Indian Pharmaceutical Company Investigates Security Incident

Data Breach Today

Reddy's Laboratories Says Plants in Four Countries Affected Dr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's testing a COVID-19 vaccine, says it isolated its data center services Thursday following what it calls a "detected cyberattack

IAM's Role in the Pharmaceutical Sector

Data Breach Today

Sandy Dalal of Allergan on Achieving Security Stability Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how identity and access management, along with zero trust, are bringing security stability

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ TB of confidential data

Security Affairs

The CyberNews investigation team discovered French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ An archive of 25,000+ partner and client organizations, such as pharmaceutical laboratories and pharmacies, serviced by the Apodis Pharma distribution platform.

Pharmaceutical companies exploited by phishing scam targeting job seekers

IT Governance

Earlier this month, two major pharmaceutical giants issued warnings about phishing emails targeting job hunters. The post Pharmaceutical companies exploited by phishing scam targeting job seekers appeared first on IT Governance Blog. Cyber Security phishingGlaxoSmithKline and AstraZeneca say they are victims of recruitment scams, in which crooks create fake job adverts to obtain people’s personal and financial details.

Healthcare Supply Chain Security: Updated Guidance

Data Breach Today

With the escalation of cyberattacks on the healthcare sector during the COVID-19 pandemic, supply chain partners need to strengthen their security controls and defenses, say Vishwas Gadgil of pharmaceutical firm Merck and Ed Gaudet of the consultancy Censinet.

ThreatList: Pharma Mobile Phishing Attacks Turn to Malware

Threatpost

After the breakout of the COVID-19 pandemic, mobile phishing attacks targeting pharmaceutical companies have shifted their focus from credential theft to malware delivery.

Three COVID-19 Vaccine-Makers are Under Active Attack

Threatpost

Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says.

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

Threatpost

Breach Cloud Security Privacy advil call transcripts cancer drugs chantix Customer Data Customer Records data breach data leak drug company exposure google cloud lyrica misconfiguration open database patient information Pfizer pharmaceuticals premarin prescriptions Viagra vpnMentor

Security Affairs newsletter Round 292

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 292 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

Safeguarding COVID-19 Research, Other Intellectual Property

Data Breach Today

As cyberthreats to medical research on COVID-19 - and other intellectual property - grow, organzations must take critical steps to prevent the theft of their "innovation capital," says Russell Koste, chief security officer of Alexion Pharmaceuticals

Alert: APT Groups Targeting COVID-19 Researchers

Data Breach Today

are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data. Security experts outline defensive steps that organizations can take Password-Spraying' Campaigns Aimed at Stealing Research Data, US and UK Authorities Warn Authorities in the U.S. and U.K.

Business Process Modeling Use Cases and Definition

erwin

The visualization process can aid in an organization’s ability to understand the security risks associated with a particular process. This also extends to industry-specific other compliance mandates such as those in healthcare, pharmaceutical and the financial services industries. What is business process modeling (BPM)? A visual representation of what your business does and how it does it. Why is having this picture important?

The hidden threats facing your intellectual property

IT Governance

For life sciences and pharmaceutical companies, this includes data on the development and testing of new therapies and details of how therapies are manufactured. Most healthcare providers in the UK are required to comply with the NIS Regulations (The Network and Information Systems Regulations 2018) , which transposed the NIS Directive (Directive on security of network and information systems) into UK law in May 2018.

Maintaining Regulatory-Compliant Cloud Solutions

Perficient Data & Analytics

But there are also several risks to consider, including physical and technical security, privacy and confidentiality, technical support, enhancements, application uptime/availability, vendor stability, and data mobility – the ability to extract data from the system.

Cloud 45

What’s new in OpenText Life Sciences Smart View 20.4

OpenText Information Management

With the shift to remote work environments, Life Sciences organizations need a way to provide their workers with secure and compliant access to highly regulated content that is stored on-premises.

Key Takeaways About Compliant IT Systems In The Cloud

Perficient Data & Analytics

Key topics include: Physical security. Data security, privacy, and confidentiality. Cloud Data & Analytics Digital Transformation Integration & IT Modernization Life Sciences Operations Regulatory Compliance Strategy 21 CFR Part 11 clinical cloud compliance Data hosting IaaS medical device PaaS pharmaceutical Regulatory SaaS Software Systems technologyThis is the final post in our series on maintaining regulatory-compliant IT systems in the cloud.

Cloud 40

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

The attacks aimed at a Ministry of Health and a pharmaceutical company involved in the development of the COVID-19 vaccine. The systems at the pharmaceutical company were targeted with the BookCode malware, while in the attack against a Ministry of Health the APT group used the wAgent malware.

How To Qualify Cloud Vendors

Perficient Data & Analytics

Because the ultimate responsibility for regulatory compliance lies with you – the pharmaceutical or medical device company – you need to be much more proactive and critical. When qualifying a cloud vendor, be sure to evaluate their written procedures and the documented evidence that they follow their procedures in the following key areas: Security of the physical space, which houses the servers that host IaaS, PaaS, and/or SaaS products, even if that space is in a third-party data center.

