Einstein Healthcare Network Facing Class Action Lawsuit over 2020 Phishing Attack

The Philadelphia-based health system, Einstein Healthcare Network, is facing a class action lawsuit over an August 2020 phishing attack that resulted in multiple employee email accounts being accessed by an unauthorized individual. Einstein Healthcare is a non-profit health system that operates four hospitals – Einstein Medical Center Philadelphia, Elkins Park Hospital, MossRehab in Elkins Park,… Read More »

Best Practices for Network Defenders to Identify and Block Russian Cyber Operations

A joint cybersecurity advisory has been issued by the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) about ongoing cyber operations by the Russian Foreign Intelligence Service (SVR). The advisory provides further information on the tactics, techniques, and procedures (TTPs) used by SVR hackers to… Read More »

Phishing Attack on Home Medical Equipment Provider Affects 153,000 Individuals

The protected health information of 153,013 individuals has potentially been compromised in an email security breach at HME Specialists LLC, dba Home Medical Equipment Holdco. HME Specialists discovered suspicious activity in its email system and immediately secured all affected accounts and engaged a specialist cybersecurity company to conduct a forensic investigation to determine the extent… Read More »

Manquen Vance Email Breach Impacts 7,018 Patients

The Michigan-based group health plan broker and consultancy firm Manquen Vance – formerly Cornerstone Municipal Advisory Group – is alerting 7,018 individuals about a potential breach of their personal and health information. An investigation was launched on November 16, 2020 when the firm identified suspicious activity in the email account of an employee. Manquen Vance… Read More »

DOJ Launches Ransomware and Digital Extortion Task Force

In response to the growing threat from ransomware attacks, the U.S Department of Justice has launched a new Ransomware and Digital Extortion Task Force that will target the entire ransomware ecosystem as a whole. The aim is not only to bring the individuals conducting the attacks to justice, but also any individuals who assist attackers,… Read More »

Three Zero-Day Vulnerabilities in SonicWall Email Security are Being Actively Exploited

Three zero-day vulnerabilities have been identified in SonicWall Email Security products that are being actively exploited in the wild by at least one threat actor. The vulnerabilities can be chained to gain administrative access to enterprise networks and achieve code execution. SonicWall Email Security solutions are deployed as a physical appliance, virtual appliance, software installation,… Read More »