MastodonTech.de

Josh LemonThis is a timely reminder to ensure any third-parties with access to your systems follow the same cyber policies you'd expect your internal staff to follow.<a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScatteredSpider</a> are particularly good at <a href="https://infosec.exchange/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#SocialEngineering</a> their way via a third-party to other victims.For clarity, <a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScatteredSpider</a> are considered the initial access group, <a href="https://infosec.exchange/tags/DragonForce" class="mention hashtag" rel="nofollow noopener" target="_blank">#DragonForce</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> is the malware deployed once <a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScatteredSpider</a> are inside your network.<a href="https://www.bleepingcomputer.com/news/security/mands-confirms-social-engineering-led-to-massive-ransomware-attack/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/mands-confirms-social-engineering-led-to-massive-ransomware-attack/</a><a href="https://infosec.exchange/tags/IncidentReponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentReponse</a> <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataBreach</a> <a href="https://infosec.exchange/tags/CSIRT" class="mention hashtag" rel="nofollow noopener" target="_blank">#CSIRT</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener" target="_blank">@amvinfe</a> <a href="https://noc.social/@AAKL" class="u-url mention" rel="nofollow noopener" target="_blank">@AAKL</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@brett</a> <a href="https://ioc.exchange/@jgreig" class="u-url mention" rel="nofollow noopener" target="_blank">@jgreig</a> It seems pretty clear from what BianLian has posted that there were TWO unrelated attacks, but Akumin has only disclosed the first attack -- even though it has issued updates since the time of the second attack.That said: if the second attack was in November, as it allegedly was, then Akumin is still within a 60-day window from discovery to when it must notify HHS and affected patients. But if an entity issues a press release or update that discloses one data breach but is silent on the fact that there was a second breach, too, resulting in the theft of patient data, is that a deceptive or unfair act under Section 5 of the FTC Act?<a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#transparency</a> <a href="https://infosec.exchange/tags/incidentreponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentreponse</a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#extortion</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@brett</a> I don't know if I missed something or forgot anything, but have we seen any real statement from the hospitals or TransForm about whether they had recent and usable backups?<a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#HealthSec</a> <a href="https://infosec.exchange/tags/backups" class="mention hashtag" rel="nofollow noopener" target="_blank">#backups</a> <a href="https://infosec.exchange/tags/restoration" class="mention hashtag" rel="nofollow noopener" target="_blank">#restoration</a> <a href="https://infosec.exchange/tags/incidentreponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentreponse</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#incidentreponse