Adam Levin

MAY 7, 2020

The online credentials for 68% of pharmaceutical executives analyzed for a study have been compromised recently. The study, conducted by cybersecurity firm Blackcloak, found that the email accounts of over two-thirds of pharmaceutical executives had been compromised within the last five to ten years.

Healthcare 52

Healthcare Passwords Cybersecurity Data breaches 52

Security Affairs

DECEMBER 25, 2020

The attacks aimed at a Ministry of Health and a pharmaceutical company involved in the development of the COVID-19 vaccine. The systems at the pharmaceutical company were targeted with the BookCode malware, while in the attack against a Ministry of Health the APT group used the wAgent malware. . ” continues Kaspersky.

Healthcare 124

Healthcare Phishing Passwords Ransomware 124

Security Affairs

JUNE 17, 2021

This week WebsitePlanet along with the researcher Jeremiah Fowler discovered an unsecured database, belonging to the US healthcare and pharmaceutical giant CVS Health, that was exposed online. The database was accessible to everyone without any type of authentication.

Search queries 134

Search queries Healthcare Archiving Authentication 134

eSecurity Planet

JUNE 30, 2023

The group has targeted pharmaceutical companies and other healthcare institutions during the COVID-19 pandemic. Password Policies: Enforce NIST password policy requirements, such as lengthier passwords and the use of password managers.

Ransomware 104

Ransomware Passwords Cybersecurity Healthcare 104

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. If these services are required, use strong passwords or Active Directory authentication.

Healthcare 107

Healthcare Passwords Government Systems administration 107

Security Affairs

NOVEMBER 13, 2020

“The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. Strontium hackers launched password spraying and brute-force attacks to break into victim accounts and steal sensitive information. ” reads the post published by Microsoft.

Healthcare 109

Healthcare Phishing Government Passwords 109

Security Affairs

SEPTEMBER 16, 2023

Iran-linked Peach Sandstorm APT is behind password spray attacks against thousands of organizations globally between February and July 2023. Microsoft researchers observed a series of password spray attacks conducted by Iran nation-state actors as part of a campaign named Peach Sandstorm (aka Holmium , APT33 , Elfin , and Magic Hound ).

Passwords 105

Passwords Healthcare Authentication Access 105

Security Affairs

OCTOBER 3, 2020

The attackers primarily ran malicious ad campaigns, often in the form of advertising pharmaceutical pills and spam with fake celebrity endorsements.” Cookies are more valuable than passwords because they contain session tokens, which are post-authentication tokens.

Healthcare 108

Healthcare Paper Authentication Metadata 108

IT Governance

DECEMBER 1, 2020

million) Phil i ppines COVID-19 track and trace app leaks citizens’ data (unknown) Contractor mistakenly removed data from Hong Kong’s Queen Mary Hospital (442) Cloud Clusters Inc.

Data breaches 137

Data breaches Ransomware e-Discovery Personal data 137

The Last Watchdog

APRIL 29, 2019

They went back in, recovered the system again, but this time changed the passwords for every privileged account in the AD. pharmaceutical giant Merck; the crippling of its AD tool resulted in suffering drug shortages and losing hundreds of millions of dollars ( latest estimation is 870 million ). Another company that got hit was U.S.

Ransomware 208

Ransomware Healthcare Paper Access 208

Security Affairs

MAY 22, 2020

The APT group targeted organizations in various industries, including the aviation, gaming, pharmaceuticals, technology, telecoms, and software development industries. The first stage of the PipeMon backdoor consists of a password-protected RARSFX executable embedded in the.rsrc section of its launcher. A malicious DLL?

Healthcare 105

Healthcare Encryption Passwords IT 105

AIIM

APRIL 6, 2021

The tick box that is generally used to indicate approval, while relying on the login password for authentication, does not support the need to apply an authorized signature. This process highlights the need for SharePoint users to have a more rigorous signature mechanism.

Paper 117

Paper Healthcare Authentication Passwords 117

IT Governance

SEPTEMBER 1, 2020

Cyber attacks. million) CO-based Mental Health Partners says an employee’s account was hacked (unknown) Sumitomo Forestry Co., Hitachi Chemical Co. Data breaches.

Data breaches 122

Data breaches Ransomware Insurance Manufacturing 122

The Last Watchdog

OCTOBER 8, 2018

Damage to a nation’s critical infrastructure networks, including pharmaceutical companies, logistics firms, food production, energy or petrochemical plants can impose massive environmental, financial and psychological damage. Russia, North Korea and Iran have employed sophisticated, well-trained soldiers on these frontlines in recent times.

