Is TEMU really safe? Who paid $75 MILLION in Bitcoin? Who are the Vanilla Tempest hacking group? and more.

We have now reached MORE than 23,630 subscribers! Thanks for your support. Help us with our mission of helping 100,000 organizations become cyber-resilient by sharing this newsletter with your network.

Be sure to read the "My thoughts" section to learn strategies for navigating and combating cyber attacks. I'm here to assist you in avoiding and battling these threats should they ever affect you.

Contact me if you have any questions regarding your enterprise's cybersecurity strategy --> Luigi Tiano.

P.S. We often do giveaways on our company page --> ?

Who are the Vanilla Tempest hacking group and what they’re up to...?

?

Microsoft has revealed that the Vanilla Tempest hacking group is targeting U.S. healthcare organizations with INC ransomware. This ransomware-as-a-service (RaaS) operation, active since July 2023, has previously attacked companies like Yamaha Motor and Xerox, as well as the NHS in Scotland. The group gains access via Gootloader malware and deploys ransomware using Remote Desktop Protocol (RDP) and legitimate tools like AnyDesk. Although the specific healthcare victim hasn’t been named, a similar strain recently disrupted Michigan’s McLaren Health Care, affecting IT systems and patient appointments. Vanilla Tempest, also known as DEV-0832 and Vice Society, has a history of targeting healthcare and other sectors. ( bleepingcomputer.com ) ?

?

My Thoughts: It’s outrageous to see almost every week hackers are targeting our healthcare systems—this isn’t just data being exploited; it’s people’s lives on the line. We must continue to invest in cybersecurity in the healthcare system and ensure everyone is not only aware of these threats but also ready to tackle them head-on. It’s time to take action and protect the most vulnerable among us.?

Are schools the new target? Why you need to be worried.?

?

Schools across Lancashire, UK, have been severely impacted by a ransomware attack that compromised the majority of their computer systems. Dean Logan, CEO of the Fylde Coast Academy Trust, confirmed the attack affected all ten academies, forcing them to revert to non-IT processes. While restoration of key services is expected to resume next week, full recovery may take weeks. The trust has received support from the Department of Education and cybersecurity teams, and leaders are focused on maintaining education quality during this challenging time. ( msn.com ) ?

?

My Thoughts: This is a prime example of how vulnerable our educational institutions have become. It’s deeply concerning that our children’s learning environments are being disrupted in this way.??

The fact that it could take weeks to restore normal operations highlights the urgent need for effective and reliable cybersecurity measures in education. We must prioritize protecting these vital systems, ensuring everyone involved is aware and ready to combat such threats. Our kids’ futures depend on it.?

?

Why you need to be careful on TEMU?

?

Temu has denied a breach after a hacker claimed to have stolen a database containing 87 million records of customer information, which was offered for sale on the BreachForums hacking forum. The hacker, known as ‘smokinthashit,’ posted samples that allegedly included usernames, IP addresses, and personal details. Temu conducted an investigation and found no matches with its database, asserting that the claims are false. The company emphasized its commitment to data protection and announced plans to pursue legal action against those spreading misinformation. Despite Temu’s denial, the hacker insists the breach is real, claiming ongoing access to the company’s systems. ( bleepingcomputer.com ) ?

??

My Thoughts: This situation is concerning, and it’s frustrating to see such claims circulating, especially when they can undermine consumer trust. It’s critical that Temu reinforces its security measures and transparency to reassure users.??

?

Regardless of the truth behind the claims, this incident highlights the ongoing threat to e-commerce platforms and the need for robust cybersecurity. Users should take proactive steps to protect their accounts and be careful with the websites they use; and shop from. We cannot afford to take our online security for granted.?

?

We only partner with the best on the market. We have a variety of options, tailored to your needs and organization size.??

?

Have questions about your cybersecurity posture? Let’s chat.?

?

Calendar Link ?

?

They paid $75 MILLION in Bitcoin??

?

Cencora Inc., a significant drug distributor, has made headlines by paying $75 million in Bitcoin following a ransomware attack by the Dark Angels group. This marks the largest known cyber extortion payment to date. The hackers initially demanded $150 million, and the payment was made in three installments in March after Cencora discovered the breach in February. The attack compromised personal data, including names, addresses, and medical information. This incident highlights the growing threat to the healthcare sector, which is increasingly targeted due to its potential for high-value ransom payments. ( cryptobreifing.com ) ?

?

My Thoughts: This isn’t just a financial issue; it’s about protecting lives and ensuring that essential services remain operational. We must recognize that as long as these large payouts continue, the healthcare sector will remain a prime target. It’s crucial that organizations invest in cybersecurity measures and prioritize the protection of sensitive data. We cannot afford to let this trend continue unchecked.?

?

?