liberal and Conservative Premises
Чудесно чёткие формулировки базовых онтологий (реперных постулатов) либерализма и консерватизма!
#онтокритика #мышление #thinking #ontocritic #социальнаяинженерия #инженерия #socialengineering #engineering
Health IT Security Robot
.
DATE:
November 29, 2023 at 04:34PM
.
TITLE:
Former staff, patient sue Iowa health system over March breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/former-staff-patient-sue-iowa-health-system-over-march-breach.html
.
<p>A former University of Iowa Community HomeCare staff member and a former patient filed a proposed class-action lawsuit against UI Community HomeCare and UI Community Medical Services, part of UI Health Care, alleging the organization was negligent during a March data breach, <a href="https://www.thegazette.com/higher-education/lawsuit-accuses-university-of-iowa-health-system-of-negligence-for-data-breach/" target="_blank" rel="noopener"><em>The Gazette</em></a> reported Nov. 28. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
https://ontocritic.org/blog/archives/2821
Обречённые социальные инженеры и неграмотные социальные профессионалы — Онтокритика: от основ до мастерства
Дописал.
#онтокритика #мышление #thinking #ontocritic #социальнаяинженерия #инженерия #socialengineering #engineering
Health IT Security Robot
.
DATE:
November 29, 2023 at 10:33AM
.
TITLE:
CISA warned Ardent of cyber threat day before ransomware discovery
.
URL:
https://www.beckershospitalreview.com/cybersecurity/cisa-warned-ardent-of-cyber-threat-day-before-ransomware-discovery.html
.
<p>On Nov. 22, officials from the Cybersecurity and Infrastructure Security Agency alerted Ardent Health Services about malicious cyber activity impacting its computer systems the day before the organization identified a ransomware attack on its facilities and affiliates, <a href="https://www.cnn.com/2023/11/27/politics/cyberattack-hospital-diverts-ambulances/index.html" target="_blank" rel="noopener"><em>CNN </em> </a>reported Nov. 27. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Okta breach: Hackers stole info on ALL customer support users https://www.helpnetsecurity.com/2023/11/29/okta-breach-customer-support/ #privilegedidentity #socialengineering #authentication #databreach #Don'tmiss #Hotstuff #phishing #News #Okta
Health IT Security Robot
.
DATE:
November 28, 2023 at 11:54AM
.
TITLE:
Kansas hospital ramps up staffing in wake of Ardent ransomware attack
.
URL:
https://www.beckershospitalreview.com/cybersecurity/kansas-hospital-ramps-up-staffing-in-wake-of-ardent-ransomware-attack.html
.
<p>In response to the ransomware attack on Nashville, Tenn.-based Ardent Health Services and its affiliates, Stormont Vail Health took action by augmenting staffing levels at its hospital, emergency department and Express Care clinics, the <a href="https://www.cjonline.com/story/news/local/2023/11/28/hospital-ransomware-attack-forces-closure-topeka-st-francis-emergency-room/71726505007/" target="_blank" rel="noopener"><em>Topeka Capital-Journal</em></a> reported Nov. 28. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 28, 2023 at 11:25AM
.
TITLE:
California hospital IT network breached
.
URL:
https://www.beckershospitalreview.com/cybersecurity/california-hospital-it-network-breached.html
.
<p>Mission Community Hospital in Los Angeles is <a href="https://www.mchonline.org/wp-content/uploads/2023/11/Mission-Community-Hospital-UPDATED-Notice.pdf" target="_blank" rel="noopener">notifying</a> patients that an unauthorized party gained access to its IT network in May, compromising patient information.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 28, 2023 at 10:50AM
.
TITLE:
California hospital resumes ambulance traffic 8 days after cyberattack
.
URL:
https://www.beckershospitalreview.com/cybersecurity/california-hospital-resumes-ambulance-traffic-8-days-after-cyberattack.html
.
<p>Tri-City Medical Center in Oceanside, Calif., has reinstated its EHR platform and resumed ambulance admissions after being hit by a cyberattack Nov. 9 that forced its systems offline, <a href="https://www.kpbs.org/news/local/2023/11/27/tri-city-medical-center-operating-near-normal-after-cybersecurity-attack" target="_blank" rel="noopener"><em>KPBS</em></a> reported Nov. 27. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 27, 2023 at 02:31PM
.
TITLE:
Thanksgiving outages at hospitals caused by ransomware
.
URL:
https://www.beckershospitalreview.com/cybersecurity/thanksgiving-outages-at-hospitals-caused-by-ransomware.html
.
<p>An outage that has affected hospitals in <a href="https://www.beckershospitalreview.com/cybersecurity/multiple-hospitals-report-it-disruptions-on-thanksgiving.html" target="_blank" rel="noopener">at least</a> four states across the South and Midwest is being <a href="https://www.businesswire.com/news/home/20231127719251/en/Ardent-Health-Services-Reports-Information-Technology-Security-Incident" target="_blank" rel="noopener">attributed</a> to a ransomware attack on Ardent Health Services, based in Nashville, Tenn.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 27, 2023 at 10:22AM
.
TITLE:
2 Hackensack hospitals hit by ransomware
.
URL:
https://www.beckershospitalreview.com/cybersecurity/2-hackensack-hospitals-hit-by-ransomware.html
.
<p>Ambulances and emergency vehicles are being redirected at Pascack Valley Medical Center in Westwood, N.J., and Mountainside Medical Center in Montclair, N.J., due to a ransomware attack, <a href="https://www.app.com/story/news/local/new-jersey/2023/11/27/new-jersey-hospitals-dealing-with-cyber-attack/71715306007/" target="_blank" rel="noopener"><em>WABC</em></a> reported Nov. 27.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 27, 2023 at 09:31AM
.
TITLE:
Multiple hospitals report IT disruptions on Thanksgiving
.
URL:
https://www.beckershospitalreview.com/cybersecurity/multiple-hospitals-report-it-disruptions-on-thanksgiving.html
.
<p>Hospitals in at least four states across the Midwest experienced disruptions Nov. 24 due to potential cybersecurity incidents, although there is no evidence officially linking the incidences.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 22, 2023 at 02:57PM
.
