<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/21/2022



Health system data breach due to Meta Pixel hits 3 million patients

Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients. The incident was caused by the improper use of Meta Pixel on AAH's websites, where patients log in and enter sensitive personal and medical information. Meta Pixel is a JavaScript tracker that helps website operators understand how visitors interact with the site, helping them make targeted improvements. READ MORE...

Medibank hack turned into a data breach: The attackers are demanding money

Medibank, Australia's largest private health provider, has confirmed that last week's "cyber incident" has resulted in a data breach. "Medibank has been contacted by a criminal claiming to have stolen 200GB of data," the company said. "The criminal has provided a sample of records for 100 policies which we believe has come from our ahm and international student systems." READ MORE...


Brazilian Police Nab Suspected Member of Lapsus$ Group

Brazil's Federal Police announced they have arrested a Brazilian man they suspect as being a member of the cybercrime organization Lapsus$ Group. The man's arrest this week is the result of what the authorities dubbed "Operation Dark Cloud," launched in August, according to police, following Lapsus$ Group cyberattacks late last year on the Ministry of Health, Ministry of the Economy, Comptroller General of the Union, and the Federal Highway police. READ MORE...


Microsoft Data-Exposure Incident Highlights Risk of Cloud Storage Misconfiguration

Cloud storage misconfigurations of the sort that Microsoft disclosed late yesterday continue to be a major contributor to data breaches. Microsoft Security Response Center said in a post that information shared by prospective clients with the company in recent years potentially may have been compromised via a misconfigured cloud storage endpoint. SOCRadar described discovering the data in an Azure Blob storage bucket that was publicly accessible over the Internet. READ MORE...


Ursnif malware switches from bank account theft to initial access

A new version of the Ursnif malware (a.k.a. Gozi) emerged as a generic backdoor, stripped of its typical banking trojan functionality. This change could indicate that the operators of the new version are focusing on distributing ransomware. Codenamed "LDR4," the new variant was spotted on June 23, 2022, by researchers at incident response company Mandiant, who believe that it's being distributed by the same actors that maintained the RM3 version of the malware over the past years. READ MORE...

Venus ransomware targets remote desktop services

It's time for another tale of remote desktop disaster, as a newish form of ransomware carves out a name for itself. Bleeping Computer reports that individuals behind Venus ransomware are breaking into "publicly exposed Remote Desktop services", with the intention of encrypting any and all Windows devices. Since at least August 2022, Venus has been causing chaos and has become rather visible lately. READ MORE...

Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

ESET researchers recently identified a new version of the Android malware FurBall being used in a Domestic Kitten campaign conducted by the APT-C-50 group. The Domestic Kitten campaign is known to conduct mobile surveillance operations against Iranian citizens and this new FurBall version is no different in its targeting. Since June 2021, it has been distributed as a translation app via a copycat of an Iranian website that provides translated articles, journals, and books. READ MORE...

Information Security

4 ways Target dynamically tracks the most alarming threats

Target puts a lot of trust in its cyberthreat intelligence, instituting processes throughout the organization to help it prioritize threats most likely to harm the retailer among a sea of malicious actors. A pair of leaders on the company's threat intelligence team explained how specialized systems bolster the company's defenses during a presentation Tuesday at Mandiant's mWISE Conference. READ MORE...

On This Date

  • ...in 1879, After 14 months of testing, Thomas Edison first demonstrates his electric lamp, hoping to one day compete with gaslight.
  • ...in 1940, Ernest Hemingway's novel For Whom the Bell Tolls is published.
  • ...in 1961, Bob Dylan records his first album in a single day at a cost of $400.
  • ...in 1994, North Korea and the US sign an agreement requiring North Korea to halts its nuclear weapons program and agree to international inspections.