Cloud 40

Google Yanks 106 ‘Malicious’ Chrome Extensions

Threatpost

Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations. Malware Privacy Vulnerabilities Web Security Awake Security chrome web store CommuniGal Communication domain Domain Registrar GalComm Google Chrome browser malware web browser

Q&A: The drivers behind the stark rise — and security implications — of ‘memory attacks’

The Last Watchdog

Related: Memory hacking becomes a go-to tactic These attacks are referred to in the security community as “fileless attacks” or “memory attacks.” I had the chance at RSA 2019 to discuss memory hacking with Willy Leichter, vice president of marketing, and Shauntinez Jakab, director of product marketing, at Virsec , a San Jose-based supplier of advanced application security and memory protection technologies.

How To Use Contracts For Regulatory Compliance Of Cloud Systems

Perficient Data & Analytics

Security. What will the cloud vendor do to proactively protect security, and what will it do if security is breached in some way? This includes: physical security, cyber security (e.g., Cloud Data & Analytics Digital Transformation Integration & IT Modernization Life Sciences Operations Regulatory Compliance Strategy 21 CFR Part 11 clinical cloud compliance Data hosting IaaS medical device PaaS pharmaceutical Regulatory SaaS Software Systems technology

Chinese hackers stole info from Spanish centers working on Covid19 vaccine

Security Affairs

While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work.

Google warned users of 33,015 nation-state attacks since January

Security Affairs

During the last summer, Google observed threat actors from China, Russia, and Iran targeting pharmaceutical companies and researchers involved in the development of a vaccine. . The post Google warned users of 33,015 nation-state attacks since January appeared first on Security Affairs.

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Security Affairs

“North Korean hackers have targeted at least six pharmaceutical companies in the U.S., The post COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks appeared first on Security Affairs.

Security in a World of Physically Capable Computers

Schneier on Security

Security is not a problem the market will solve. The primary reason computers are insecure is that most buyers aren't willing to pay -- in money, features, or time to market -- for security to be built into the products and services they want. We have accepted this tenuous situation because, for a very long time, computer security has mostly been about data. But the nature of how we use computers is changing, and that comes with greater security risks.

Alleged docs relating to Covid-19 vaccine leaked in darkweb

Security Affairs

Security experts from threat intelligence firm Cyble have found several documents relating to the Covid-19 vaccine allegedly stolen from the European Medicines Agency (EMA) leaked in the Darkweb. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Coronavirus: Europol arrests man behind €6M face masks and hand sanitisers scam

Security Affairs

million by a European pharmaceutical company, a European State reported. “A European Member State reported to Europol that one of their pharmaceutical companies had been defrauded of €6.64 Once the pharmaceutical company transferred the funds to a bank in Singapore, the items were never delivered and the supplier became uncontactable.” The post Coronavirus: Europol arrests man behind €6M face masks and hand sanitisers scam appeared first on Security Affairs.

Hackers target COVID-19 vaccine supply chain and sell the vaccine in Darkweb

Security Affairs

Cybercrime organizations continue to be very active while pharmaceutical organizations are involved in the development of a COVID-19 vaccine and medicines to cure the infections.

What does the future hold for the Life Sciences supply chain?

OpenText Information Management

The Life Sciences sector is facing a period of profound change and disruption.

Information security and compliance training for the healthcare sector

IT Governance

Pharmacies, rehabilitation care, social care, medical research and pharmaceuticals all rely on this data being available to individuals delivering their services. To address the rising threat of data breaches across all sectors, new compliance requirements which aim to harmonise and improve data security practices. and healthcare must address the new DSP (Data Security and Protection) Toolkit. Healthcare Training GDPR Information security

Digging the recently leaked Chinese Communist Party database

Security Affairs

The post Digging the recently leaked Chinese Communist Party database appeared first on Security Affairs. KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai.

68% of Pharma Executives Have Had Credentials Breached Online

Adam Levin

The online credentials for 68% of pharmaceutical executives analyzed for a study have been compromised recently. The study, conducted by cybersecurity firm Blackcloak, found that the email accounts of over two-thirds of pharmaceutical executives had been compromised within the last five to ten years. Every day the executive brings their company home, where the security controls are nonexistent and weak ? Data Security Cybersecurity featured linkedin pharma

Three APT groups have targeted at least seven COVID-19 vaccine makers

Security Affairs

“The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. The post Three APT groups have targeted at least seven COVID-19 vaccine makers appeared first on Security Affairs.

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation.

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks.

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

Security Affairs

Below the operation in numbers reported by the Europol: 121 arrests; €13 million in potentially dangerous pharmaceuticals seized; 326 00 packages inspected; 48 000 packages seized; 4.4 The post Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks appeared first on Security Affairs. Operation Pangea is the name of a joint international operation lead by the Interpol that seized €13 million in counterfeit drugs for care. .

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

Targeted sectors include: Automotive Clothing Conglomerates Electronics Engineering General Trading Company Government Industrial Products Managed Service Providers Manufacturing Pharmaceutical Professional Services.

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. The malicious Chrome browser extensions were discovered by researchers from Awake Security that shared their findings with Google. ” reads the analysis published by Awake Security. appeared first on Security Affairs.

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. . MainModule can be explained by the gang’s attempts to avoid detection as a result of being in the spotlight of security researchers for some time now.”