TITLE:
Pennsylvania hospital data breach affects 169,000
.
URL:
https://www.beckershospitalreview.com/cybersecurity/pennsylvania-hospital-data-breach-affects-169-000.html
.
<p>Warren (Pa.) General Hospital <a href="https://www.wgh.org/data">reported</a> a data breach affecting nearly 169,000 patients.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
🔒💡 Are you aware of how social engineers manipulate our psychology to trick us? 🧠
Dive into our latest article to unravel the secrets behind these scams! Learn the psychological tactics used by scammers and discover how to protect yourself and your loved ones.
Don't let scammers outsmart you - gain the knowledge to stay one step ahead! 🕵️♂️🔐 #CyberSecurity #SocialEngineering
https://protectprivacy.eu/privacy/psychology-of-social-engineering/
Not too many deliveries make me jump off my chair, but this one certainly did! My new book arrived and I just can't wait to delve into its 1000+ pages...
We get to the core of how social engineering works (and how to thwart this threat) by getting to the core of human psychology and behavior. We have to understand the intricacies before we recommend the solutions.
Learning & development have to be are an ongoing process, but quite frankly...I deeply enjoy that part.
#opsmanual #behaviorops #socialengineering #psychology #behavioralscience #humanfirewall
https://ontocritic.org/blog/archives/2821
Обречённые социальные инженеры и неграмотные социальные профессионалы
Пока дописываю, финиш близок.
#онтокритика #ontocritic #социальнаяинженерия #инженерия #socialengineering #engineering
Health IT Security Robot
.
DATE:
November 22, 2023 at 12:44PM
.
TITLE:
Northwell CISO optimistic about New York's cyber crackdown
.
URL:
https://www.beckershospitalreview.com/cybersecurity/northwell-ciso-optimistic-about-new-yorks-cyber-crackdown.html
.
<p>New York is putting forth a series of fresh cybersecurity regulations aimed at the state's hospitals, a move that New Hyde Park, N.Y.-based Northwell Health's chief information security officer says is a positive step signaling recognition that additional efforts are essential to safeguard hospitals from cybersecurity threats.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 20, 2023 at 04:58PM
.
TITLE:
Northwell faces lawsuit over data breach affecting 3.9 million people
.
URL:
https://www.beckershospitalreview.com/cybersecurity/northwell-faces-lawsuit-over-data-breach-affecting-3-9-million-people.html
.
<p>New Hyde Park, N.Y.-based Northwell Health is facing a lawsuit for a data breach that affected 3.9 million people, <a href="https://www.law360.com/health/articles/1767942/ny-health-system-accused-of-exposing-3-9m-patients-data" target="_blank" rel="noopener"><em>Law360</em></a> reported Nov. 17. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
CrowdStrike Extends AI Approach to Cybersecurity to SMBs – Source: securityboulevard.com https://ciso2ciso.com/crowdstrike-extends-ai-approach-to-cybersecurity-to-smbs-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #Analytics&Intelligence #ApplicationSecurity #ThreatIntelligence #CyberSecurityNews #SecurityBoulevard #socialengineering #IncidentResponse #Threats&Breaches #vulnerabilities #CloudSecurity #Cybersecurity #datasecurity #GenerativeAI #CrowdStrike
Very fun weekend read for the #InfoSec crowd: https://medium.com/nickvangilder/okta-for-red-teamers-perimeter-edition-c60cb8d53f23
Visa: AI Adds to the Cyberthreats Holiday Shoppers Will Face – Source: securityboulevard.com https://ciso2ciso.com/visa-ai-adds-to-the-cyberthreats-holiday-shoppers-will-face-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #IndustrySpotlight #SecurityAwareness #SecurityBoulevard #socialengineering #Identity&Access #NetworkSecurity #MobileSecurity #CloudSecurity #Cybersecurity #datasecurity #GenerativeAI #HolidayScams #DataPrivacy #Spotlight
Health IT Security Robot
.
DATE:
November 17, 2023 at 04:50PM
.
TITLE:
Homeland Security warns Indiana hospital of breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/homeland-security-warns-indiana-hospital-of-breach.html
.
<p>The U.S. Department of Homeland Security notified Washington, Ind.-based Daviess Community Hospital that it may have been the target of a breach after the organization found a security issue at the hospital during routine monitoring, the <a href="https://www.washtimesherald.com/news/dch-deals-with-data-breach/article_410707e6-849b-11ee-b668-3f6cbc8d6c54.html" target="_blank" rel="noopener"><em>Washington Times Herald</em></a> reported Nov. 16. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Why haven't you backed this project yet? https://www.kickstarter.com/projects/edmiro/social-engineering-book-project
Health IT Security Robot
.
DATE:
November 17, 2023 at 10:30AM
.
TITLE:
Former network security COO pleads guilty to hacking Georgia hospital
.
URL:
https://www.beckershospitalreview.com/cybersecurity/former-network-security-coo-pleads-guilty-to-hacking-georgia-hospital.html
.
<p>On Nov. 16, a cybersecurity contractor admitted guilt for unlawfully accessing the computer systems of Lawrenceville, Ga.-based Gwinnett Medical Center back in 2018, <a href="https://www.law360.com/corporate/articles/1767537/cybersecurity-contractor-cops-to-ga-hospital-hack" target="_blank" rel="noopener">Law360</a> reported.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Federal Bureau of Investigation (#FBI) and Cybersecurity and Infrastructure Security Agency (#CISA) have put out a joint advisory on #ScatteredSpider - a #cybercriminal group that targets large companies and their contracted information technology (IT) help desks. Scattered Spider threat actors, per trusted third parties, have typically engaged in data theft for extortion and have also been known to utilize BlackCat/ALPHV ransomware alongside their usual TTPs. This advisory covers all #TTPs and provides recommendations for mitigation.
Anyone in #criticalinfrastructure who uses external IT services (#MSP) should review this advisory and create awareness with your users to #BOLO this advanced attack vector.
This crew are masters of #SocialEngineering so watch yourselves. #StayCyberSafe #BeCyberSecure
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
Health IT Security Robot
.
