<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/17/2019



N.J.’s Largest Hospital System Pays Up in Ransomware Attack

New Jersey’s largest hospital system said that it has paid hackers a ransom after a ransomware attack disrupted its services earlier this month. Hackensack Meridian Health, a $6 billion non-profit health provider system based in Edison, N.J., operates 17 hospitals, nursing homes and outpatient centers, as well as psychiatric facility Carrier Clinic. The hospital system told media outlets on Friday that it was targeted by a cyberattack on Dec. 2, crippling its computer software systems for nearly five days.

Ransomware-seized New Orleans declares state of emergency

On Friday, the US city of New Orleans became the latest local government to be held hostage to ransomware. The ongoing attack caused Mayor LaToya Cantrell to declare a state of emergency. During a press conference on Friday, the mayor confirmed that it was a ransomware attack, and that its activity started around 5 a.m. that morning. The city spotted the suspicious activity on its networks around 11 a.m., at which point it basically turned itself off.


Russian hacker who allegedly exploited accounting software to steal $1.5 million to plead guilty

A Russian man accused of stealing $1.5 million as part of a scam that relied on using fraudulent tax returns to intercept cash meant for Americans is preparing to plead guilty. U.S. prosecutors charged Anton Bogdanov, known online as “Kusok,” with computer intrusion, aggravated identity theft and related charges for alleged activity between June 2014 and November 2016.


Credit Card Data Exposed Online Is Tested Within 2 Hours

Be it fake or real, payment card data does not survive untouched for long on the web, a recent experiment showed. The bad guys are testing everything they find on the internet, just to make sure they don't miss an opportunity to cash in. From the moment it landed on several paste sites, it took two hours for data from a Visa card to be used for a micro-transaction, just to check it's validity.


TP-Link Router Bug Lets Attackers Login Without Passwords

TP-Link patched a critical vulnerability impacting some of its Archer routers that could allow potential attackers to void their admin passwords and remotely take control of the devices over LAN via a Telnet connection. "If exploited, this router vulnerability can allow a remote attacker to take control of the router’s configuration via Telnet on the local area network (LAN) and connect to a File Transfer Protocol (FTP) server through the LAN or wide area network (WAN)," found IBM X-Force Red's Grzegorz Wypych.

Navy letter shows military worried about unknown vulnerabilities in DJI drones

The U.S. Navy issued an internal warning in 2017 about vulnerabilities in systems made by Chinese-based drone company DJI that could allow adversaries to siphon data from devices, according to a document obtained through the Freedom of Information Act. “Overall, the system should be considered highly vulnerable in the cyber security realm and employed accordingly,” the document, obtained by the George Washington University’s National Security Archive and shared with CyberScoop, reads.

Major vulnerabilities found in popular wireless presentation system

F-Secure consultants have discovered several exploitable vulnerabilities in Barco’s ClickShare wireless presentation system. Attackers can use the flaws to intercept and manipulate information during presentations, steal passwords and other confidential information, and install backdoors and other malware.