HEAL Security - Cybersecurity Intelligence & News for Healthcare

In this episode, we break down the latest developments in the cybersecurity landscape. Authorities have dismantled the SocksEscort residential proxy network that relied on malware-infected routers and devices to provide anonymous proxy services to cybercriminals. Meanwhile, regulators are warning that financial institutions could face increased cyber threats as geopolitical tensions involving Iran continue to rise.

We also examine the major cyberattack on medical technology company Stryker, where a suspected Iranian-aligned hacking group used destructive wiper malware to disrupt corporate systems and operations. The pro-Iran group Handala has claimed responsibility, stating it wiped numerous devices and stole large amounts of data.

In addition, the hacking group ShinyHunters claims to have stolen around one petabyte of data from Telus Digital, potentially making it one of the largest reported corporate data thefts. Security researchers have also identified critical vulnerabilities in Veeam Backup & Replication that could allow attackers to execute remote code on backup servers, along with a WordPress plugin flaw that may expose more than 250,000 websites if left unpatched.

Tune in as we analyze these incidents, what they mean for organizations and individuals, and the broader trends shaping the global cyber threat landscape.

This episode covers the latest developments in cybersecurity, from healthcare data breaches to emerging malware campaigns targeting devices and organizations worldwide. Reports highlight a cyber incident affecting Ansell Healthcare Products, a destructive wiper malware attack linked to medical technology giant Stryker, and ransomware activity targeting healthcare providers across Oceania. Researchers have also uncovered a large botnet of compromised routers, a new Android malware strain combining banking trojan and crypto-mining capabilities, and a data-theft campaign linked to the ShinyHunters group exploiting misconfigured cloud environments. The episode also examines how threat actors are beginning to manipulate AI-generated search responses to distribute malware, reflecting the evolving tactics used by cybercriminals. Stay informed with a concise overview of the most significant cybersecurity threats making headlines today.

In this episode, Edd Hall explores the latest cybersecurity developments shaping the global threat landscape. Researchers reveal a long-running espionage campaign by the Russia-linked APT28 group targeting Ukrainian military organizations, while the North Korea-linked Lazarus Group spreads malware through fake LinkedIn job interviews.

The episode also covers phishing attacks targeting Microsoft Teams users, account-hijacking campaigns against messaging apps like WhatsApp and Signal, and a data breach disclosed by Ericsson. On the defensive side, Microsoft introduces phishing-resistant authentication through Microsoft Entra, and Meta launches new protection features in Facebook Messenger to help users avoid malicious links.

Finally, experts warn about the growing risks of “shadow AI” in healthcare organizations, where unauthorized AI tools could expose sensitive patient data and create compliance challenges.

For more visit: HealSecurity.com

In this episode, the latest cybersecurity developments highlight how threat actors continue to exploit trust in popular software and online platforms. Researchers warn about a fake CleanMyMac website distributing SHub Stealer malware to Mac users, while a malicious npm package disguised as a legitimate developer tool raises new concerns about software supply chain security. Meanwhile, Ericsson’s U.S. operations report a data breach linked to a compromised service provider, and the cybercrime group ShinyHunters claims responsibility for additional high-profile breaches. Investigators have also uncovered a scam impersonating the Claude Code website to spread malware, as Microsoft introduces a new feature to label third-party bots in Microsoft Teams meetings. Signal has confirmed targeted phishing attacks against some users, underscoring the continued importance of vigilance and strong security practices.

In this episode, we discusses the latest cybersecurity developments, including the growing impact of cyberwarfare on global security investments, leadership changes at the U.S. Department of Homeland Security, and a Microsoft 365 outage affecting North American users. He also covers a new malware campaign using fake Claude Code installation pages, updated cybersecurity guidance for healthcare organizations, CISA’s warning about actively exploited Apple vulnerabilities, the rising trend of malware-free cyberattacks using legitimate system tools, and new AI-focused cybersecurity certifications aimed at preparing professionals for emerging AI-driven threats.