DATE:
November 16, 2023 at 10:54AM
.
TITLE:
During hospital cyberattack, a note came out of every printer
.
URL:
https://www.beckershospitalreview.com/cybersecurity/during-hospital-cyberattack-a-note-came-out-of-every-printer.html
.
<p>A note started coming out of every printer during a cyberattack at Oceanside, Calif.-based Tri-City Medical Center, as employees raced to shut them off, the <a href="https://www.sandiegouniontribune.com/news/health/story/2023-11-15/tri-city-says-its-making-progress-on-cyber-attack-layoff-notices-sent" target="_blank" rel="noopener"><em>San Diego Union-Tribune</em></a> reported Nov. 15.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
#FBI and #CISA Advisory on "Scattered Spider" issued today:
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
pdf version:
https://www.cisa.gov/sites/default/files/2023-11/aa23-320a_scattered_spider.pdf
#ransom #phishing #SocialEngineering #databreach #infosec #cybersecurity
Vorsicht mit Mails von houseoftravel!
Wenn ihr eine Aufforderung per Mail bekommen habt, einen spf Eintrag zu erstellen, kommt dem nicht nach! Eigentlich versteht sich das von selber, aber die Admins von houseoftravel haben den DNS Record erstellt und dann die E-Mail an alle Kunden weitergeleitet 🤦♂️. Diese Admins benötigen eine Weiterbildung oder einen anderen Job 🤔
#socialengineering #houseoftravel #hacker #cyberwar #spf #spam #phishing
Health IT Security Robot
.
DATE:
November 15, 2023 at 05:09PM
.
TITLE:
Ohio hospital reports 3rd party data breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/ohio-hospital-reports-3rd-party-data-breach.html
.
<p>Salem (Ohio) Regional Medical Center is the latest hospital to confirm being affected by a data breach that occurred at Perry Johnson & Associates, a medical transcription service, local news outlet, <a href="https://www.wfmj.com/story/50006281/patients-at-salem-regional-being-notified-of-data-breach-involving-a-service-provider"><em>WFMJ</em></a> reported Nov. 15.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Interneppers ofwel cybercriminelen doen zich voor als iemand anders om je gegevens te stelen of om je op te lichten via mail, sms of WhatsApp. Hiervoor gebruiken ze vaak #socialengineering technieken.
Bij social engineering worden er wisselende trucs gebruikt. Door zich voor te doen als iemand anders en door handig in te spelen op persoonlijke situaties, krijgen #cybercriminelen het voor elkaar om je op het verkeerde been te zetten.
Meer informatie ⤵️
https://veiliginternetten.nl/campagnes/laat-je-niet-interneppen/
Health IT Security Robot
.
DATE:
November 13, 2023 at 05:53PM
.
TITLE:
Michigan hospital confirms cyberattack
.
URL:
https://www.beckershospitalreview.com/cybersecurity/michigan-hospital-confirms-cyberattack.html
.
<p>Gaylord, Mich.-based Otsego Memorial Hospital confirmed that it was the victim of a cyberattack in October, <a href="https://www.petoskeynews.com/story/news/healthcare/2023/11/13/otsego-memorial-hospital-computer-system-was-hacked-in-october/71569087007/" target="_blank" rel="noopener"><em>The Petoskey News-Review</em></a> reported Nov. 13.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 13, 2023 at 12:37PM
.
TITLE:
845,000 patients affected by Sutter Health vendor breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/845-000-patients-affected-by-sutter-health-vendor-breach.html
.
<p>The sensitive data of 845,000 Sacramento, Calif.-based Sutter Health patients was <a href="https://vitals.sutterhealth.org/sutter-health-vendor-reports-patient-information-incident/" target="_blank" rel="noopener">compromised</a> in a ransomware attack on its online contact-management vendor Welltok, a Virgin Pulse company. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 13, 2023 at 10:34AM
.
TITLE:
The financial cost of 4 healthcare cyberattacks
.
URL:
https://www.beckershospitalreview.com/cybersecurity/the-financial-cost-of-4-healthcare-cyberattacks.html
.
<p>As ransomware attacks cost the U.S. economy more than $77 billion, the network downtime and repair costs are leading to massive losses and even closures for healthcare companies in Vermont, Illinois and Massachusetts.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 13, 2023 at 07:05AM
.
TITLE:
New York to crack down on hospital cybersecurity
.
URL:
https://www.beckershospitalreview.com/cybersecurity/new-york-to-crack-down-on-hospital-cybersecurity.html
.
<p>New York is planning to tighten regulation of hospital cybersecurity practices, according to draft rules reviewed by <a href="https://www.wsj.com/articles/new-york-plans-cyber-rules-for-hospitals-06f58fae" target="_blank" rel="noopener"><em>The Wall Street Journal. </em></a></p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 10, 2023 at 05:47PM
.
TITLE:
4 hospitals targeted by cyberattacks
.
URL:
https://www.beckershospitalreview.com/cybersecurity/4-hospitals-targeted-by-cyberattacks.html
.
<p>As cyberattacks <a href="https://www.beckershospitalreview.com/cybersecurity/cyberattacks-top-list-of-risks-for-executives.html">climb</a> to the top of list of concerns for hospital executives, hospitals in California, Iowa, and New York have been dealing with the fallout of cyberattacks.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Health IT Security Robot
.
DATE:
November 10, 2023 at 04:53PM
.
TITLE:
15 common passwords for healthcare employees
.
URL:
https://www.beckershospitalreview.com/cybersecurity/15-common-passwords-for-healthcare-employees.html
.
<p>For the first half of 2023, there were 327 data <a href="https://www.beckershospitalreview.com/cybersecurity/327-healthcare-data-breaches-reported-so-far-in-2023.html" target="_blank" rel="noopener">breaches </a>in healthcare that affected more than 40 million patients, and cybersecurity will continue to be extremely important for hospitals and healthcare companies next year.</p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Deepfake Nudes – Can I Sue? – Source: securityboulevard.com https://ciso2ciso.com/deepfake-nudes-can-i-sue-source-securityboulevard-com/ #DeepFakeandOtherSocialEngineeringTactics #rssfeedpostgeneratorecho #Analytics&Intelligence #ArtificialIntelligence #ThreatIntelligence #CyberSecurityNews #SecurityBoulevard #socialengineering #Identity&Access #Risk&Compliance #Cybersecurity #datasecurity #DataPrivacy #Compliance #Governance #ethicalAI #Cyberlaw #deepfake #Malware #AI
Health IT Security Robot
.
