Feb 08 2024
Welcome to Gone Phishing, your daily cybersecurity newsletter that floats like a butter-cy and stings like a cyber-bee ????????????
Today’s hottest cybersecurity news stories:
???? Tech giants and global coalition unite against spyware abuse ????️
???????? Forget MaaS immigration, Maas is top threat to organisations ????
????⚕️ Failed their HIPAAcratic oath! Medical Center Fined $4.75M ????
giphy.com
Countries like France, the U.K., and the U.S., joined by tech giants such as Google, Meta, and Microsoft, unite against commercial spyware misuse in the Pall Mall Process. Their aim? To rein in the proliferation of cyber intrusion tools and establish guidelines for responsible development and use.
⚠️ The initiative warns of the dangers posed by spyware, which can infiltrate devices without user interaction, posing threats to privacy, human rights, and digital security. Thousands fall victim to spyware attacks yearly, with malicious actors exploiting vulnerabilities to gather sensitive information.
???? While the move highlights global cooperation, the absence of certain nations like Israel and Hungary raises questions. The action also coincides with the U.S. Department of State’s visa denials for those linked to spyware misuse, signalling a broader crackdown.
????️ Commercial spyware, such as Chrysaor and Pegasus, designed for legitimate use, often ends up in the wrong hands, targeting journalists, activists, and dissidents. Despite efforts to contain the spyware ecosystem, the battle persists, with tech firms tracking numerous vendors and exploits.
Let’s stay vigilant and work together to protect against cyber threats! ????????
Signup for Free
Learn AI in 5 minutes a day. We’ll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.
The 2023 End of Year Threat Report by Darktrace sounds the alarm on Malware-as-a-Service (MaaS) infections, emerging as the top threat to organisations in the latter half of the year.
Malware strains like ViperSoftX and Black Basta showcase a menacing trend of combining multiple functions, making detection a formidable challenge for defenders. ????
???? ViperSoftX, a notorious info stealer and RAT, evolved with sophisticated evasion tactics, targeting sensitive data such as crypto wallets and browser passwords. Meanwhile, Black Basta ransomware spreads alongside Qbot banking trojan for credential theft.
???? The rise of Ransomware-as-a-Service (RaaS) in the wake of Hive ransomware’s takedown spells trouble ahead. ???? Darktrace predicts a surge in double and triple extortion tactics, fueled by the expanding arsenal of multi-functional malware.
???? Moreover, attackers are leveraging AI to craft more convincing phishing campaigns, bypassing traditional security measures with alarming success rates. ????
As cyber threats grow in complexity, organisations face an uphill battle to stay protected. With MaaS and RaaS on the rise, the cybersecurity landscape remains fraught with challenges in 2024. ????️????
???? The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” Good ol’ George Dubya ???? Let us tell who’s not fooling around though; that’s the Crüe ???? at Motley Fool. You’d be a fool (alright, enough already! ????) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ???? Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ???? (LINK)
???? Wander: Find your happy place. Cue Happy Gilmore flashback ????️⛳????????️ Mmmm Happy Place… ???? So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ????️???? (LINK)
???? Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ⚾???????? (Great movie, to be fair ????). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty ????). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho ???? And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ???? (LINK)
Federal regulators have slapped Montefiore Medical Center with a hefty fine of $4.75 million following a data breach dating back to 2013. ???? The settlement, announced by the U.S. Department of Health and Human Services’ Office for Civil Rights (HHS OCR), stems from “data security failures” that allowed an insider to steal and sell patients’ protected health information.
The breach went undetected for years until the New York Police Department uncovered evidence in 2015, prompting an internal investigation by Montefiore. It was revealed that an employee had stolen the electronic health records of thousands of patients and sold them to an identity theft ring. ????
OCR’s investigation found multiple HIPAA Security Rule violations, including failures to analyse and identify risks to PHI, monitor and safeguard health information systems, and implement proper policies and procedures for PHI protection. ????️♂️
“Unfortunately, we are living in a time where cyberattacks from malicious insiders are not uncommon,” said HHS OCR Director Melanie Fontes Rainer, emphasising the critical need for robust cybersecurity measures in the healthcare sector. ????
In addition to the financial penalty, Montefiore has agreed to implement a corrective action plan, including conducting a thorough security risk analysis, implementing audit controls, and providing comprehensive training on HIPAA rules for its workforce. ????️????
Montefiore, in response, highlighted its commitment to patient privacy and cybersecurity, emphasising the steps taken to enhance security protocols and reinforce staff training since the incident. ????⚕️????
As healthcare systems remain prime targets for cyberattacks, Montefiore vows to remain vigilant in protecting patient information and upholding safety protocols. ????????
Catch up tomorrow cyber squad ????
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Wealthy Primate: Want to earn over $100k a year in IT or cybersecurity? 20 year veteran ‘Wealthy Primate’ might be able to help you climb that tree ???????? with his stick and banana approach ????????
Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!