Busting the myths: Cyber threats to healthcare

Dec 15 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter whoโ€™s mum nearly got phished by a random phone number that text her saying hey mum itโ€™s me and she only twigged because my sister uses green love hearts and the phisherman used red ๐Ÿ’” Shout out to Lloyds bank who smelled a RAT ๐Ÿ€

Itโ€™s Friday, folks, which can only mean one thingโ€ฆ Itโ€™s time for our weekly segment!ย 

It goes by many names. Patch of the Week, Tweak of the week. Okay, thatโ€™s it.ย 

Congrats, the cybercriminals are no matchโ€ฆ for your patch! ๐Ÿฉน๐Ÿฉน๐Ÿฉนย 

Check out these freshly hatched patches ๐Ÿฃ๐Ÿฃ๐Ÿฃ

Stop the WordPresses ๐Ÿ“ฐ

๐Ÿšจ Critical WordPress Security Update! Version 6.4.2 is Here! ๐Ÿšจ

Heads up, WordPress users! The latest release, version 6.4.2, is a must-install for a crucial security patch. ๐Ÿ˜ฑ This update addresses a vulnerability that, when combined with another bug, could empower threat actors to execute harmful PHP code on vulnerable sites. The risk is particularly high for multisite installations and certain plugins. Take action now, update your WordPress to 6.4.2, and keep your website secure! ๐Ÿ”’โœ…

The old updates compared to the new? Apples and oranges ๐ŸŽ๐ŸŠ๐Ÿ˜‰

๐Ÿ๐Ÿ”’ Apple's Security Boost! ๐Ÿš€

Apple just released crucial updates for iOS, iPadOS, macOS, tvOS, watchOS, and Safari. iOS 17.2 and iPadOS 17.2 fix 12 vulnerabilities, including a critical Bluetooth flaw. Safari 17.2 addresses WebKit issues. Additional security features include a Siri bug fix and iMessage privacy upgrade. Update now for a fortified Apple experience! ๐Ÿ“ฑ๐Ÿ’ป

Now, on to todayโ€™s hottest cybersecurity stories:

  • ๐Ÿ”ฎ Busting the myths: Cyber threats to healthcare ๐Ÿฉบ

  • ๐Ÿ‘ค MrAnon malware targets Germans via bookings ๐Ÿ“’

  • ๐Ÿ’ผ Recruiters targeted by devious phishing malware ๐ŸŽฃ

Myth Dusters ๐Ÿงน

Ever wondered which is more valuable on the dark web: a credit card number, a social security number, or an Electronic Health Record (EHR)? Surprisingly, it's the EHR, fetching up to $1,000, highlighting why healthcare remains a prime target for cybercriminals. With ransomware as a major threat, the sector faces challenges from high digitalization, resource constraints, and high stakes, leading to an average breach cost exceeding $10 million.

In this landscape, understanding cybercriminal tactics is crucial. Despite increased organisation, they still exploit human errors and "low-hanging" vulnerabilities. An alarming trend is the exposure of secrets on platforms like GitHub, with 10 million leaked in 2022 alone, posing significant security risks.

To fortify against breaches, healthcare organisations should adopt continuous vigilance. Automated monitoring of digital footprints, like GitHub attack surface audits, and proactive measures such as honeytokens can significantly enhance cybersecurity. As technology evolves, staying ahead with the latest security technologies and fostering a culture of security awareness is key for the healthcare industry. ๐Ÿ’ช๐Ÿฅ๐Ÿ”

The best eye and brain candy curated from all corners of the web

No news. No politics. No BS.

Just the good stuff

100% Free

Book โ€˜em boys ๐Ÿ‘ฎ

๐ŸŽฃ๐Ÿฆ  Beware of New Phishing Campaign: MrAnon Stealer on the Prowl! ๐Ÿšจ๐Ÿ’ป

Watch out! A recent phishing campaign is unleashing the MrAnon Stealer, a Python-based malware disguised in booking-themed PDF lures. ๐Ÿ’ผ๐Ÿ” This crafty stealer, compressed with cx-Freeze to dodge detection, snatches victims' credentials, system info, browser sessions, and even cryptocurrency extensions. ๐Ÿ˜ฑ๐Ÿ’ณ

Germany seems to be the bullseye as of November 2023, with evidence pointing to it being the primary target. ๐Ÿ‡ฉ๐Ÿ‡ช๐ŸŽฏ The phishing email poses as a hotel room booking company, tricking victims into opening a PDF that prompts a fake Adobe Flash update. The result? Execution of .NET executables and PowerShell scripts, leading to a malicious Python script. This script not only gathers data but also sends it to a public file-sharing site and the threat actor's Telegram channel. ๐Ÿ“ค๐Ÿ•ต๏ธโ€โ™‚๏ธ

MrAnon Stealer is up for grabs for $500/month, signalling a strategic shift from Cstealer in July and August to MrAnon Stealer in October and November. ๐Ÿ˜ˆ๐Ÿ’ฐ Stay vigilant against phishing emails as cyber threats continue to evolve! ๐Ÿ”’โœจ

๐ŸŽฃ Catch of the Day!! ๐ŸŒŠ๐ŸŸ๐Ÿฆž

Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.

Malware do you see yourself in five years ๐Ÿ’€

๐Ÿšจ๐Ÿ“ง Recruiters, Beware of Cyber Threats! New Warning from Proofpoint! ๐ŸŒ๐Ÿ”’

Attention recruiters! ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proofpoint issues a red alert about threat actor TA4557 deploying malware through cleverly crafted emails. Known for distributing the More_Eggs backdoor, this financially motivated actor has shifted tactics, replying to job listings and now targeting recruiters directly. ๐Ÿ˜ฑ๐Ÿ’ผ

In the latest attack, TA4557 uses direct emails with URLs to fake candidate resumes or attachments with instructions to visit a bogus resume website. ๐Ÿ“ฌ๐ŸŒ Recipients are tricked into downloading a zip file containing a shortcut file (LNK), leading to the deployment of the More_Eggs backdoor using "living-off-the-land" techniques.

Recruiters are urged to update user awareness training to counter this evolving threat, especially as TA4557 builds trust before delivering malicious content. The group constantly changes sender emails, fake resume domains, and infrastructure, making detection challenging. Stay vigilant and keep your defences updated! ๐Ÿ”๐Ÿ”

๐Ÿ—ž๏ธ Extra, Extra! Read all about it! ๐Ÿ—ž๏ธ

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.

  • Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think.

So long and thanks for reading all the phish!

footer graphic cyber security newsletter
  • ๐ŸŒต CACTUS ransomware exploits flaws in Qlik Sense ๐Ÿ’ป

Recent articles