DATE:
November 10, 2023 at 04:42PM
.
TITLE:
Social Security numbers compromised during McLaren breach
.
URL:
https://www.beckershospitalreview.com/cybersecurity/social-security-numbers-compromised-during-mclaren-breach.html
.
<p>Social Security numbers of some Grand Blanc, Mich.-based McLaren Health Care patients were <a href="https://www.mclaren.org/main/notification" target="_blank" rel="noopener">affected</a> by an August breach on its computer systems. </p>
.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Open Mastodon instance for all mental health workers: https://mastodon.clinicians-exchange.org
.
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
Google Cloud’s Cybersecurity Trends to Watch in 2024 Include Generative AI-Based Attacks – Source: www.techrepublic.com https://ciso2ciso.com/google-clouds-cybersecurity-trends-to-watch-in-2024-include-generative-ai-based-attacks-source-www-techrepublic-com/ #chroniclesecurityoperations #rssfeedpostgeneratorecho #ArtificialIntelligence #SecurityonTechRepublic #SecurityTechRepublic #CyberSecurityNews #socialengineering #Cyberespionage #CloudSecurity #Cybersecurity #International #GenerativeAI
🦸 It's a wrap on our 2023 #CyberSecMonth campaign #BecomeACyberHero!
In a month-long journey into #cybersecurity, the campaign aimed to inspire & educate end-users on topics as online #privacy, #phishing, #socialengineering, #ransomware.
Check the highlights 👉 https://connect.geant.org/2023/11/09/how-to-become-a-cyber-hero-a-review-of-the-geant-cybersecurity-month-2023-campaign
Thanks to all #NRENs & orgs. that contributed, and especially to the comms & security awareness professionals from NRENs that worked their magic to make our campaign happen 🙌
Beyond phishing links: What are other security awareness subjects employees need to know about? – Source: securityboulevard.com https://ciso2ciso.com/beyond-phishing-links-what-are-other-security-awareness-subjects-employees-need-to-know-about-source-securityboulevard-com/ #CyberSecurityAwarenessForum #rssfeedpostgeneratorecho #CreatingActiveAwareness #SecurityBloggersNetwork #CyberSecurityRisks #CyberSecurityNews #EmployeeAwareness #SecurityAwareness #SecurityBoulevard #socialengineering #CSAF
Microsoft Authenticator suppresses suspicious MFA notifications https://www.helpnetsecurity.com/2023/11/08/microsoft-authenticator-suspicious-notifications/ #socialengineering #accounthijacking #Don'tmiss #Microsoft #Hotstuff #News #MFA
...but uploading pictures from the interior areas was permitted? 🥲
Another reason why checking Google Reviews when conducting OSINT on a facility provides you with something almost every time.
#socialengineering #osint
Immer wenn ich richtig nette, überaus attraktive Menschen kennenlerne, vermute ich IMMER Social Engineering...
🤣
#socialengineering
Very interesting observation about social engineering in support/call centres:
https://youtube.com/shorts/VAWwtjtRM98
#SocialEngineering
Once you get past the fact this guy sounds like a Howard Stern knockoff, he seems to have a good point about social engineering: #SocialEngineering
This novel method came up the other day. Someone made a google photos album and is sharing it out to people. They may be the owner of that google account or it was made via a compromised account. Either case, they are appealing to the thirsty and hope you contact them further.
Less of these are trying to immediately get you to buy into something. They want details about you. They wanna match up information and after three different fake accounts chat with you, they may have enough information to sell to someone who will then pretend to be you and maybe steal your accounts or money or take out credit.
You can always tell these people because no matter what you say, they will try to keep talking to you. Something seemingly innocent like talking about your day will slowly reveal important details they can sell. And the people who they sell this too are trained to take from you. Social engineering sucks, but it's a job now that people with time and a need for money can do and in the end you are just a paycheck.
The latest AI predictions for 2024 from an industry expert – Source: www.cybertalk.org https://ciso2ciso.com/the-latest-ai-predictions-for-2024-from-an-industry-expert-source-www-cybertalk-org/ #rssfeedpostgeneratorecho #ArtificialIntelligence #Nationstatehacking #CyberSecurityNews #humanintelligence #socialengineering #cybersecurity #Cybersecurity #TRENDINGNOW #CyberTalk #hactivism #Phishing #ChatGPT #Malware #opinion #Bing #LLMs #AI #ML
Aujourd'hui à #ThrowbackThursday:
Présenté lors de la 7e édition, Lucky, du Hackfest en 2015, Shane MacDougall's "A SE journey through an IT Pro's social media profile" est LA conférence du moment à regarder (en anglais).
Si notre dernière compétition d'ingénierie sociale (lors du dernier Hackfest - Back to the Future edition) peut être un indicatif sur l'importance de ce sujet chaud (salle comble, et statistiques + que déprimante mais OH COMBIEN nécessaire sur le succès de récolter des données via l'ingénierie sociale), c'est bel et bien qu'il est important de former les employés d'entreprises à éviter de donner accès aux données sensibles de leur entreprise, sans compter d'éduquer les gens à se protéger contre des vols d'informations sur leur vie privée!
https://www.youtube.com/watch?v=WqdzDDpiSe8
=====
Today at #ThrowbackThursday #TBT:
Shane MacDougall's "A SE journey through an IT Pro's social media profile" presented at #Hackfest Lucky edition.
