CommonSpirit Health ransomware attack exposed data of 623,000 patients
CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack. This figure was published today on the U.S. Department of Health breach portal, where healthcare organizations are legally obligated to report data breaches impacting over 500 individuals. At the start of October, the Illinois-based non-profit health system first informed the public of a cyberattack that took down its IT systems. READ MORE...
Rackspace scrambles to assist customers as ransomware probe continues
Rackspace Technology officials are scrambling to assist customers with email access following a Dec. 2 ransomware attack, which left thousands of businesses unable to access their Exchange accounts. Earlier this week, Rackspace warned it was experiencing service disruptions due to the ransomware incident and may report revenue losses as well as incremental costs as it responds to the attack. READ MORE...
New Ransom Payment Schemes Target Executives, Telemedicine
Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the "patient." The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading. READ MORE...
December 2022 Patch Tuesday forecast: Fine-tuning the connectivity
Microsoft wrapped up a lot of 'loose ends' last month with their November set of updates, but there is still some work to do before the end-of-year holiday season. The ProxyNotShell vulnerabilities were finally fixed, and we saw some improvements in the changes made to communication and authentication exchanges. However, there is some 'fine tuning' still needed based on the chatter from patch forums and articles in the news. READ MORE...
US Health Dept warns of Royal Ransomware targeting healthcare
The U.S. Department of Health and Human Services (HHS) issued a new warning today for the country's healthcare organizations regarding ongoing attacks from a relatively new operation, the Royal ransomware gang. The Health Sector Cybersecurity Coordination Center (HC3) -HHS' security team- revealed in a new analyst note published Wednesday that the ransomware group has been behind multiple attacks against U.S. healthcare orgs. READ MORE...
Lazarus group uses fake cryptocurrency apps to plant AppleJeus malware
The North Korean Lazarus Group, aka APT38, is one of the most sophisticated North Korean APTs. It's been active since 2009 and is responsible for many high profile attacks. In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. Now, researchers at Volexity have analyzed a new campaign that is likely targeting cryptocurrency users and organizations. READ MORE...
Report: Air-Gapped Networks Vulnerable to DNS Attacks
Common misconfigurations in how Domain Name System (DNS) is implemented in an enterprise environment can put air-gapped networks and the high-value assets they are aimed at protecting at risk from external attackers, researchers have found. Organizations using air-gapped networks that connect to DNS servers can inadvertently expose the assets to threat actors, resulting in high-impact data breaches, researchers from security firm Pentera revealed in a blog post published Dec. 8. READ MORE...
Apple's AirTag stalker safeguards are "woefully inadequate," alleges lawsuit
Two women filed a proposed class-action lawsuit on Monday, December 5, in the United States District Court for the Northern District of California against Apple, the makers of AirTags. Airtags are a small Bluetooth-enabled devices designed to track personal belongings. The suit accuses the company of failure to introduce measures to combat abuse of the technology as stalkers have and continue to use AirTags to track people. Both claimed their ex-partners did just that. READ MORE...
Over 4,000 Vulnerable Pulse Connect Secure Hosts Exposed to Internet
More than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability, attack surface management firm Censys warns. Touted as the most widely deployed SSL VPN solution, Pulse Connect Secure provides remote and mobile users with secure access to corporate resources. The VPN appliance is part of Ivanti's portfolio, after it acquired Pulse Secure in 2020. READ MORE...
Vulnerabilities Allow Researcher to Turn Security Products Into Wipers
SafeBreach Labs security researcher Or Yair discovered several vulnerabilities that allowed him to turn endpoint detection and response (EDR) and antivirus (AV) products into wipers. The identified issues, which were presented on Wednesday at the Black Hat Europe cybersecurity conference, allowed the researcher to trick the vulnerable security products into deleting arbitrary files and directories on the system and render the machine unusable. READ MORE...
- ...in 1883, physical trainer Joseph Pilates, creator of the exercise methods bearing his name, is born in Monchengladbach, Germany.
- ...in 1906, computer science pioneer and US Navy Rear Admiral Grace Hopper, the inventor of the first machine-independent program compiler, is born in New York City.
- ...in 1953, actor and producer John Malkovich ("Dangerous Liasons", "Burn After Reading") is born in Christopher, IL.
- ...in 1960, the first episode of "Coronation Street", the world's longest-running television soap opera, is broadcast by the British ITV network.
