American health software company NextGen Healthcare has notified Maine’s
attorney general’s office of a data breach that affected more than a million
patients.

Healthcare remains a prime target for criminals, but they don’t always attack
clinics and hospitals. Since many of these facilities rely on other companies to
manage their patient data, those organizations are also targeted. That’s
precisely the case with NextGen Healthcare, which has been the focus of attacks
in the past six months.

Ac

Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and defend against this threat.

CISA urges organizations to review the advisory for more information and apply the recommended mitigations and detection guidance. For more information on FSB and Russian state-sponsored cyber activity, please see the joint advisory Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure and CISA’s Russia Cyber Threat Overview and Advisories webpage.

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked as CVE-2023-25717. The activity is associated with a known DDoS botnet tracked as AndoryuBot that […]

The post Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet appeared first on Security Affairs.

For CISOs, the sad truth is that it’s no longer a matter of if an organization will be breached, but when. According to AV-Test, more than 1 million new malware programs have been discovered in 2023 alone. What’s more, with the acceleration of cloud adoption and the rapid move to remote and hybrid work, the potential attack surface continues to grow exponentially.

Even with strong defenses in place to prevent a potential data breach, security teams should still prepare for the worst. In the event of a breach, they need to have full visibility into exactly what happened so they can quickly contain the damage and inform customers and other stakeholders in a timely manner. Additionally, when a zero-day exploit comes to light, such as the infamous LogJ4 or SolarWinds vulnerabilities, organizations need to determine quickly whether they, too, are exposed. The ability to rapidly attain this kind of transparency is foundational for security — but getting it has proven to be a significant challenge.

To read this article in full, please click here