IT Security Newsletter

IT Security Newsletter - 2/8/2023

Written by Cadre | Wed, Feb 8, 2023

Florida hospital takes entire IT systems offline after 'ransomware attack'

Tallahassee Memorial Healthcare (TMH), a major hospital system in northern Florida, has reportedly been experiencing an "IT security issue" since Thursday evening, which impacted some of its IT systems. When TMH learned of the issue, it took its entire IT systems offline as a precaution and contacted law enforcement. In a news post on its website, the hospital says it's making progress managing the security incident while it continues to operate under IT system downtime protocols. READ MORE...

Patient Information Compromised in Data Breach at San Diego Healthcare Provider

San Diego healthcare services provider Sharp HealthCare is informing patients that some of their information was compromised in a recent data breach. A not-for-profit healthcare provider, Sharp operates multiple hospitals and facilities in San Diego County, has 19,000 employees and works with roughly 2,700 affiliated physicians. The incident took place on January 12, when an unauthorized party gained access to a server running the Sharp[.]com website, the company says in a data breach notice. READ MORE...

Researcher breaches Toyota supplier portal with info on 14,000 partners

Toyota's Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company. GSPIMS is the car manufacturer's web application that allows employees and suppliers to remotely log in and manage the firm's global supply chain. The security researcher, who publishes under the pseudonym EatonWorks, discovered a "backdoor" in Toyota's system that allowed anyone to access an existing user account. READ MORE...

Siemens License Manager Vulnerabilities Allow ICS Hacking

The Siemens Automation License Manager is affected by two serious vulnerabilities that could be chained to hack industrial control systems (ICS), according to industrial cybersecurity firm Otorio. On January 10, Siemens released its first round of Patch Tuesday updates for 2023, addressing a total of 20 vulnerabilities affecting the company's products. In a blog post published on Tuesday, Otorio explained that most of Siemens' software products use the ALM by default for license management. READ MORE...

CISA releases recovery script for ESXiArgs ransomware victims

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a script to recover VMware ESXi servers encrypted by the recent widespread ESXiArgs ransomware attacks. Starting last Friday, exposed VMware ESXi servers were targeted in a widespread ESXiArgs ransomware attack. Since then, the attacks encrypted 2,800 servers according to a list of bitcoin addresses collected by CISA technical advisor Jack Cable. READ MORE...

Russian ransomware money launderer pleads guilty to funneling Ryuk payments

In another blow against the global networks enabling ransomware operations, a Russian cryptocurrency money launderer pleaded guilty to attempting to conceal at least $400,000 in ransoms paid to criminal hackers. Denis Mihaqlovic Dubnikov received the illicit funds, which resulted from Ryuk ransomware attacks on unnamed U.S. individuals and organizations, in exchange for bitcoin from criminal hackers, the Justice Department said Tuesday in a press release. READ MORE...

Novel face swaps emerge as a major threat to biometric security

Digital identities are rapidly becoming more widely used as organizations' and governments' digital transformation projects mature and users demand more remote accessibility for everything, from creating a bank account to applying for government services, according to iProov. To support this transformation, many organizations have adopted biometric face verification, as it is widely recognized as offering the most user-friendly, secure, and inclusive authentication technology solution. READ MORE...

DPRK Using Unpatched Zimbra Devices to Spy on Researchers

A recent round of compromises that exploited unpatched Zimbra devices was an effort sponsored by the North Korean government and intended to steal intelligence from a collection of public and private medical and energy sector researchers. Analysts with W Labs explained in a new report that due to an overlap in techniques they were able to attribute "with high confidence" the recent round of cyber incidents against unpatched Zimbra devices as the work of Lazarus Group. READ MORE...

Backdoor in Dingo Cryptocurrency Allows Creator to Steal (Nearly) Everything

The originator of the Dingo Token - a cryptocurrency with a purported market capitalization of $11 million - has included a backdoor in the code to charge each transaction a fee of up to 99% of the worth of the token. That's according to cybersecurity firm Check Point Software, which has issued an advisory warning potential investors of what the company calls "a scam." Check Point researchers found 47 transactions where the total fee per transaction had been increased to 99%. READ MORE...

Lost and found: Codebreakers decipher 50+ letters of Mary, Queen of Scots

An international team of code-breakers has successfully cracked the cipher of over 50 mysterious letters unearthed in French archives. The team discovered that the letters had been written by Mary, Queen of Scots, to trusted allies during her imprisonment in England by Queen Elizabeth I (her cousin)-and most were previously unknown to historians. The team described in a new paper published in the journal Cryptologia how they broke Mary's cipher, then decoded and translated several of the letters. READ MORE...

  • ...in 1914, comics writer Bill Finger, who created classic "Batman" villains like the Riddler, the Penguin, and the Joker, is born in Denver, CO.
  • ...in 1937, composer Joe Raposo, known for his work on "Sesame Street" ("Bein' Green", "Sing", "C is for Cookie") is born in Fall River, MA.
  • ...in 1955, attorney and best-selling legal thriller author John Grisham ("A Time To Kill", "The Firm") is born in Jonesboro, AR.
  • ...in 1971, the NASDAQ stock market index opens for the first time.