Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Cybersecurity Advisor Adam Pilton is back with a fresh Cyber News Snapshot for MSPs & other professionals in the IT industry.
Top cybersecurity news between 20th and 26th June talks about Qilin ransomware’s new tricks, a DHS advisory on Iran-supported threat actors, a healthcare facilities’ data breach impact, and a new record for DDoS attacks.
Adam seasoned all that with actionable safety advice against old and new cyber threats.
If there’s any other news from the past week that caught your eye and you’d like to dive into, drop a comment on Heimdal’s Reddit community. Let’s check it out!
Massive ransomware attack hits McLaren Healthcare
McLaren Healthcare in Michigan has confirmed a major ransomware breach, with nearly 743,000 patient records exposed. The breach – believed to have occurred around mid-2024 – impacted 13 hospitals and cancer centers, compromising Social Security numbers, diagnosis details, and sensitive clinical data.
This marks the second time in just 12 months that McLaren has fallen victim to ransomware.
Safety advice for healthcare security providers
If you’re an MSP supporting healthcare, your two best friends should be:
- Immutable backups – so attackers can’t encrypt or delete them.
- Regular ransomware drills – because when disaster strikes, rehearsed responses are what keep the lights on.
If your backups go down, so does your last line of defense.
U.S. Government warns of Iranian-backed cyber retaliation
The Department of Homeland Security has issued a heads-up: expect cyber retaliation from Iranian state-backed hackers. Their likely targets? Critical infrastructure – think banks, hospitals, and utilities.
These warnings come amid rising geopolitical tensions and are being echoed by both CISA and the FBI.
Safety advice against nation-state threat actors
If you think you might be on the firing line:
- Enforce MFA (Multi-Factor Authentication) across everything.
- Ramp up monitoring of both network and endpoint activity.
- Run tabletop exercises with your team – simulate a breach and walk through the incident response.
Awareness isn’t just a security layer – it’s a survival strategy.
Play Ransomware crushes nearly 900 organizations globally
A joint FBI and CISA advisory revealed that the Play ransomware gang has taken down nearly 900 organizations across the globe since late 2023.
Their go-to method? Exploiting vulnerabilities in remote monitoring and management (RMM) tools. If your tools aren’t locked down, you’re handing them a key.
Safety advice for bullet-proof RMMs
Here’s what you need to do right now:
- Audit your RMM configurations – look for weaknesses and patch them.
- Block all RDP (Remote Desktop Protocol) access from the public internet.
- Enforce MFA on every login tied to remote tools.
They’re hunting for low-hanging fruit – make sure you’re not one of those.
Qilin Ransomware’s new ‘Call a Lawyer’ pressure tactic
Cybersecurity firm Cybereason uncovered a slick new tactic from the Qilin ransomware group. They’ve added a “Call Lawyer” button in their negotiation panels. This button connects victims to seemingly real legal reps to intimidate and pressure them into paying.
As a result, the whole interaction feels more legitimate and ramps up the psychological pressure.
Safety advice against ransomware attackers’ tricks
To avoid falling for these pseudo legal mind games:
- Have a legal response plan in place in case a breach happens.
- Hire a legal counsel familiar with cyber law and ransomware.
- Set escalation protocols so no one’s left guessing during a crisis.
Being ready is not just about technology, there’s always a legal side of the story too.
Cloudflare mitigates record-breaking DDoS attack
In May, Cloudflare handled a whopper of a DDoS (Distributed Denial of Service) attack against one of their hosting provider clients. It peaked at 7.3 Tbps, surpassing the previous record by 12%.
To put that into perspective: 37.4 terabytes of data were blasted in just 45 seconds – equivalent to 9.35 million songs, or 57 years of non-stop listening.
Safety advice against DDoS attacks
If you’re running a digital service:
- Invest in DDoS mitigation services – especially if uptime is business-critical.
- Understand your network’s limits and set layered defense mechanisms.
- Monitor traffic trends to spot anomalies before they become outages.
DDoS attacks are fast, ruthless, and getting bigger. Get ready.
Bottom line this week: prepare like it’s going to happen, practice so you respond without panic, talk to a lawyer – because legal readiness matters too.
If you liked this article, follow us on LinkedIn, Reddit, X, Facebook, and Youtube.
