Don’t Do This!
Macros are still being used to install malware. Never click enable content in a Word document that you received from someone you do not know. The latest version is attempting to infect Office 365 (cloud based Microsoft Office). Variants of Cerber Ransomware are now targeting MS Office 365 email users with a massive zero-day attack that has the ability to bypass Office 365's built-in security tools.
According to a report published by cloud security provider Avanan, the massive zero-day Cerber ransomware attack targeted Microsoft Office 365 users with spam or phishing emails carrying malicious file attachments.
The Cerber ransomware is invoked via Macros. Yes, it's hard to believe but even in 2016, a single MS Office document could compromise your system by enabling 'Macros'.
Locky and Dridex ransomware malware also made use of the malicious Macros to hijack systems. Over $22 Million was pilfered from the UK banks with the Dridex Malware that got triggered via a nasty macro virus.
Although Cerber Ransomware originally emerged in March, the malware campaign targeting Office 365 users began on June 22. However, Microsoft started blocking the malicious file attachment on June 23.
The Cerber Ransomware not only encrypts user files and displays a ransom note, but also takes over the user's audio system to read out its ransom note informing them that their files have been encrypted.
The ransomware encrypts files with AES-256 encryption, asking victims to pay 1.24 Bitcoin (nearly US $810) for the decryption key.
Researcher spots an ATM Skimmer while on vacation in Vienna
We have heard a lot about ATM skimmers, but it's nearly impossible to spot one.
Some skimmers are designed to look exactly like the original card slot on the machine and are attached over it to the front. Others are completely hidden inside the ATM.
But, during his vacation in Vienna, Austria, cyber security expert Benjamin Tedesco spotted an ATM skimmer that was totally unrecognizable.
Tedesco was hanging out in Vienna and went to draw out some money from a cash machine outside St. Stephen's Cathedral. He decided to do a quick visual inspection of the ATM machine and surprisingly spotted the dodgy skimming device attached to it.
Warning: Beware of Skimming Devices Installed on the ATM Vestibule Doors.
It was a credit card skimmer – a perfect replica of the actual card reader, designed to steal the credit card information of users when they swipe their card to obtain cash from the ATM.
"Being security paranoid, I repeated my typical habit of checking the card reader with my hand as I have 100's of times," Tedesco wrote in a blog post. "Today's the day when my security awareness paid off!"
Tedesco, an employee of the firm Carbon Black, immediately grabbed the Skimmer glued on top of the actual card reader and dragged it out and off.
The ATM skimmer detected by Tedesco contained a magnetic strip reader, battery, some sort of switch and a control board with the four pin connector.
Medicare Fraud Strike Force nabs 301 criminals for $900 million in false billings
Healthcare IT News By Jeff Lagasse June 22, 2016
The 301 defendants, 61 of them clinicians, are being charged with various crimes, including conspiracy, violations of anti-kickback statutes, money laundering and aggravated identity theft.
Medicare Fraud Strike Forces on Wednesday announced that they arrested 301 people in what is considered the biggest fraud bust in history, $90 million lost.
Twenty-three state Medicaid Fraud Control Units also participated in the arrests, which spanned 36 federal districts and included 61 doctors, nurses and other licensed medical professionals.
Additionally, the Centers for Medicare and Medicaid Services is suspending payment to a number of providers using the suspension authority provided in the Affordable Care Act. According to the Department of Justice, this coordinated takedown is the largest in history, both in terms of the number of defendants charged and the amount lost.
The defendants are charged with various healthcare fraud-related crimes, including conspiracy to commit healthcare fraud, violations of the anti-kickback statutes, money laundering and aggravated identity theft. The charges are based on a variety of alleged fraud schemes involving various medical treatments and services, including home health care, psychotherapy, physical and occupational therapy, durable medical equipment and prescription drugs.
More than 60 of the defendants arrested are charged with fraud related to the Medicare prescription drug benefit program known as Part D, which is the fastest-growing component of the Medicare program overall.
According to court documents, the defendants allegedly participated in schemes to submit claims to Medicare and Medicaid for treatments that were medically unnecessary and often never provided. In many cases, patient recruiters, Medicare beneficiaries and other co-conspirators were allegedly paid cash kickbacks in return for supplying beneficiary information to providers, so that the providers could then submit fraudulent bills to Medicare for unnecessary or never-performed services.
Release of patients' electronic data should be a top priority, says OCR
At ONC’s annual meeting, Deven McGraw, deputy director of health information privacy in HHS' Office for Civil Rights, said the culture change surrounding data sharing will happen because patients demand it.
A surge of recent developments – the rise in apps for health management and wellness, advances in research data, precision medicine gains – is placing a great responsibility on healthcare leaders to break down data silos to simplify sharing among providers. And with consumers.
That's according to Deven McGraw, deputy director of health information privacy in HHS' Office for Civil Rights. But to get there, she says, it's going to take more than governance.
"I can enforce people to comply with the law, but the culture change that makes a difference is not because the government is going to force it down people's throat," said McGraw, speaking Thursday at ONC’s annual meeting in Washington. "It's going to happen because people want it and demand it. We need to lay the foundation and get the heck out of the way.
"If we lay the right foundation, then the innovators will come in and kick up and really put some steam behind this revolution," she added.
OCR is pushing for providers to securely release this electronic data at the patient's request, McGraw said.
During today’s meeting, the ONC and OCR also released consumer-directed videos to inform individuals of their rights to access their patient data, under HIPAA.
Funnies
*SIGN IN A SHOE REPAIR STORE:
*We will heel you
*We will save your sole
*We will even dye for you.
*Sign over a Gynecologist Office:
*Dr. Jones, at your cervix.
*In a Podiatrist's Office:
*Time wounds all heels.
*On a Septic Tank Truck:
*Yesterday's Meals on Wheels
*At an Optometrist's Office:
*If you don't see what you're looking for,
You’ve come to the right place.
*On a Plumber's Truck:
*We repair what your husband fixed.
*At a Tire Shop in Milwaukee:
*Invite us to your next blowout.
*On an Electrician's truck:
*Let us remove your shorts.
*In a Non-smoking Area:
*If we see smoke, we will assume you are on fire and will take appropriate action.
*Sign on the back of another Septic Tank Truck:
*Caution - "This Truck is full of Political Promises."