If our last social engineering competition (at Hackfest Back to the Future edition) can be a very good indicator of the state of things right now, this talk will give you good arguments on how to educate your employees and colleagues towards protecting ourselves against social engineering tactics. It still shows the very importance of data and assets protection in our companies and our private lives, and of educating people against social hacking of this sort!
https://www.youtube.com/watch?v=WqdzDDpiSe8
#hf7 #hackfest2015 #hackfest15 #hf15 #socialengineering #CyberSecurity #hacking #CyberSecurityAwareness
Microsoft published a new blog with an analysis of the TTPs of the Octo Tempest group (also known as 0ktapus or Scattered Spider), a financially motivated threat actor that relies heavily on #socialengineering for initial access.
This group is reportedly the one behind the Okta, MGM Resorts & Caesars this year, as well as the MailChimp & Twilio attacks last year.
"Octo Tempest commonly launches social engineering attacks targeting technical administrators, such as support and help desk personnel, who have permissions that could enable the threat actor to gain initial access to accounts. The threat actor performs research on the organization & identifies targets to effectively impersonate victims, mimicking idiolect on phone calls & understanding personal identifiable information to trick technical administrators into performing password resets & resetting MFA"
"Octo Tempest leverages tradecraft that many organizations don’t have in their typical threat models, such as SMS phishing, SIM swapping, and advanced social engineering techniques."
In reality, most organizations don't have a social engineering security protocol for most types of social engineering attacks beyond #phishing and *some* vishing attacks/tactics. There is a lot of work to be done...
The blog:
#cybersecurity #cybersecuritynews #threatintelligence #scatteredspider #threatactors #infosec
Hey, support Ed Miro's new #book project about #SocialEngineering on Kickstarter! (boost please and tell your friends that may be interested)
https://www.kickstarter.com/projects/edmiro/social-engineering-book-project
Voice scammers are getting smarter: how to set up your phone’s defenses.
#socialengineering #cybersecurity #smartphone #tech #infosec
Follow Finley and Amari's #Pretexting story https://europa.eu/!Fwh3rQ to check and follow our recommendations below to protect yourself from this #SocialEngineering attack - not just this #CyberSecMonth but all year round. #BeSmarterThanAHacker
Don’t fall into #Pretexting traps! This #CyberSecMonth, read our comic https://europa.eu/!xFVndN about how Finley uses this #SocialEngineering technique on Amari to steal their #personaldata. Find out the dos and don'ts to #BeSmarterThanAHacker
Last Call For Registrations!
In 2 weeks we will be meeting in Vienna for a deep dive into #SocialEngineering & #OSINT!
You can still join the 2-day training class "Practical Social Engineering & Open-source Intelligence for Security Teams" I will be delivering at this year's #DeepSec conference, in which you will...
🌐 Learn how attackers leverage OSINT to identify organizational vulnerabilities.
🎯 Understand the psychology and methodology behind social engineering attacks.
🔍 Acquire necessary skills & knowledge that will help you prevent and better simulate social engineering attack scenarios.
💼 Examine real-life case studies and attack methodologies.
📚 Build better protective measures, inform your security strategy, and learn to provide realistic insights to clients.
Date: 14 & 15 November 2023
Location: Vienna, Austria
⬇️ Course Content & Registration Details: https://deepsec.net/speaker.html#WSLOT626
I look forward to seeing you there!
#socialengineeringtraining #cybersecurity #opensourceintelligence #osinttraining #infosectraining #infosec #deepsec2023
It's European Cybersecurity Month!
This October is about #SocialEngineering - the tactics that cyber criminals use to get you to reveal your data.
While our #CyberAware team is educating Commission staff, the events are taking place across the EU 👉 https://cybersecuritymonth.eu
🚨The ENISA Threat Landscape Report 2023 was released today!
It includes the top threats, major trends observed with respect to threats, threat actors & attack techniques, impact and motivation analysis.
It also describes relevant mitigation measures.
The top 3 threats that were identified and analyzed were:
🔹 Ransomware
🔹 Malware
🔹 Social Engineering
The report is a very insightful resource, especially for those who seek to make informed decisions for their cybersecurity strategy the coming year.
#cybersecurity #threatlandscape #cybersecurityawareness #cybersecuritynews #socialengineering #infosec #informationsecurity #ransomware #malware #enisa
https://www.enisa.europa.eu/topics/cyber-threats/threats-and-trends
Beware of #Ransomware: #Cybercriminals may use #SocialEngineering techniques to trick you into downloading a malware to take control of your system and ask you for money to regain its access. #BeSmarterThanAHacker, check our factsheet https://europa.eu/!RFvyTp #ENISA
📚New Blog!
The 2nd part of my "Corporate #OSINT for #SocialEngineering" article is now published.
This blog focuses on the *physical perimeter* of an organization.
It discusses some of the OSINT techniques used in the planning and preparation of in-person, social engineering attacks.
As security professionals, the goal is to proactively follow the same process a threat actor would to identify information that exposes potential vulnerabilities in our organization’s physical perimeter, and to manage those vulnerabilities.
My hope is that you'll proactively test those resources.
Need more help in getting the full picture on the information that is available about the physical perimeter of your organization? Feel free to reach out!
#opensourceintelligence #physicalsecurity #cybersecurity #cybersecuritytraining #cybersecurityawareness #penetrationtesting #attacksimulation
We love preaching to citizens on #cybersecurity. 🕵️♀️
But we love even more to have our own house #CyberAware! 🔒
Today @EU_Commission staff went on a cyber journey – each completed lesson on #SocialEngineering and cybersecurity brought them a stamp in their Cyber Passport. 🛂
#Phishing is a #SocialEngineering attack aiming to trick you into downloading malware, giving your personal data or money. How can you protect yourself from phishing attempts? #BeSmarterThanAHacker, check our factsheet: https://europa.eu/!4QBFMN. @enisa_eu
#BeSmarterThanAHacker. Keeping your #PersonalData safe also means staying #CyberSafe. This #CyberSecMonth we raise awareness on #SocialEngineering techniques used by #cybercriminals. Let's start with our factsheet all about a hacker's behaviour: https://europa.eu/!nFFDcG @enisa_eu
European Cybersecurity Month focuses on #SocialEngineering.
What is that?
