The 8220 gang has been discovered exploiting a vulnerability in the Oracle WebLogic Server (CVE-2020-14883) to spread malware, according to Imperva Threat Research. Active since 2017, the group typically deploys cryptocurrency miners on Linux and Windows hosts by exploiting known weaknesses. Recently, they have been targeting healthcare, telecommunications and financial services in the US, South Africa, Spain, Columbia, and Mexico.
A division of United Healthcare, Change Healthcare, is dealing with the fallout of a cyber attack. This has heavily impacted the healthcare industry, affecting transactions