Military 147

Military Healthcare Phishing Security 147

Security Affairs

DECEMBER 25, 2023

. — Microsoft Threat Intelligence (@MsftSecIntel) December 21, 2023 In September 2023, Microsoft researchers observed a series of password spray attacks conducted by Iran nation-state actors as part of a campaign named Peach Sandstorm. The campaign targeted thousands of organizations worldwide between February and July 2023.

Healthcare 126

Healthcare Passwords Authentication Access 126

Security Affairs

APRIL 7, 2020

According to experts from Group-IB, Russian-speaking threat actors targeted at least two companies in Western Europe in the pharmaceutical and manufacturing industries. PeterM from Sophos confirmed that he is aware of a US health care provider that was hit with the Ryuk ransomware a couple of weeks ago.

Ransomware 78

Ransomware Healthcare Manufacturing Passwords 78

IT Governance

DECEMBER 27, 2019

The site’s security team suspected that users were being targeted in a credential-stuffing attack; this is where cyber criminals use a list of stolen usernames and passwords en masse to break into an account. Worse, they changed the email address associated with the account, preventing them from resetting their password.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

IT Governance

MAY 2, 2023

More worryingly, the same database contained usernames, email addresses and encrypted passwords. The crooks were able to download nightly backups of the complete database, which contained all public forum posts, team forum posts and direct messages.

Data breaches 105

Data breaches Ransomware Personal data Access 105

Schneier on Security

OCTOBER 12, 2018

California just enacted an Internet of Things security law that prohibits default passwords. Cars, airplanes, pharmaceuticals, consumer goods, food, medical devices, workplaces, restaurants, and, most recently, financial products -- all needed government regulation in order to become safe and secure.

Security 90

Security Government Marketing Manufacturing 90

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. But this is easier said than done.

Insurance 90

Insurance Government Cybersecurity Risk 90

Krebs on Security

DECEMBER 14, 2023

Even if one managed to steal (or guess) a user’s DirectConnection password, the login page could not be reached unless the visitor also possessed a special browser certificate that the forum administrator gave only to approved members. A screen shot of the org chart from ChronoPay’s MegaPlan Intranet system.

Computer and Electronics 218

Computer and Electronics Marketing Sales Healthcare 218

IT Governance

MARCH 11, 2024

According to a listing on a popular hacking forum, the database includes customers’ names, email addresses, hashed passwords, and more. The claim is yet to be verified. Data breached: 36 million records.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

ForAllSecure

NOVEMBER 18, 2021

A lot of times we depend on usernames and passwords, but those really aren’t enough. If you just use username and passwords-- well that’s easily imitated. Multifactor a what's, what's your email, what's your password. Such as their MAC address, their IP address, their geolocation. If it's continuous authentication.

Authentication 52

Authentication Passwords Artificial Intelligence IT 52

IT Governance

MARCH 5, 2024

Affected information includes users’ names, email addresses, IP addresses and encrypted passwords. Samip Aryal described the vulnerability as a “rate-limiting issue in a specific endpoint of Facebook’s password reset flow that could’ve allowed the takeover of any Facebook account by bruteforcing a particular type of nonce”.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 23, 2024

The leaked information allegedly includes customers’ names, dates of birth, email addresses, passwords and phone numbers. Data breached: 10,870,524 lines. Publicly disclosed data breaches and cyber attacks: full list This week, we’ve found 130,036,285 records known to be compromised, and 116 organisations suffering a newly disclosed incident.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

ForAllSecure

APRIL 26, 2022

Then from there we go to a we're brute forcing username passwords or credentials. Building Automation controllers from you know the leading manufacturers at your hospital than you do in your skyscraper or your pharmaceutical plant. So your pharmaceutical plants have clean rooms. We're gonna look at post post exploitation tools.

Energy and Utilities 52

Energy and Utilities Manufacturing Risk IT 52

IT Governance

JANUARY 30, 2020

Royal Yachting Association tells members to reset passwords after intrusion (unknown). University of Ottawa says password-protected laptop was stolen from campus (188). Hacker leaks database of passwords for home routers and smart devices (515,000). In the meantime, you can check out the full list here: Cyber attacks.

Data breaches 145

Data breaches Personal data Ransomware Phishing 145