It's when cybercriminals try to manipulate us to breach our security defenses. They might
😱 get us scared
💰 thrilled about winning
👭 pretend to be our friends
Learn more 👉cybersecuritymonth.eu
Ein neuer Dienst will, dass du dir eine Fernzugriff-App installierst, damit dir alles direkt auf deinem Gerät eingerichtet werden kann? 🤔 Achtung! Das Erschleichen von Zugangsdaten und andere #SocialEngineering-Tricks unter:
https://epicenter.academy/digitale-kriminalitaet#Faktor_Mensch/
We've selected the best #offensivesecurity industry experts who will expose the harsh truth of cyber #threats, particularly those sparked by #socialengineering, that target all kinds of #enterprises. Register for this exclusive October 5th fireside chat over at our site ⬇
Unsere Experten-Schulungen der HiAcademy im Oktober:
👉 NEU: #SocialEngineering
👉 #SAP-Lizenzmanagement
👉 #Notfallplanung/#Notfallübungen
👉 #FirstResponse
👉 #IT-Grundschutz-Praktiker
👉 #IT-Grundschutz-Berater
Infos, Termine + Anmeldung ▶️ https://www.hisolutions.com/security-consulting/academy
@volexity's #theatintel team works with some of the most targeted groups in the world. Today, at the LABScon conference, we are sharing details of a long-running campaign by EvilBamboo. We have also just published details on our blog: https://www.volexity.com/blog/2023/09/22/evilbamboo-targets-mobile-devices-in-multi-year-campaign/.
Our analysis has uncovered evidence of the attacker building online communities on various social media & messaging platforms, creating fake personas on social media sites, and using other #socialengineering techniques in order to distribute #Android malware, including #BADBAZAAR. Additionally, there is strong evidence of #iOS device targeting and likely exploitation using IRONSQUIRREL.
Interested in #hacking, #socialengineering, #pentesting, #malware #development, #training and #helping people, #network #protocols, #ARM, good #food, and new #friends.
Also #retrogaming and #retrocomputing; #coding in #Rust, and #Perl, and guess that's about it these days but I can #code in 20+ languages; #TTRPGs as a DM/Storyteller/GM such as #DnD, #OSR, and #VtM ; #cooking; making #art like #painting and #watercolor; fan of tinkering with #NetBSD; daily driver is #macOS; #horror and #scifi movies; and likely other things I'm forgetting.
Restarted learning #CommonLisp, too.
Fan of the #GratefulDead, #Phish, and #Goose.
New fan of #SolarPunk, #VisibleMending, #Upcyling. Also love #plants and #succulents in particular. I think the desert is a beautiful environment.
So some of you might remember this post (and the subsequent demonstration on national news) of using a voice cloning tool (AI, Audio Deep Fake) by @racheltobac
Link to post: https://infosec.exchange/@racheltobac/110963070495263373
(If you haven't seen it, go watch it. Rachel is amazing.)
I'd never needed to do a similar attack before, but! I was just tasked yesterday with researching it.
Asked some friends for a turn-key solution to clone voices. Got pointed to a website. Signed up for $1 a month (first month... then it goes to $5 a month thereafter).
Pulled some audio of my target's voice down from a youtube interview (a podcast works great too).
Only needed a minute's worth of audio.
Uploaded it to the website for cloning.
Typed out a quick script for the voice to read.
30 seconds later, I had my cloned audio.
It was so good, that it even included natural voice inflections AND!!! verbal pauses like umm's and uhh's that matched the target's original presentation. I can't tell the difference between the cloned voice and the original person.
Y'all... voice cloning and audio deep fakes are well past the ease of "script-kiddy" level. Anyone can do it.
#infosec #hacking #socialEngineering #scams #deepfake #AI #phishing #vishing
Nice surprise to find that Engadget posted a story about social engineering attacks today, referencing the lessons learned in the investigation of the "image spam" attack that made up part of my #Defcon presentation. These kinds of attacks can be incredibly devastating (as evidenced by #MGM) and very hard to discern.
These are pretty complicated investigations and, in my opinion, it would be nice to have people in elected office who are capable of tearing apart things like this to get to the root cause.
https://www.engadget.com/how-social-engineering-takes-advantage-of-your-kindness-170043531.html
#malware #socialengineering #spam #BVSD #SchoolBoard #Boulder
ICYMI: I interviewed the hacker known as "USDoD" who was responsible for the InfraGard incident last year, as well as the recent Airbus and TransUnion breaches. He tells me he's been busy targeting NATO, Europol, CEPOL, and Interpol. He's an ambitious hacker and is really going after U.S. military intelligence in his own way and for his own endgame purposes.
Why does he tell us his targets? For the challenge -- he wants to beat his targets when they know he's coming.
Read what he told me in “I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker 'USDoD' Unveils His New Campaigns:"
On a positive note, it appears that NATO detected him when he attempted to gain access to an internal area; part of their site has now been "under maintenance" for days.
How serious a threat is he really? I can't judge that -- maybe you can.
#NatSec #cybersecurity #intel #socialengineering #hacker #databreach #defense #USDoD #InfraGard #InfoSec
It appears that the ALPHV ransomware group is behind MGM Resorts' cyberattack on Monday. The way they reportedly gained initial access is by looking into the MGM employees on LinkedIn, picking one, and then calling the Help Desk.
The ALPHV group is said to be "extremely skilled at social engineering".
Yet finding information on an organization's employees on LinkedIn & and then using it in a vishing attack, often impersonating that individual, is a frequent and rather standard practice in #vishing attacks.
I have seen first-hand that there is a need to improve in a few areas:
🔹 Few organizations are prepared to handle phone-based social engineering. Most companies focus almost entirely on #phishing attack simulations.
That allows blind spots and a lack of processes/preparedness in too many other areas like vishing, social media and SMS-based attacks among other things.
🔹 Having a proper identity verification process in place and training your employees to stick with it often mitigates a lot of vishing/impersonation attacks.
Yet in most cases, there is either a lack of verification process or the employees are not aware of it (they sometimes get trained on it once during onboarding, and then forget all about it).
🔹 Understanding that social engineering is not limited to email attacks. It is a serious threat, and it requires working on a comprehensive social engineering prevention protocol.
We are still waiting for more information on the exact methodology. But it won't be the last time we hear of a similar attack scenario.
