1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Clop ransomware hackers hit a million US healthcare customers

    From TechnologyDaily@1337:1/100 to All on Thu Feb 16 15:15:03 2023
    Clop ransomware hackers hit a million US healthcare customers

    Date:
    Thu, 16 Feb 2023 14:59:28 +0000

    Description:
    Flaw in file-sharing service exploited to allegedly breach more than a
    hundred firms.

    FULL STORY ======================================================================

    The Clop ransomware group has attacked a well-known B2B file transfer
    service, leading to up to a million US health patients having their sensitive data exposed.

    News of the breach came after Community Health Systems (CHS) filed a document with government regulators confirming the breach.

    According to the filing, Clop, which is allegedly tied to the Russian government, breached GoAnywhere MFT, a popular file-sharing service developed by Fortra and used by large businesses to share sensitive files, securely. Details are scarce

    As a result of the security breach experienced by Fortra, protected health information and personal information of certain patients of the companys affiliates were exposed by Fortras attacker, the document reads.

    CHS did not say what type of data was taken, nor did it say how the attack came about. It did say that it started notifying all affected individuals,
    and started offering them free identity theft protection services.

    The organizations operations have not been affected, it said.

    On the other end, Clop has taken responsibility for the attack, saying it abused a zero-day in GoAnywhere MFT to compromise more than a hundred organizations. Speaking to BleepingComputer , Clop said it compromised 130 organizations, but did not provide any proof for these claims. Read more

    Clop ransomware had a rather handy flaw for Linux users to exploit


    Clop ransomware looks to target Windows 10 apps


    Remove viruses and ransomware with the best malware removal

    Fortra had recently notified its customers of a new zero-day but did it via a vulnerability report only available to registered users.

    The flaw, tracked as CVE-2023-0669, was later publicized by cybersecurity researcher Brian Krebs.

    A zero-day remote code injection exploit was identified in GoAnywhere MFT, Fortra allegedly said. The attack vector of this exploit requires access to the administrative console of the application, which in most cases is accessible only from within a private company network, through VPN , or by allow-listed IP addresses (when running in cloud environments, such as Azure or AWS).

    To protect against these attacks, GoAywhere users should make sure to apply the latest patch and get their software up to at least version 7.1.2. Check out free and paid options for the best firewall software to stay protected online

    Via: TechCrunch



    ======================================================================
    Link to news story: https://www.techradar.com/news/clop-ransomware-hackers-hit-a-million-us-health care-customers


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)