Infosecurity Europe 2025 is a cybersecurity event taking place from June 3 to 5 in London. Help Net Security is on-site and here’s a closer look at the conference. The featured vendors are: Okta, PlexTrac, ISC2, Insight, EasyDMARC, Defense.com, Tines, Darktrace, Torq, and Cyrebro.
The post Photos: Infosecurity Europe 2025 appeared first on Help Net Security.
A sophisticated cryptocurrency theft campaign has emerged on the npm package registry, targeting developers and cryptocurrency users through malicious packages designed to drain Ethereum and Binance Smart Chain wallets. The attack leverages heavily obfuscated JavaScript code to steal up to 85% of victims’ cryptocurrency holdings, demonstrating an evolving threat landscape where software supply chain attacks […]
The post Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript appeared first on Cyber Security News.
In healthcare, every minute of downtime isn’t just a technical problem — it’s a patient safety risk.
CNN recently reported that Kettering Health, a major hospital network in Ohio, was hit by a ransomware attack. According to CNN, the Interlock ransomware group claimed responsibility, sending a chilling reminder that healthcare remains a prime target for this particular ransomware gang.
While technical details of the Kettering attack remain scarce, Interlock’s recent history — and the emergence of browser-based attack chains like ClickFix — should put every CISO on high alert. In fact, HHS released a sector-level alert on ClickFix, due to the severity of the attack and how focused attackers were in targeting healthcare organizations. Again, though it is not yet confirmed that this specific exploit was used at Kettering, Interlock has been linked to ClickFix attacks elsewhere.
While Kettering continues to focus on incident response, for those watching across the industry, what’s clear is the growing role of browser-based attacks in ransomware campaigns, and how, in healthcare environments, these kinds of attacks can be life-threatening.
Healthcare Remains a Top TargetRansomware actors continue to prioritize healthcare organizations as targets because of the high value placed on continuity of care. Timely access to records, imaging, and communication systems is essential for delivering treatment — so when those systems are disrupted, the operational impact is immediate.
Healthcare organizations are uniquely vulnerable to ransomware for several reasons:
The stakes are high: In 2024, 67% of healthcare organizations reported a ransomware attack, and research shows that patient care delays increase measurably during major incidents.
Recent examples of healthcare organizations disrupted because of a cyberattack include:
As more clinical and operational workflows move into SaaS apps and browser-delivered interfaces, the browser itself is becoming more relevant to healthcare security.
Understanding ClickFix and Browser-Based TacticsClickFix is a technique that relies on seemingly legitimate browser interactions — like fake CAPTCHAs or pop-up prompts — to trick users into activating malicious scripts. What makes this approach difficult to detect is that it relies heavily on the browser for clipboard manipulation, with no file download to trigger traditional file-based alerts or network signatures.
Here’s how a ClickFix attack could unfold in a healthcare organization:
SquareX first detailed this technique in 2024 to illustrate a broader challenge: many endpoint and network tools lack visibility into what happens in the browser — including browser extensions, clipboard activity, and in-browser scripting.
🧠 Read our full analysis, with step-by-step details, of the ClickFix attack →
Why Traditional Security Tools Miss Browser AttacksMost healthcare organizations rely on a familiar stack: Secure Web Gateways (SWG), Endpoint Detection & Response (EDR), and Data Loss Prevention (DLP). But these tools were not designed for the complexity of modern browsers.
What they miss:
Meanwhile, many clinical workflows — from EHRs to claims portals — now run in the browser. In fact, a 2024 survey of the healthcare technology market showed healthcare SaaS expecting to grow nearly 20% by 2028.
This is where Browser Detection & Response (BDR) can complement existing investments — by providing client-side visibility into user behavior and web application interactions that traditional controls can’t see.
Practical Next Steps for Healthcare Security TeamsThis is a good moment to reassess browser-layer visibility and controls. Here are some actions that security teams can take today:
The Kettering Health ransomware incident is yet another reminder of how persistent and creative today’s adversaries have become. While we don’t yet know exactly how the breach occurred, the involvement of a group known to use browser-based techniques raises thoughtful questions for defenders.
Rather than respond with alarm, this is an opportunity to ask:
Do we have the visibility we need at the browser layer?
Are we prepared to detect and respond to client-side threats that bypass legacy controls?
If your answer is no, that’s okay. Modernizing browser security doesn’t require a full overhaul — you may just need to layer in the right visibility where today’s users and workflows operate. Learn more in this Browser Detection and Response white paper.
Interlock and the Kettering Ransomware Attack: ClickFix’s Persistence was originally published in SquareX Labs on Medium, where people are continuing the conversation by highlighting and responding to this story.
The post Interlock and the Kettering Ransomware Attack: ClickFix’s Persistence appeared first on Security Boulevard.
Akamai Technologies has introduced Akamai DNS Posture Management, a solution that offers unified, multicloud visibility over all DNS assets. The agentless solution provides real-time monitoring and guided remediation across all major DNS providers. Security teams can quickly detect and respond to DNS-based attacks, certificate security risks, vulnerabilities, and misconfigurations that weaken an organization’s security posture. DNS plays a key role in helping computers, services, and other resources find and connect with each other across the … More →
The post Akamai launches DNS Posture Management for real-time monitoring and guided remediation appeared first on Help Net Security.
RSA announced a new Identity Security Posture Management (ISPM) and enhancements to its passwordless identity platform. These innovations will help enterprises proactively find and resolve security risks across hybrid and cloud environments and simplify users’ log-in processes with advanced, phishing-resistant security capabilities. RSA announces new RSA Governance & Lifecycle ISPM capabilities Built into the RSA Governance & Lifecycle identity governance and administration (IGA) solution, the new ISPM features from RSA address critical cybersecurity risks that … More →
The post RSA enhances passwordless identity platform appeared first on Help Net Security.
The domino effect of CVE disruption is something all cybersecurity practitioners must be aware of, a Morphisec executive argues.
The post Future-ready cybersecurity: Lessons from the MITRE CVE crisis appeared first on CyberScoop.