IT Security Newsletter

IT Security Newsletter - 2/13/2023

Written by Cadre | Mon, Feb 13, 2023

Ransomware crooks steal 3m+ patients' medical records, personal info

Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022. READ MORE...

Pepsi Bottling Ventures suffers data breach after malware attack

Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems. Pepsi Bottling Ventures is the largest bottler of Pepsi-Cola beverages in the United States, responsible for manufacturing, selling, and distributing popular consumer brands. It operates 18 bottling facilities across North and South Carolina, Virginia, Maryland, and Delaware. READ MORE...

City of Oakland systems offline after ransomware attack

The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. The attack has not affected core services, with the City saying that 911 dispatch and fire and emergency resources are all working as expected. The City's Information Technology Department (ITD) is coordinating with law enforcement to investigate the attack and working on securing and restoring impacted services. READ MORE...

Reddit Hack Shows Limits of MFA, Strengths of Security Training

The latest hack of a well-known company highlights that attackers are increasingly finding ways around multifactor authentication (MFA) schemes - so employees continue to be an important last line of defense. On Jan. 9, Reddit notified its users that a threat actor had successfully convinced an employee to click on a link in an email sent out as part of a spearphishing attack, which led to "a website that cloned the behavior of our intranet gateway." READ MORE...

KillNet hits healthcare sector with DDoS attacks

At the end of January, the Health Sector Cybersecurity Coordination Center warned that the KillNet group is actively targeting the US healthcare sector with distributed denial-of-service (DDoS) attacks. The Cybersecurity and Infrastructure Security Agency (CISA) says it helped dozens of hospitals respond to these DDoS incidents. A distributed denial-of-service attack uses numerous systems to send network communication requests to one specific target. READ MORE...

Microsoft OneNote Abuse for Malware Delivery Surges

Organizations worldwide have been warned of an increase in the number of attacks abusing Microsoft OneNote documents for malware delivery. Part of the Office suite, OneNote is typically used within organizations for note taking and task management, among other operations. What makes OneNote documents an attractive target for threat actors includes the fact that they do not benefit from the Mark-of-the-Web (MOTW) protection, along with the fact that files can be executed with minimal warnings. READ MORE...

  • ...in 1923, US Air Force officer and record-setting test pilot Chuck Yeager, the first human to break the sound barrier, is born in Myra, WV.
  • ...in 1950, musician and former Genesis lead singer Peter Gabriel ("Solsbury Hill", "Sledgehammer") is born in Surrey, England.
  • ...in 1954, Furman University shooting guard Frank Selvy becomes the only NCAA Division I basketball player ever to score 100 points in a single game.
  • ...in 2004, astronomers announce the discovery of the universe's largest known diamond: a white dwarf star, named "Lucy" for the Beatles song "Lucy in the Sky with Diamonds".