News Reporting:
https://cybernews.com/security/mgm-cyberattack-claimed-alphv-blackcat-ransomware-group/
#socialengineering #cybersecuritytraining #cybersecurity #cyberattack #cybernews #infosec #infosectraining #ransomeware
1Password recovery process: A reddit comment from a 1Password security team member about the security of their special process to get access to an account via recovery
https://www.reddit.com/r/1Password/comments/see0y1/comment/hujsf4k/?context=3
#socialengineering #1password #security #password #2fa #+
@admin1 Last year, it would have been easy for me: Sneakers (1993) because it covers #hacking and #SocialEngineering very well.
This year is tougher. I will have to ponder this.
One of my favorite personal blog posts is my writeup of a #SocialEngineering conference I attended on a lark in 2019, back when I lived in Providence: https://fogknife.com/2019-06-19-report-on-attending-layer-8-conference-as-an-outsider.html
It came to mind earlier today when a met a fellow technical writer who specializes in #security. I got to show off my knowledge of what a "rubber ducky" is, in that specific context!
@threatresearch is previewing his talk on weird tales of #socialengineering and #malware at the #Sophos booth at #blackhat (#2132) today and Thursday, and then you can catch the full talk at the main DEF CON event.
Folks attending #blackhat tomorrow and Thursday can see a short preview version of my Defcon @SophosXOps talk at the #Sophos Booth #2132 at 3:30pm. Come for the George Clooney reaction GIFs, stay for the weird wild stories about #socialengineering and #malware
My latest book, Social Engineering (written with Sean Lawson) is now freely available in the Internet Archive, thanks to @textfiles
https://archive.org/details/mit_press_book_9780262368926/mode/2up
It's so wild seeing my book there. We relied heavily on the Internet Archive to do the research for the book. And we relied heavily on Jason Scott's http://textfiles.com/ for old BBS posts about phone phreaking.
We are thrilled to welcome Chris Kirsch to the Bishop Fox #DEFCON livestream happening Aug. 11! The CEO of @runZeroInc. Chris is an #OSINT and #socialengineering expert, having won the Black Badge for the Social Engineering CTF competition at #DEFCON. Catch his segment at 1:25 PM PT on #BFLive!
Real human here. The purpose of this bot is to educate, not annoy people. So I'm doing a poll. What option below would be best?
Thanks,
Michael
~~
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords #infosec @infosec #telehealth #netneutrality #socialengineering
: “Getting into the context of a particular #cyberattack is not as effective as getting into the mind of the attacker. Our expanded team and #testing options provide the most comprehensive view of how attackers view your employees and truly assess your vulnerability.” – Senior Security Consultant @alethe on the enhanced Bishop Fox #SocialEngineering testing service, a crucial part of our #RedTeam offering. Read about what sets our program apart in our announcement. #RedTeaming #offensivesecurity
Siderea,
Exactly.
Google Analytics is now a topic of conversation on the Baltimore Therapist listserv.
Your point about classism is well taken.
QUESTION: Am I correct in assuming that Google Analytics is likely to be harvesting client-side data and storing it? Asking for an educated guess as we might not know...
For the less-than-tech-saavy medical professionals and therapists in the room -- what log analyzers might they ask for when they speak to their marketing and IT teams about this issue?
Thanks,
Michael
@siderea @infosec @psychotherapist @psychotherapists @psychology @socialpsych @socialwork @psychiatry
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords #infosec @infosec #telehealth #netneutrality #socialengineering #marketing #seo #therapy
#psychology #counseling #socialwork #psychotherapy #mentalhealth #psychiatry #healthcare
My interpretation of this article is that hospitals, clinics, insurance companies, etc. need to get links and repost icons for Facebook, Twitter, etc. OFF their websites. If you work for a big institution -- talk to your marketing team as they are used to doing this routinely. If you are a small provider, look at your website -- especially if you created it years ago back when no one thought of the problems and you just wanted some traffic.
~~~~~~~~
TITLE: FTC, HHS warn health providers not to use tracking tech in websites, apps
The Federal Trade Commission (FTC) and Department of Health and Human Services (HHS) sent a joint letter to about 130 hospital systems and telehealth providers Thursday, warning of security risks posed by tracking technologies such as the Meta/Facebook Pixel and Google Analytics.
https://therecord.media/apps-website-tracking-healthcare-ftc-hhs-warning
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords #infosec @infosec #telehealth #netneutrality #socialengineering #marketing #seo #therapy
#psychology #counseling #socialwork #psychotherapy @psychotherapist @psychotherapists @psychology @socialpsych @socialwork @psychiatry
@infosec #mentalhealth #psychiatry #healthcare
Die neue Podcast Folge ist raus. Ich spreche mit @evawolfangel über ihr spannendes Buch „Nur ein falscher Click“. Wir reden über #cyberkriminalitat, staatliches Hacking, #socialengineering, #zerotrust und mehr. Das Buch ist hervorragend und liest sich wie ein Krimi. Unbedingte Empfehlung! https://percepticon.de/landing-page/
Regarding Kevin #Mitnick, I spent a great deal of time studying his career for my book on #SocialEngineering. You can read the resulting chapter for free here:
Mor #KevinMitnick, el #hacker més famós del món i la icona d'una generació
Zum Ablauf des Scams, um ihn vielleicht in Zukunft bei anderen zu verhindern:
Eine Webseiten hat den Computer "aus Sicherheitsgründen" gesperrt. Und man wird aufgefordert eine deutsche Microsoft Support Hotline anzurufen
(Ich vermute dass das "nur" eine Webseite in Vollbild Modus war)
Der Support schaltet sich dann remote auf den Gerät auf (weiß nicht was sie da benutzt haben) und "repariert" das Problem.
Zur Freischaltung muss man aber Geld per Xbox Gutscheinen übermitteln (hier 400€)
Diese Übermittlung gibt dann erst Mal "schief" und man sollte es mit neuen Gutscheinen noch Mal probieren. Das Geld von den ersten Gutscheinen könnte man dann zurückfordern.
