Hackers broke into Change Healthcare’s IT systems by exploiting a vulnerability in a Citrix remote desktop product, according to Andrew Witty, CEO of UnitedHealth. A compromised username/password combination was used, with no multi-factor authentication in place. ALPHV, a ransomware-as-a-service vendor, allegedly breached Change Healthcare and stole 4TB of data, demanding $22 million in cryptocurrency. The attack led to parts of the company’s infrastructure shutting down, affecting local pharmacies and other businesses.
North Korean hackers step up phishing attacks on Ukraine government
North Korean state-sponsored cyber actor, TA406, is carrying out phishing attacks and credential-stealing operations against Ukrainian government entities to gather intelligence on the Russian invasion,
