Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News

A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad and PlugX malware, both commonly associated with Chinese cyberespionage groups, as well as a previously undocumented ransomware strain called NailaoLocker. NailaoLocker, the new ransomware strain discovered in the campaign, was described by researchers as “relatively unsophisticated and poorly designed.” It encrypts files and leaves a ransom note demanding payment in Bitcoin via a ProtonMail address. The campaign, which took place in the second half of 2024, likely exploited a vulnerability in security products from an Israel-based cybersecurity firm, according to researchers at Orange Cyberdefense. The vulnerability likely enabled the hackers to steal user credentials and access virtual private networks (VPNs) using legitimate accounts, the researchers said. ShadowPad, a backdoor suspected to be privately shared or sold among Chinese cyber operators since at least 2015, has been deployed in cyberespionage campaigns against governments, energy firms, think tanks and technology companies. PlugX, another malware frequently used by Chinese state-backed hackers, was first observed in attacks on Japan in 2008 and has since been deployed against targets across Asia. Check Point patched the flaw last May, but researchers said the devices targeted by hackers were likely still vulnerable at the time of their compromise. State-backed hackers, including those linked to China, have previously targeted healthcare organizations, researchers said. Orange Cyberdefense said it could not attribute the campaign to a specific actor said the hackers were likely linked to China. Researchers said it was unusual for ShadowPad to be linked to ransomware deployment, raising questions about the hackers’ motives.

This Cyber News was published on therecord.media. Publication date: Fri, 21 Feb 2025 01:15:09 +0000

Cyber News related to China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News

China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad ...
7 months ago Therecord.media

Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
1 year ago Securityzap.com

Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
1 year ago Techtarget.com

Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
1 year ago Cybersecuritynews.com

The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
1 year ago Darkreading.com

European firms urge China to give more clarity on data transfer laws - AP Moeller - Maersk A/S Siemens AG BEIJING, Nov 15 - European firms "Urgently" need China to give clearer definitions of key terms in its cross-border data transfer rules, a European business lobby group said on Wednesday, warning firms also stood to ...
1 year ago Reuters.com

Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
1 year ago Cysecurity.news

Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News - While the group is based in China, Microsoft previously said it is “unable to confidently assess the threat actor’s objectives.” The two other Chinese groups identified with the so-called “ToolShell” campaign — Linen Typhoon and Violet ...
2 months ago Therecord.media CVE-2025-49706

Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
1 year ago Helpnetsecurity.com

HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
1 year ago Therecord.media LockBit

Pharmacy Delays Across US Blamed on Nation-State Hackers - Change Healthcare, a technology services provider for pharmacies, experienced a cyberattack from a suspected nation-state threat actor that has created widespread delays for patients who need prescription refills across the US. Change Healthcare is a ...
1 year ago Darkreading.com

Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com

Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
1 year ago Malwarebytes.com Rocke LockBit

Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence

China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
1 year ago Darkreading.com Volt Typhoon

Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
1 year ago Cyberdefensemagazine.com

Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
1 year ago Cysecurity.news

TikTok fined €530 million for sending European user data to China - The Irish Data Protection Commission (DPC) has fined TikTok €530 million (over $601 million) for illegally transferring the personal data of users in the European Economic Area (EEA) to China, violating the European Union's GDPR data protection ...
5 months ago Bleepingcomputer.com

Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
1 year ago Esecurityplanet.com Black Basta

China-Nexus Hackers Attacking Organizations Infrastructure & High-Value Customers - A sophisticated China-linked threat actor has been conducting extensive cyber espionage operations targeting critical infrastructure and high-value organizations across multiple sectors. This activity cluster, tracked as PurpleHaze, demonstrates ...
5 months ago Cybersecuritynews.com

Chinese Hackers Using New BRICKSTORM Malware to Attack Windows & Linux Machines - Notably, unlike the Linux variant reported by Mandiant, the Windows samples lack direct command execution capabilities—a suspected deliberate choice to evade detection by security solutions that analyze parent-child process relationships. The ...
5 months ago Cybersecuritynews.com

Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools - The patents, registered by firms named in recent U.S. Department of Justice indictments, detail sophisticated offensive capabilities including encrypted endpoint data acquisition, mobile device forensics, and network traffic interception from routers ...
2 months ago Cybersecuritynews.com HAFNIUM

Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit | The Record from Recorded Future News - Last June, Kaspersky discovered another espionage campaign, dubbed Operation Triangulation, that exploited two vulnerabilities in Apple devices. Russian security researchers discovered sophisticated new malware used in an espionage campaign targeting ...
6 months ago Therecord.media CVE-2025-2783

North Korean hackers target Ukrainian government in new espionage campaign | The Record from Recorded Future News - North Korea, which started deploying troops to assist Russian forces in Ukraine in late 2024, is likely using this intelligence to assess risks to its own forces on the ground and to gauge whether Moscow will require further military support, ...
4 months ago Therecord.media

US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
1 year ago Bleepingcomputer.com