IT Security Newsletter - 4/24/2023
Shields Health Breach Exposes 2.3M Users' Data
An unauthorized actor gained access to the systems of Shields Health Care Group (SHCG) in March, exposing driver's license numbers as well as other identification information for more than 2.3 million patients, according to the company. SHCG provides medical imaging services, MRI, and PET/CT scans, for ambulatory surgery centers. The company filed a data breach disclosure with the Maine Attorney General explaining the nature of the cybersecurity incident following its investigation. READ MORE...
European air traffic control confirms website 'under attack' by pro-Russia hackers
Europe's air-traffic agency appears to be the latest target in pro-Russian miscreants' attempts to disrupt air travel. Eurocontrol confirmed on Friday its website has been "under attack" since April 19, and said "pro-Russian hackers" had claimed responsibility for the disruption. "The attack is causing interruptions to the website and web availability," a spokesperson told The Register. "There has been no impact on European aviation." READ MORE...
SolarWinds Platform Update Patches High-Severity Vulnerabilities
Two high-severity vulnerabilities patched recently in SolarWinds Platform could lead to command execution and privilege escalation. The most severe of the two issues is CVE-2022-36963 (CVSS score of 8.8), which is described as a command injection bug in SolarWinds' infrastructure monitoring and management solution. The flaw, the company explains, can be exploited remotely to execute arbitrary commands READ MORE...
'EvilExtractor' All-in-One Stealer Campaign Targets Windows User Data
A phishing campaign that launched in March and is actively targeting Microsoft operating system users in Europe and the US is making the rounds, using the EvilExtractor tool as its weapon of choice. Research this week from FortiGuard Labs details the EvilExtractor attack chain, explaining that it usually starts with a legitimate-seeming Adobe PDF or Dropbox link, which instead deploy a malicious PowerShell when opened or clicked, before eventually leading to the modular EvilExtractor malware. READ MORE...
Decoy Dog malware toolkit found after analyzing 70 billion DNS queries
A new enterprise-targeting malware toolkit called 'Decoy Dog' has been discovered after inspecting anomalous DNS traffic that is distinctive from regular internet activity. Decoy Dog helps threat actors evade standard detection methods through strategic domain aging and DNS query dribbling, aiming to establish a good reputation with security vendors before switching to facilitating cybercrime operations. READ MORE...
Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks
A critical vulnerability found in a remote terminal unit (RTU) made by Slovenia-based industrial automation company Inea can expose industrial organizations to remote hacker attacks. The existence of the vulnerability came to light last week, when the US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to inform organizations. The vendor has released a firmware update that patches the issue. READ MORE...
- ...in 1800, the Library of Congress is established, starting with a mere 740 books and three maps.
- ...in 1945, President Harry Truman is fully briefed on the details of the Manhattan Project.
- ...in 1990, the Hubble Space Telescope is launched from Space Shuttle Discovery.
- ...in 1995, the last 4th generation Chevrolet Corvette ZR-1 was produced.