Paubox blog: HIPAA compliant email made easy

Paubox Weekly: Google Chrome under attack, reports zero-day vulnerability

Written by Dean Levitt | December 01, 2023

Hello world,

Today’s Paubox Weekly is 551 words - a 2 minute read.

Want to get this type of content delivered to your inbox every Friday? Subscribe to Paubox Weekly. 

 

1. Google Chrome under attack, reports zero-day vulnerability

A zero-day alert has been reported, exploiting a vulnerability in Google Chrome. Google has released an update, urging individuals to install the latest browser as soon as possible.

What happened: Google recently released seven updates to fix security issues in its Chrome browser. While most security issues were resolved, one remains a zero-day vulnerability, meaning that Google had no time to prepare for the attack.

Users without the newest update may be at risk

 

 

 

 

2. Paubox customers share tips, tricks, and best practices (November 2023 Zoom social mixer)

Paubox Zoom social mixers allow our customers and prospects to network and discover new trends. The theme of this month's mixer was cybersecurity.

In the know: Healthcare professionals across the country discussed the ransomware attack on the Lovelace Health System (see next story), thoughts on how to train employees to spot phishing attacks, and new risks like quishing and OM.G cables.

See our top takeaways

 

 

 

 

3. Major ransomware attack disrupts Ardent Health Services, affecting 30 hospitals across six states

Over the Thanksgiving weekend, a ransomware attack targeted Ardent Health Services, leading to widespread disruption across its network.

Why it matters: The attack's impact was felt across Ardent Health Services' operations, which include 30 hospitals and more than 200 sites of care in six states: Texas, Oklahoma, New Mexico, Kansas, Idaho, and New Jersey.

It took days to resume operations

 

 

4. California hospital faces data breach

An acute care hospital serving the San Fernando Valley in California confirmed they were part of a cyberattack earlier this year.

Going deeper: The breach may have been carried out by RansomHouse, a ransomware group that claimed responsibility for the attack and added MCH to its data leak site.

Who is Ransomhouse?

 

 

5. What is vishing?

Vishing, short for voice phishing, is a cyber attack that exploits voice and telephony technologies to trick individuals into revealing sensitive information.

How it works: To increase the likelihood of success, vishing scammers use emotional manipulation, exploiting emotional responses to pressure their victims into revealing information without careful consideration.

Vishing techniques used by scammers

 

 

Community links

  • Six books to read this fall. Link
  • Is a phone number PHI? Link
  • The CIA triad for HIPAA. Link
  • How to develop a HIPAA compliant authorization form. Link
  • Can PHI be shared with clergy? Link
  • What are security patches? Link
  • What is a HIPAA corrective action plan? Link

 

October HIPAA Breach Report

  • Network server breaches affected the most people in September 2023. 6,854,737 individuals had their data breached.
  • Other breaches were the second most common breach, with 950,854 people affected.
  • Email breaches affected 257,706 people, the third most common breach type.

Read the full Breach report

 

Good reads from around the web

  • North Korea's Lazarus Group rakes in $3 billion from cryptocurrency hacks. Link
  • Federal officials investigating after pro-Iran group allegedly hacked water authority in Pennsylvania. Link
  • InnovationRx: The 30 Under 30 healthcare list. Link
  • LinkedIn rolls out new features to help nurses, clinicians land their next job. Link
  • Subpoenas – when to push back. Link