Indian Pharmaceutical Company Investigates Security Incident

Data Breach Today

Reddy's Laboratories Says Plants in Four Countries Affected Dr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's testing a COVID-19 vaccine, says it isolated its data center services Thursday following what it calls a "detected cyberattack

IAM's Role in the Pharmaceutical Sector

Data Breach Today

Sandy Dalal of Allergan on Achieving Security Stability Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how identity and access management, along with zero trust, are bringing security stability

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ TB of confidential data

Security Affairs

The CyberNews investigation team discovered French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ An archive of 25,000+ partner and client organizations, such as pharmaceutical laboratories and pharmacies, serviced by the Apodis Pharma distribution platform.

Pharmaceutical companies exploited by phishing scam targeting job seekers

IT Governance

Earlier this month, two major pharmaceutical giants issued warnings about phishing emails targeting job hunters. The post Pharmaceutical companies exploited by phishing scam targeting job seekers appeared first on IT Governance Blog. Cyber Security phishingGlaxoSmithKline and AstraZeneca say they are victims of recruitment scams, in which crooks create fake job adverts to obtain people’s personal and financial details.

ThreatList: Pharma Mobile Phishing Attacks Turn to Malware

Threatpost

After the breakout of the COVID-19 pandemic, mobile phishing attacks targeting pharmaceutical companies have shifted their focus from credential theft to malware delivery.

Healthcare Supply Chain Security: Updated Guidance

Data Breach Today

With the escalation of cyberattacks on the healthcare sector during the COVID-19 pandemic, supply chain partners need to strengthen their security controls and defenses, say Vishwas Gadgil of pharmaceutical firm Merck and Ed Gaudet of the consultancy Censinet.

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

Threatpost

Breach Cloud Security Privacy advil call transcripts cancer drugs chantix Customer Data Customer Records data breach data leak drug company exposure google cloud lyrica misconfiguration open database patient information Pfizer pharmaceuticals premarin prescriptions Viagra vpnMentor

Pharmaceutical Company to Plead Guilty and Settle Drug Marketing Charges

Hunton Privacy

Recently, Aegerion Pharmaceuticals announced that it will enter into several settlements and plead guilty to two misdemeanors in connection with alleged violations of HIPAA, drug marketing regulations and securities laws. Aegerion will also pay $40 million to settle claims by the Department of Justice and Securities and Exchange Commission, and enter into a deferred prosecution agreement related to alleged violations of HIPAA.

Alert: APT Groups Targeting COVID-19 Researchers

Data Breach Today

are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data. Security experts outline defensive steps that organizations can take

Safeguarding COVID-19 Research, Other Intellectual Property

Data Breach Today

As cyberthreats to medical research on COVID-19 - and other intellectual property - grow, organzations must take critical steps to prevent the theft of their "innovation capital," says Russell Koste, chief security officer of Alexion Pharmaceuticals

Security Affairs newsletter Round 292

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 292 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

Business Process Modeling Use Cases and Definition

erwin

The visualization process can aid in an organization’s ability to understand the security risks associated with a particular process. This also extends to industry-specific other compliance mandates such as those in healthcare, pharmaceutical and the financial services industries. What is business process modeling (BPM)? A visual representation of what your business does and how it does it. Why is having this picture important?

The hidden threats facing your intellectual property

IT Governance

For life sciences and pharmaceutical companies, this includes data on the development and testing of new therapies and details of how therapies are manufactured. Most healthcare providers in the UK are required to comply with the NIS Regulations (The Network and Information Systems Regulations 2018) , which transposed the NIS Directive (Directive on security of network and information systems) into UK law in May 2018.

Google Yanks 106 ‘Malicious’ Chrome Extensions

Threatpost

Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations.

Maintaining Regulatory-Compliant Cloud Solutions

Perficient Data & Analytics

But there are also several risks to consider, including physical and technical security, privacy and confidentiality, technical support, enhancements, application uptime/availability, vendor stability, and data mobility – the ability to extract data from the system.

Cloud 45

What’s new in OpenText Life Sciences Smart View 20.4

OpenText Information Management

With the shift to remote work environments, Life Sciences organizations need a way to provide their workers with secure and compliant access to highly regulated content that is stored on-premises.

Key Takeaways About Compliant IT Systems In The Cloud

Perficient Data & Analytics

Key topics include: Physical security. Data security, privacy, and confidentiality. Cloud Data & Analytics Digital Transformation Integration & IT Modernization Life Sciences Operations Regulatory Compliance Strategy 21 CFR Part 11 clinical cloud compliance Data hosting IaaS medical device PaaS pharmaceutical Regulatory SaaS Software Systems technologyThis is the final post in our series on maintaining regulatory-compliant IT systems in the cloud.

Cloud 40

How To Qualify Cloud Vendors

Perficient Data & Analytics

Because the ultimate responsibility for regulatory compliance lies with you – the pharmaceutical or medical device company – you need to be much more proactive and critical. When qualifying a cloud vendor, be sure to evaluate their written procedures and the documented evidence that they follow their procedures in the following key areas: Security of the physical space, which houses the servers that host IaaS, PaaS, and/or SaaS products, even if that space is in a third-party data center.

Cloud 40

Q&A: The drivers behind the stark rise — and security implications — of ‘memory attacks’

The Last Watchdog

Related: Memory hacking becomes a go-to tactic These attacks are referred to in the security community as “fileless attacks” or “memory attacks.” I had the chance at RSA 2019 to discuss memory hacking with Willy Leichter, vice president of marketing, and Shauntinez Jakab, director of product marketing, at Virsec , a San Jose-based supplier of advanced application security and memory protection technologies.

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

The attacks aimed at a Ministry of Health and a pharmaceutical company involved in the development of the COVID-19 vaccine. The systems at the pharmaceutical company were targeted with the BookCode malware, while in the attack against a Ministry of Health the APT group used the wAgent malware.

How To Use Contracts For Regulatory Compliance Of Cloud Systems

Perficient Data & Analytics

Security. What will the cloud vendor do to proactively protect security, and what will it do if security is breached in some way? This includes: physical security, cyber security (e.g., Cloud Data & Analytics Digital Transformation Integration & IT Modernization Life Sciences Operations Regulatory Compliance Strategy 21 CFR Part 11 clinical cloud compliance Data hosting IaaS medical device PaaS pharmaceutical Regulatory SaaS Software Systems technology

Coronavirus: Europol arrests man behind €6M face masks and hand sanitisers scam

Security Affairs

million by a European pharmaceutical company, a European State reported. “A European Member State reported to Europol that one of their pharmaceutical companies had been defrauded of €6.64

Over a billion records belonging to CVS Health exposed online

Security Affairs

This week WebsitePlanet along with the researcher Jeremiah Fowler discovered an unsecured database, belonging to the US healthcare and pharmaceutical giant CVS Health, that was exposed online. The researchers responsible disclosed to CVS Health which promptly secured the archive the same day.

Chinese hackers stole info from Spanish centers working on Covid19 vaccine

Security Affairs

While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work.

Security in a World of Physically Capable Computers

Schneier on Security

Security is not a problem the market will solve. The primary reason computers are insecure is that most buyers aren't willing to pay -- in money, features, or time to market -- for security to be built into the products and services they want. We have accepted this tenuous situation because, for a very long time, computer security has mostly been about data. But the nature of how we use computers is changing, and that comes with greater security risks.

Google warned users of 33,015 nation-state attacks since January

Security Affairs

During the last summer, Google observed threat actors from China, Russia, and Iran targeting pharmaceutical companies and researchers involved in the development of a vaccine. . The post Google warned users of 33,015 nation-state attacks since January appeared first on Security Affairs.

68% of Pharma Executives Have Had Credentials Breached Online

Adam Levin

The online credentials for 68% of pharmaceutical executives analyzed for a study have been compromised recently. Every day the executive brings their company home, where the security controls are nonexistent and weak ? Data Security Cybersecurity featured linkedin pharma

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Security Affairs

“North Korean hackers have targeted at least six pharmaceutical companies in the U.S., The post COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks appeared first on Security Affairs.

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

Security Affairs

Below the operation in numbers reported by the Europol: 121 arrests; €13 million in potentially dangerous pharmaceuticals seized; 326 00 packages inspected; 48 000 packages seized; 4.4

Information security and compliance training for the healthcare sector

IT Governance

Pharmacies, rehabilitation care, social care, medical research and pharmaceuticals all rely on this data being available to individuals delivering their services. To address the rising threat of data breaches across all sectors, new compliance requirements which aim to harmonise and improve data security practices. and healthcare must address the new DSP (Data Security and Protection) Toolkit. Healthcare Training GDPR Information security

Alleged docs relating to Covid-19 vaccine leaked in darkweb

Security Affairs

Security experts from threat intelligence firm Cyble have found several documents relating to the Covid-19 vaccine allegedly stolen from the European Medicines Agency (EMA) leaked in the Darkweb. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

What does the future hold for the Life Sciences supply chain?

OpenText Information Management

The Life Sciences sector is facing a period of profound change and disruption.

Hackers target COVID-19 vaccine supply chain and sell the vaccine in Darkweb

Security Affairs

Cybercrime organizations continue to be very active while pharmaceutical organizations are involved in the development of a COVID-19 vaccine and medicines to cure the infections.

Digging the recently leaked Chinese Communist Party database

Security Affairs

The post Digging the recently leaked Chinese Communist Party database appeared first on Security Affairs. KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai.

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. ” reads the analysis published by Awake Security.

Three APT groups have targeted at least seven COVID-19 vaccine makers

Security Affairs

“The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. The post Three APT groups have targeted at least seven COVID-19 vaccine makers appeared first on Security Affairs.

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks.

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. MainModule can be explained by the gang’s attempts to avoid detection as a result of being in the spotlight of security researchers for some time now.”

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation.

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

Victims operate in the Banking/Finance, Construction, Defense Industrial Base, Government, Healthcare, High Technology, Higher Education, Legal, Manufacturing, Media, Non-profit, Oil & Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel, and Utility. .