.st0{fill:#FFFFFF;}

3 New Ways Attackers Trick You – Ep 385 

 December 9, 2022

By  Donna Grindle

cyber criminal attack

The holidays are upon us and everyone is getting excited about buying presents for friends and loved ones. Cyber criminals are excited too because it means even more opportunities to attack us. Today, we are discussing an article from ZDnet about three new ways attackers are trying to trick you.

A 5 star review is all we ask from our listeners.
1x
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy

In this episode:

3 New Ways Attackers Trick You – Ep 385

Today’s Episode is brought to you by:

Kardon

and

HIPAA for MSPs with Security First IT

 Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity. 

The Privacy and Security Boot Camp

3.5 day In Person Event

Mar 12, 13, 14 and 15, 2023

PriSecBootCamp.com

Great idea! Share Help Me With HIPAA with one person this week!

Learn about offerings from the Kardon Club

and HIPAA for MSPs!

Thanks to our donors. We appreciate your support!

If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!


HIPAA Say What!?!

[07:16] The HIPAA Privacy Rule always applies when a covered entity collects patient PHI. When you venture into some areas of care other rules are added to the mix. A very important set of those rules deal specifically with Substance Use Disorder under 42 CFR part 2. Most of the time is referred to as just Part 2.

For years the industry has debated how to better align the Privacy Rule and Part 2. The previous NPRM has never been implemented which had big implications in the Privacy Rule beyond just Part 2. A brand new one has been published for review and comment that only addresses the changes required for aligning the Privacy Rule and Part 2.

NPRM: Confidentiality of Substance Use Disorder Patient Records

3 New Ways Attackers Trick You

[11:47] Attackers are doing new and exciting things these days. Not really, but the news we read every day doesn’t make us feel warm and comfy heading into the new year.

For example, knowing that Russian cybergangs stole over 50 million passwords this year was scary enough, but then reading beyond the headline and you learn that number is from comparing a 10-month period in 2021 (Mar-Dec) to seven months of 2022 (Jan-Jul). In 7 months it was up 80% already!

[18:41] This sneaky ransomware gang keeps changing tactics to spread its malware | ZDNET

DEV-0569 finds new ways to deliver Royal ransomware, various payloads – Microsoft Security Blog

We know about phishing and remote access vulnerabilities but this group is taking things to the next level with “innovations”.

  1. [26:06] Use of contact forms on targeted organizations’ websites to deliver phishing links.
    • They go to your website and use your contact form asking for information. When you get the response from them, it has a malicious link that tricks you into loading their malware.
  2. [19:34] Hosting fake installer files on legitimate-looking software download sites and legitimate repositories to make malicious downloads look authentic to targets.
    • Host downloads for what should be legit software, but it uses their scripts running while downloading the legitimate software.
  3. [32:30] Expansion of their malvertising technique by using Google Ads in one of their campaigns, effectively blending in with normal ad traffic.
    • They run various Google ads that don’t do anything malicious, but it does show them what got each person to click, what got the most to click, when they were clicking, etc. They use that info to target those clickers.

They are adding in other innovations once they get the first hook in. Their tools are now using file formats that should be installers, so they get past initial checks, but it is really malicious software scripts hiding in that installer.

Setting up open source tools to disable antivirus solutions in their scripts. With this backdoor malware getting in there has the potential to plan attacks carefully.

Sidebar: Great Ted Talk where a guy messes with scammers:

James Veitch: This is what happens when you reply to spam email | TED Talk

DEV-0569 finds new ways to deliver Royal ransomware, various payloads – Microsoft Security Blog

Using these back door tools allows them to launch their Royal ransomware as the final step. They use the human operated ransomware (HOR) method to ensure all goes as planned.

The methods they use to get in change along with what they do when they get in there.

We’ve said time and time again, cyber criminals are continuously changing their attack tactics, what their malicious code does once someone falls victim to their scam and how fast they can infect not only your computer, but an entire network. Cyber criminals believe in their attack being in depth. Our security should also be in depth in order to combat their attacks too.

Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!

HIPAA is not about compliance,

it’s about patient care.TM

Special thanks to our sponsors Security First IT and Kardon.

HelpMeWithHIPAA.com Is A
Collaborative Project

Created & Sponsored By: