The CEO of Change Healthcare has revealed that hackers were able to exploit a vulnerability in Citrix software to gain unauthorized access to their systems. This breach exposed sensitive information and put the company at risk. The cyber criminals were able to break in by taking advantage of the security flaw in the popular software … Read more
A Chinese threat actor known as UNC3886 has been using open source rootkits Reptile and Medusa to hide on VMware ESXi virtual machines while stealing credentials and executing commands. Mandiant has been tracking UNC3886’s activities against government organizations, including attacks exploiting zero-day vulnerabilities in Fortinet and VMware products. UNC3886 has recently targeted organizations in North … Read more
In a recent report, cybersecurity firm Cisco Talos uncovered tactics used by hackers to bypass multi-factor authentication (MFA) measures. While MFA is seen as a crucial defense against unauthorized access, creative hackers have devised ways to work around it. The report highlights the importance of staying vigilant and adopting additional security measures to protect sensitive … Read more
A recent information theft campaign has been identified, showcasing the detailed tactics, techniques, and procedures (TTPs) used by attackers at various stages of the attack process. The Miter ATT&CK framework was utilized to categorize these TTPs and pinpoint potential areas for detection. Research into the campaign revealed how attackers employed social engineering tactics to deceive … Read more
Comcast’s Xfinity cable unit faced a cybersecurity breach due to the Citrix Bleed vulnerability, affecting approximately 36 million customers. Hackers accessed customer information by exploiting the vulnerability, resulting in a data breach. The breach impacted Xfinity systems for a few days in mid-October, with hackers gaining access to customer usernames, passwords, and personal details like … Read more
UnitedHealth is set to testify about a cybersecurity breach that occurred on February 12, where hackers gained access to a Citrix portal of its Change Healthcare unit using compromised credentials. CEO Andrew Witty mentioned that the threat actor moved within the systems and exfiltrated data. On February 21, a ransomware attack by a cybercriminal known … Read more
UnitedHealth Group CEO, Andrew Witty, recently confirmed in a statement that cyber attackers were able to breach the company’s network using stolen Citrix credentials. The hackers were able to gain unauthorized access to sensitive information before being detected and removed from the system. The company, which is one of the largest health insurers in the … Read more
On February 12, hackers infiltrated UnitedHealth’s technology unit by exploiting stolen login credentials, granting them remote access to the company’s network. UnitedHealth, the largest health insurer in the United States, is set to testify before a House panel this week regarding the breach. The breach marks a significant security incident for UnitedHealth, as cybercriminals were … Read more
MITRE Corporation announced that a cyberattack on a nonprofit in late December 2023 exploited zero-day vulnerabilities in Ivanti Connect Secure (ICS) by creating rogue virtual machines (VMs) within its VMware environment. The threat actor, linked to China and tracked by Mandiant as UNC5221, accessed the Networked Experimentation, Research, and Virtualization Environment (NERVE) by exploiting ICS … Read more
Hackers breached UnitedHealth’s technology unit on February 12 by exploiting vulnerabilities in Citrix software, leading to disruptions in American healthcare. The cybercriminal gang AlphV demanded a ransom to unlock Change Healthcare’s systems after locking them on February 21. UnitedHealth CEO Andrew Witty is set to testify before the House Energy and Commerce Committee on May … Read more