Anna Ribeiro’s Post

"The FBI and U. S. Cybersecurity and Infrastructure Security Agency CISA called upon organizations to defend against Scattered Spider by implementing application controls; implementing FIDO or WebAuth authentication or Public Key Infrastructure PKI-based MFA; and strictly limiting the use of Remote Desktop Protocol RDP and other remote desktop services." https://lnkd.in/g3V2ziDR #healthcare #cybersecurity #AI #socialengineering #phishing #informationsecurity #industrialcyber #icssecurity #ics

"The FBI and U. S. Cybersecurity and Infrastructure Security Agency CISA called upon organizations to defend against Scattered Spider by implementing application controls; implementing FIDO or WebAuth authentication or Public Key Infrastructure PKI-based MFA; and strictly limiting the use of Remote Desktop Protocol RDP and other remote desktop services." https://lnkd.in/eNextEkY #healthcare #cybersecurity #AI #socialengineering #phishing #informationsecurity #industrialcyber #icssecurity #ics

"The FBI and U. S. Cybersecurity and Infrastructure Security Agency CISA called upon organizations to defend against Scattered Spider by implementing application controls; implementing FIDO or WebAuth authentication or Public Key Infrastructure PKI-based MFA; and strictly limiting the use of Remote Desktop Protocol RDP and other remote desktop services." https://lnkd.in/dBds64mp #healthcare #cybersecurity #AI #socialengineering #phishing #informationsecurity #industrialcyber #icssecurity #ics

"The FBI and U. S. Cybersecurity and Infrastructure Security Agency CISA called upon organizations to defend against Scattered Spider by implementing application controls; implementing FIDO or WebAuth authentication or Public Key Infrastructure PKI-based MFA; and strictly limiting the use of Remote Desktop Protocol RDP and other remote desktop services." https://lnkd.in/d_A97A4c #healthcare #cybersecurity #AI #socialengineering #phishing #informationsecurity #industrialcyber #icssecurity #ics

"HC3 detailed that these Scattered Spider hackers have gained initial access to targeted organizations by leveraging spear phishing voice techniques, to leverage the unauthorized access to modify ACH information for payer accounts to divert legitimate payments to attacker-controlled bank accounts." https://lnkd.in/d_A97A4c #healthcare #cybersecurity #AI #socialengineering #phishing #informationsecurity #industrialcyber #icssecurity #ics

Excerpt: If you ask some of the top cybersecurity leaders in the field what’s on their worry list, you might not expect bored teenagers to be top of mind. But in recent years, this entirely new generation of money-driven cybercriminals has caused some of the biggest hacks in history and shows no sign of slowing down. Meet the “advanced persistent teenagers,” as dubbed by the security community. These are skilled, financially motivated hackers, like Lapsus$ and Scattered Spider, which have proven capable of digitally breaking into hotel chains, casinos, and technology giants. By using tactics that rely on credible email lures and convincing phone calls posing as a company’s help desk, these hackers can trick unsuspecting employees into giving up their corporate passwords or network access.  These attacks are highly effective, have caused huge data breaches affecting millions of people, and resulted in huge ransoms paid to make the hackers go away. By demonstrating hacking capabilities once limited to only a few nation states, the threat from bored teenagers has prompted many companies to reckon with the realization that they don’t know if the employees on their networks are really who they say they are, and not actually a stealthy hacker. From the points of view of two leading security veterans, have we underestimated the threat from bored teenagers?

🚨 This Week's #Security321: 1️⃣$50M to Secure U.S. Hospitals: The U.S. government introduces the UPGRADE program via ARPA-H, investing $50 million to automate vulnerability management in healthcare systems. 2️⃣ YouTube’s Growing Cyber Threats: Cybercriminals are exploiting YouTube for phishing scams, malware distribution, and deepfake content to spread disinformation and steal data. 3️⃣ In a significant crackdown, the FBI and international partners have seized #BreachForums, a pivotal English-language cybercrime forum known for trading stolen data. Must-Know Stats: 📊 A striking 94% of organizations recognize that customer trust hinges on effective data protection. 📊 Over 95% of professionals find that dynamic content from Large Language Models (LLMs) complicates the detection of phishing attempts, underscoring the complexities introduced by AI technologies. 🇺🇸 We honor and remember the brave men and women who have given their lives in service to our country. Wishing everyone a peaceful and reflective Memorial Day weekend. Read more here: 👉 https://lnkd.in/gg4RcgGs #Cybersecurity #TalPoint #Security321

💻🤖 AI-Driven Scams on the Rise! 🚨 North Korean hackers just stole $10M using sophisticated AI-powered social engineering and malware campaigns on platforms like LinkedIn. ⚠️ This isn’t just a story; it’s a wake-up call. Protect your business by: 1️⃣ Vetting unusual requests. 2️⃣ Training employees on phishing tactics. 3️⃣ Prioritizing robust cybersecurity protocols. #CyberRisk is real, and the stakes are higher than ever. One phone call could save you millions. Literally. Talk to us: https://lnkd.in/dG6ebV98 🔗 Read more: https://lnkd.in/gtdGSUuT The Hacker News

Human error can disrupt any organization, but the stakes are higher in #healthcare. One wrong click on a suspicious email can lead to financial loss, reputational damage, and, most importantly, compromised patient care. Equipping your team with knowledge of deceitful tactics to stay vigilant against #cyber threats is pertinent.