IT Security Newsletter

IT Security Newsletter - 5/17/24

Written by Cadre | Fri, May 17, 2024

Nissan Data Breach Impacts 53,000 Employees

Nissan North America informed the Maine Attorney General this week that a ransomware attack launched last year resulted in the personal information of employees getting compromised. According to the company, it learned in early November 2023 that a threat actor had gained access to its systems through an external VPN. The attacker did not encrypt data or disrupt any systems, but it did steal files from local and network shares and demanded a ransom. READ MORE...

Santander Falls Victim to Data Breach Involving Third-Party Provider

Santander, a Spanish banking institution, has announced that it recently suffered a data breach in which a victim gained access to a database hosted by a third-party provider. In the immediate aftermath of the breach, Santander moved to limit the scope of the intrusion by blocking access to the compromised database. Fraud prevention controls were also established to protect customers who were affected by the breach, it said though a press release, which did not mention the name of the provider. READ MORE...

MediSecure e-script firm hit by 'large-scale' ransomware data breach

Electronic prescription provider MediSecure in Australia has shut down its website and phone lines following a ransomware attack believed to originate from a third-party vendor. The incident has impacted personal and health information of individuals but the extent remains unclear at this time. Operating since 2009, MediSecure provides digital tools to healthcare professionals to manage and dispense medications to patients. READ MORE...

Kimsuky hackers deploy new Linux backdoor in attacks on South Korea

The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers. Kimsuky is a state-sponsored threat actor linked to North Korea's military intelligence, the Reconnaissance General Bureau (RGB). READ MORE...

Microsoft shares temp fix for Outlook encrypted email reply issues

Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from replying to encrypted emails using the Outlook Desktop client. This confirms customer reports regarding these issues when using the classic Outlook clients shared on Microsoft's community website in recent months. According to online reports, reinstalling Outlook or creating a new profile for the impacted email account fails to address the issue. READ MORE...

US AI Experts Targeted in SugarGh0st RAT Campaign

Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group. A likely Chinese threat actor is using a recent variant of the notorious Gh0st RAT malware to try and steal information from artificial intelligence experts in US companies, government agencies, and academia. Researchers at security vendor Proofpoint first spotted the campaign earlier this month. READ MORE...

GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft

Thankfully, GE ultrasounds aren't Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access. Researchers have discovered 11 security vulnerabilities in GE HealthCare's Vivid Ultrasound family of products, as well as two related software programs. The issues are varied, and include missing encryption of sensitive data, use of hardcoded credentials, and more. They range in severity from 5.7 to 9.6 on the CVSS 3.1 scoring system. READ MORE...

  • ...in 1792, the New York Stock Exchange is formed.
  • ...in 1866, avant-garde composer Erik Satie, best known for his "Gymnopedies", is born in Honfleur, France.
  • ...in 1954, the Supreme Court rules unanimously against the practice of racial segregation in schools, in the case of Brown v. Board of Education.
  • ...in 1965, musician, film composer, and Nine Inch Nails founder Trent Reznor is born in New Castle, PA.