Mandiant Exposes UNC3753's US Law Firm Data Heist Tactics

Beware of UNC3753, a notorious group that's been stealing sensitive data from US law firms and other professional services, using clever vishing tactics and lightning-fast intrusions to extort their victims. In some cases, they can go from initial contact to data theft in under an hour.

https://osintsights.com/mandiant-exposes-unc3753s-us-law-firm-data-heist-tactics?utm_source=mastodon&utm_medium=social

#DataTheft #Extortion #Vishing #SocialEngineering #Unc3753

DATE: June 5, 2026 at 05:42PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

What #Trump's #AI #ExecutiveOrder Means for #Healthcare Sector https://t.co/qepccvrdGI

Here are any URLs found in the article text:

https://t.co/qepccvrdGI

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

DATE: June 5, 2026 at 04:21PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

@Conduent Hack Victim Count Now Tops 62.2 Million: Back-Office Servicer's #DataBreach Estimate Has More Than Doubled Since Februaryhttps://www.healthcareinfosecurity.com/conduent-hack-victim-count-now-tops-622-million-a-31900 #HIPAA

Here are any URLs found in the article text:

https://www.healthcareinfosecurity.com/conduent-hack-victim-count-now-tops-622-million-a-31900

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

DATE: June 5, 2026 at 04:15PM
SOURCE: HIPAA Watch from JD Supra

Direct article link at end of text block below.

Calif. Ruling Lowers Bar For Health Data Breach Claims https://t.co/LWu3bwCEjI

Here are any URLs found in the article text:

https://t.co/LWu3bwCEjI

Articles can be found by scrolling down the page at https://www.jdsupra.com/ under the title "Latest Updates".

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

#security #healthcare #doctors #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #HIPAA #privacy #healthcaresecurity #BAA #patientrecords #telehealth #socialengineering

DATE: June 5, 2026 at 12:26PM
SOURCE: HIPAA JOURNAL

Direct article link at end of text block below.

DentaQuest, a dental benefits administrator, has confirmed that it has experienced a cyberattack. A Hacking group claims to have exfiltrated 234 GB of data, including the records of 2.6 million patients.
https://t.co/wb8MekR4CQ

Here are any URLs found in the article text:

https://t.co/wb8MekR4CQ

Articles can be found by scrolling down the page at https://www.hipaajournal.com/ .

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

#security #healthcare #doctors #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #HIPAA #privacy #healthcaresecurity #BAA #patientrecords #telehealth #socialengineering

DATE: June 5, 2026 at 12:26PM
SOURCE: HIPAA JOURNAL

Direct article link at end of text block below.

DentaQuest, a dental benefits administrator, has confirmed that it has experienced a cyberattack. A Hacking group claims to have exfiltrated 234 GB of data, including the records of 2.6 million patients.
https://t.co/wb8MekR4CQ

Articles can be found by scrolling down the page at https://www.hipaajournal.com/ .

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

#security #healthcare #doctors #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #HIPAA #privacy #healthcaresecurity #BAA #patientrecords #telehealth #socialengineering

ClickFix Is Now Hiring: From Job Platform Impersonation to Python-Based RAT Delivery

A multi-stage phishing campaign emerged in early May 2026, impersonating LinkedIn and Indeed through typosquatted domains to deliver malicious payloads. The attack chain begins with fake CAPTCHA pages distributed via Google Ads, leveraging the legacy Finger protocol and native Windows utilities. Victims are tricked into executing commands that deploy portable Python runtimes (CPython or IronPython), which then execute in-memory shellcode. The campaign delivers CastleLoader, a Malware-as-a-Service framework using ChaCha20 and RC4 encryption for C2 communications, followed by a Python-based remote access trojan. The RAT provides interactive shell control, in-memory payload execution, and persistence mechanisms. The campaign represents an evolution of browser-based social engineering, combining Living-off-the-Land binaries with Python-based delivery to maintain a fileless footprint and evade detection through legitimate system utilities.

Pulse ID: 6a2201a331661aba15d362d1
Pulse Link: https://otx.alienvault.com/pulse/6a2201a331661aba15d362d1
Pulse Author: AlienVault
Created: 2026-06-04 22:52:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #CAPTCHA #ChaCha20 #CyberSecurity #Encryption #Google #GoogleAds #InfoSec #LinkedIn #Malware #MalwareAsAService #OTX #OpenThreatExchange #Phishing #Python #RAT #RemoteAccessTrojan #SMS #ShellCode #SocialEngineering #Trojan #Windows #bot #AlienVault

Operation TaxShadow: Multi-Region Tax Phishing & In-Memory Malware Campaign

A sophisticated multi-stage malware campaign targets victims through tax-themed phishing emails impersonating Indian and Japanese government authorities. The operation leverages social engineering, fraudulent tax notifications, and trusted third-party email delivery services to distribute ZIP archives containing three staged payloads. The malware implements advanced evasion techniques including DLL Search Order Hijacking, API hooking, token manipulation, Mersenne Twister-based execution logic, COM callback execution, mutated RC4 encryption, and reflective PE loading. Execution occurs primarily in memory, significantly reducing forensic artifacts. The malware establishes persistent WebSocket-based command-and-control communication through HTTP protocol upgrades, allowing malicious traffic to blend with legitimate activity. Chinese-language artifacts were observed throughout the infrastructure and code, though attribution remains at moderate confidence. The campaign demonstrates characteristics of a mature, ...

Pulse ID: 6a2201a401cb916346d57934
Pulse Link: https://otx.alienvault.com/pulse/6a2201a401cb916346d57934
Pulse Author: AlienVault
Created: 2026-06-04 22:52:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Chinese #CyberSecurity #Email #Encryption #Government #HTTP #ICS #India #InfoSec #Japan #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SocialEngineering #ZIP #bot #AlienVault

DATE: June 4, 2026 at 05:17PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

#ShinyHunters Leaks 234GB @DentaQuest Data Trove: Gang Claims 2.6M People Affected in #Cybercrime Group's Latest #DataTheft Attack https://t.co/qnlaBAnVPB

Here are any URLs found in the article text:

https://t.co/qnlaBAnVPB

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

DATE: June 4, 2026 at 04:10PM
SOURCE: HIPAA Watch from JD Supra

Direct article link at end of text block below.

Oh, Baby! Fertility Benefits Remain a Focus for Employers and Regulators https://t.co/U6UoT5oTL5

Here are any URLs found in the article text:

https://t.co/U6UoT5oTL5

Articles can be found by scrolling down the page at https://www.jdsupra.com/ under the title "Latest Updates".

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

#security #healthcare #doctors #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #HIPAA #privacy #healthcaresecurity #BAA #patientrecords #telehealth #socialengineering