IT Security Newsletter

IT Security Newsletter - 4/8/2024

Written by Cadre | Mon, Apr 8, 2024

US Health Dept warns hospitals of hackers targeting IT help desks

The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector. The sector alert issued by the Health Sector Cybersecurity Coordination Center (HC3) this week says these tactics have allowed attackers to gain access to targeted organizations' systems by enrolling their own multi-factor authentication (MFA) devices. READ MORE...

Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

Change Healthcare is allegedly being extorted by a second ransomware gang, mere weeks after recovering from an ALPHV attack. RansomHub claimed responsibility for attacking Change Healthcare in the last few hours, saying it had 4 TB of the company's data containing personally identifiable information (PII) belonging to active US military personnel and other patients, medical records, payment information, and more. READ MORE...

April 2024 Patch Tuesday forecast: New and old from Microsoft

This month, we have a new product preview from Microsoft, and some older products are being prepared for end-of-support. But before we go there, March 2024 Patch Tuesday was pretty mild, with 60 unique vulnerabilities addressed. We saw updates to Microsoft Windows, Office 365, Sharepoint Server, and Exchange Server. There were no zero-day or disclosed vulnerabilities in any of the releases. I anticipate much more activity this week. READ MORE...

Notepad++ wants your help in "parasite website" shutdown

The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. Although, at the time of writing, the lookalike website takes visitors to the official Notepad++ downloads page, there is some concern that it could pose security threats-for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack. READ MORE...

Critical Bugs Put Hugging Face AI Platform in a 'Pickle'

Two critical security vulnerabilities in the Hugging Face AI platform opened the door to attackers looking to access and alter customer data and models. One of the security weaknesses gave attackers a way to access machine learning (ML) models belonging to other customers on the Hugging Face platform, and the second allowed them to overwrite all images in a shared container registry. READ MORE...

Cisco Warns of Vulnerability in Discontinued Small Business Routers

Cisco has issued a warning from a cross-site scripting (XSS) vulnerability in end-of-life (EoL) RV series small business routers. Tracked as CVE-2024-20362 and remotely exploitable without authentication, the flaw impacts the small business RV016, RV042, RV042G, RV082, RV320, and RV325 routers, which have been discontinued and no longer receive security patches. READ MORE...

Browsing in Incognito Mode Doesn't Protect You as Much as You Might Think

Although a private browsing mode known as "Incognito" in Google's widely used Chrome browser has been available for nearly a decade, a legal settlement involving the way it works has cast new attention on this commonly available setting. The settlement disclosed Monday in a federal court is primarily designed to ensure that users who use Incognito mode in Chrome get more privacy while surfing the internet than they had been previously. READ MORE...

92,000+ internet-facing D-Link NAS devices accessible via "backdoor" account (CVE-2024-3273)

A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found. The existence of the flaw was confirmed by D-Link last week, and an exploit for opening an interactive shell has popped up on GitHub. Attackers who manage to exploit the flaw could pull off arbitrary command execution on vulnerable devices. READ MORE...

NASA knows what knocked Voyager 1 offline, but it will take a while to fix

Engineers have determined why NASA's Voyager 1 probe has been transmitting gibberish for nearly five months, raising hopes of recovering humanity's most distant spacecraft. Voyager 1, traveling outbound some 15 billion miles (24 billion km) from Earth, started beaming unreadable data down to ground controllers on November 14. For nearly four months, NASA knew Voyager 1 was still alive-it continued to broadcast a steady signal-but could not decipher anything it was saying. READ MORE...

  • ...in 1820, the Venus de Milo is discovered in ancient Greek ruins on the Aegean island of Milos.
  • ...in 1904, Longacre Square in Manhattan is renamed Times Square, after The New York Times.
  • ...in 1959, computer scientist Grace Hopper and leaders from science and industry discuss the creation of a new programming language, COBOL.
  • ...in 1974, Hank Aaron of the Atlanta Braves hits his 715th career home run, breaking Babe Ruth's record.