(Tipps wie (ob) man Xbox Gutscheine sperren kann sind willkommen)
Hier wurde der Betrug erkannt und kein weiteres Geld übermittelt. Der PC wurde dann wieder "freigegeben".
Der Rechner ist von Netz getrennt und aus. Technische Details weiß ich erst in den nächsten Tagen, wenn ich mit den Rechner angeschaut habe. Durch den remote Zugang können natürlich Daten gestohlen oder Schadenssoftware installiert worden sein
AI deepfakes are going to be the worst social engineering attacks in history probably https://news.yahoo.com/trust-ears-ai-voice-scams-012041873.html?guccounter=1 #ai #deepfakes #socialengineering
"Se ragazzi e ragazze nuotano nudi quando sono molto giovani, non avrai guardoni dietro la porta. Non puoi vendere foto di ragazze nude se i bambini sono cresciuti in questo modo"
~ Jacque Fresco (Social Engineer)
Ihr könntet jetzt natürlich spotten, dass ich mein Trauma, auf eine Phishing-E-Mail reingefallen zu sein, in einem Radiobeitrag verarbeite. Tatsächlich kam diese E-Mail aber mitten in der Recherche. Ich war also höchst "aware", wie die Branche der Awarenesstrainings sagt, und ich recherchiere seit Jahren über Cybersecurity.
Und trotzdem bin ich reingefallen. Glücklicherweise war es eine Test-Phishing-Email - was weitere Fragen und Probleme aufwirft:
(1/3)
(Periodic) hello #academics👋, a short #introduction. More info ➡️ https://lallodi.github.io
I am faculty at TU Eindhoven in NL 🇳🇱. I am interested in studying emergent #cyberthreats and attack innovation (from #malware to #socialEngineering), and how to integrate this into our defenses. I am the scientific director of the ESH-Security Operation Center (our own @TUEindhoven commercial #SOC, https://www.eindhovensecurityhub.nl supporting ed. & res.).
Looking forward to meeting you all! 🍻
Pirate Bing is quite a good social engineer - telling me all the time that this link is harmless :)
Ich brauche mal wieder eure Hilfe: Für ein Radio-Feature über Social Engineering suche ich
a) Wokshops, in denen Menschen live zum Thema geschult werden (also keine Videos/Online-Kurse)
b) Schulungen für #SocialEngineering Pentester:innen: Hier gibt es unter anderem auch Wettkämpfe - jedenfalls in den USA. Gibts das auch hier?
Mir geht es um O-Töne für meinen Beitrag - am liebsten würde ich an der ein oder anderen Schulung selbst teilnehmen, gerne auch an einem Wettbewerb.
Heute habe ich gelernt, dass #KI-Systeme wie #ChatGPT oder #Bing offenbar auch nicht vor #SocialEngineering-Attacken geschützt sind.
Das Ganze nennt sich "Prompt Injection Attack" und führt dazu, dass die Systeme ihre Grundkonfiguration herausgeben, wie sie sich zu verhalten haben.
Im Artikel ist eine Bilderstrecke: In der Praxis wirkt das überraschend plump.
I find it hard for my colleagues to understand #socialengineering so I was just looking at how Wikipedia explains it, and I found this fascinating entry on #SusanHeadley, who I hadn't heard of before.
"Susan Headley was an American hacker active during the late 1970s and early 1980s widely respected for her expertise in social engineering, pretexting, and psychological subversion. She was known for her specialty in breaking into military computer systems, which often involved going to bed with military personnel and going through their clothes for usernames and passwords while they slept. She became heavily involved in phreaking with Kevin Mitnick and Lewis de Payne in Los Angeles, but later framed them for erasing the system files at US Leasing after a falling out, leading to Mitnick's first conviction. She retired to professional poker."
https://en.wikipedia.org/wiki/Social_engineering_(security)#Notable_social_engineers
- [...] in practice?
- [...] as specific as possible would be great
- [...] xor: ???
Ok, be honest,
this poll was exclusively designed to identify all
the crappy ransomware bros within your fellowship !?
Mailchimp slips up again, suffers security breach after falling on social engineering banana skin https://grahamcluley.com/mailchimp-slips-up-again-suffers-security-breach-after-falling-on-social-engineering-banana-skin/ #SocialEngineering #databreach #MailChimp #Dataloss #Phishing #phishing
Mailchimp slips up again, suffers security breach after falling on social engineering banana skin.
@funnymonkey "Smart" sells — & may open backdoors to your privacy, getting you connected more than you may wish for.
#Privacy #SocialEngineering #DataSafety #Spyware #UserProfiling
#vim #linux #privacy #infosec #osint #socialengineering #blogging #writing #100DaysToOffload #pkm #zettelkasten #secondbrain #shell #terminal #photography
I'm probably missing some... I'll edit that post later
@cspam@mastodon.cloud I've yet to understand why this term was astroturfed like this. From everything I've heard, Quiet Quitting originated from employer backed studies of employee behaviours. Studies that showed that employees exhibit a measurable change in behaviour in the weeks prior to handing in their notice.
This change in behaviour -- things like showing up late, leaving early, rescheduling meetings, reduced engagement in meetings, and reduced output -- was the Quiet Quit. It signaled that the employee had already decided to resign (i.e. had begun job hunting, or were in the process of interviewing for a new role), they just hadn't gotten around to doing so (which would be the Loud Quit).
Like, this wasn't a term plucked from the working class and twisted in an act of social engineering. This was floating around the capitalist back rooms, and surfaced to the rest of us with a new meaning, for reasons I can't quite grok. Like, is it just because the term had "quitting" in it, so they thought they could liken doing your damn job with quitting your damn job, and trick people in to sticking around longer? Couldn't they have come up with a better phrase for that? #Workers #Jobs #QuietQuitting #SocialEngineering
@thelinuxEXP i definitely understand your Point because once I had the same Thought about leaving Something behind completely. 😉
The worst Case, someone gets to your Account on #Twitter by #SocialEngineering and then really do damage to it.
But, that Threat can occur everywhere by some #Imposter, even with an owned Domain.
You are not more save or not if you keep the Account alive in hibernation. It's just another way of keeping a backdoor. 😏