Nissan North America informed the Maine Attorney General this week that a ransomware attack launched last year resulted in the personal information of employees getting compromised. According to the company, it learned in early November 2023 that a threat actor had gained access to its systems through an external VPN. The attacker did not encrypt data or disrupt any systems, but it did steal files from local and network shares and demanded a ransom. READ MORE...
Santander, a Spanish banking institution, has announced that it recently suffered a data breach in which a victim gained access to a database hosted by a third-party provider. In the immediate aftermath of the breach, Santander moved to limit the scope of the intrusion by blocking access to the compromised database. Fraud prevention controls were also established to protect customers who were affected by the breach, it said though a press release, which did not mention the name of the provider. READ MORE...
Electronic prescription provider MediSecure in Australia has shut down its website and phone lines following a ransomware attack believed to originate from a third-party vendor. The incident has impacted personal and health information of individuals but the extent remains unclear at this time. Operating since 2009, MediSecure provides digital tools to healthcare professionals to manage and dispense medications to patients. READ MORE...
The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers. Kimsuky is a state-sponsored threat actor linked to North Korea's military intelligence, the Reconnaissance General Bureau (RGB). READ MORE...
Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from replying to encrypted emails using the Outlook Desktop client. This confirms customer reports regarding these issues when using the classic Outlook clients shared on Microsoft's community website in recent months. According to online reports, reinstalling Outlook or creating a new profile for the impacted email account fails to address the issue. READ MORE...
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group. A likely Chinese threat actor is using a recent variant of the notorious Gh0st RAT malware to try and steal information from artificial intelligence experts in US companies, government agencies, and academia. Researchers at security vendor Proofpoint first spotted the campaign earlier this month. READ MORE...
Thankfully, GE ultrasounds aren't Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access. Researchers have discovered 11 security vulnerabilities in GE HealthCare's Vivid Ultrasound family of products, as well as two related software programs. The issues are varied, and include missing encryption of sensitive data, use of hardcoded credentials, and more. They range in severity from 5.7 to 9.6 on the CVSS 3.1 scoring system. READ MORE...