Title: Hospital Ransomware Attacks Go Beyond Health Care Data
Date Published: November 24, 2021
https://securityintelligence.com/hospital-ransomware-health-care-data/
Excerpt: “The healthcare industry has been on the front lines a lot lately. Along with helping control the effects of COVID-19, it has been a prime target for ransomware. In a 2021 survey conducted of 597 health delivery organizations (HDOs), 42% had faced two ransomware attacks in the past couple of years. Over a third (36%) attributed those ransomware incidents to a third party, such as what happened earlier this year with Kaseya. The effects go beyond stolen health care data, although that is important, too. What does it mean when a healthcare organization faces an attack? And what can they do to protect themselves?”
Title: FBI Warns Of Phishing Targeting High-Profile Brands’ Customers
Date Published: November 23, 2021
Excerpt: “The targets are sent to phishing landing pages through various means, including spam emails, text messages, or web and mobile apps that may spoof the identity or the online address of a company’s official site. Attackers embed login forms or malware into their phishing pages with the end goal of stealing their victims’ user credentials, payment details, or various other types of personally identifiable information (PII). The targets are sent to phishing landing pages through various means, including spam emails, text messages, or web and mobile apps that may spoof the identity or the online address of a company’s official site. Attackers embed login forms or malware into their phishing pages with the end goal of stealing their victims’ user credentials, payment details, or various other types of personally identifiable information (PII).”
Title: CISA Issues Holiday Ransomware Message
Date Published: November 24, 2021
https://www.infosecurity-magazine.com/news/cisa-issues-holiday-ransomware/
Excerpt: “In a joint alert issued Monday, the agencies urged the public and private sector organizations to “remain vigilant and take appropriate precautions to reduce their risk to ransomware and other cyberattacks” ahead of Thanksgiving. The warning was not triggered by receiving any specific threat intelligence but was born instead from knowing what has come to pass. “This advisory is based on observations on the timing of high impact ransomware attacks that have occurred previously rather than a reaction to specific threat reporting,” said the agencies.”
Title: Malicious JavaScript Loader is a Multi-RAT Dispenser
Date Published: November 24, 2021
https://www.infosecurity-magazine.com/news/malicious-javascript-loader-is-a/
Excerpt: “Researchers are warning of a new JavaScript loader being used to distribute eight Remote Access Trojans (RATs) in information-stealing campaigns. A team at HP Wolf named the tool “RATDispenser,” and warned that it currently has a detection rate of only 11%. “As with most attacks involving JavaScript malware, RATDispenser is used to gain an initial foothold on a system before launching secondary malware that establishes control over the compromised device,” explained HP malware analyst, Patrick Schläpfer.”
Title: Data Breach Spreads To Six Web Hosts
Date Published: November 24, 2021
https://www.searchenginejournal.com/web-hosting-data-breach/428219/#close
Excerpt: “The GoDaddy data breach that affected up to 1.2 million web hosts has expanded to six more web hosts serving customers worldwide. The six additional compromised web hosts are resellers of GoDaddy’s hosting services. The extent of the intrusion appears to be the same as with GoDaddy, with matching dates of when the security intrusion began. The six compromised web hosting providers are: 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.”
Title: Bureau Veritas Hit by Cyberattack on Cybersecurity System
Date Published: November 23, 2021
https://www.ship-technology.com/news/bureau-veritas-hit-cyberattack/
Excerpt: “In a statement, the company said: “A preventive decision has been made to temporarily take our servers and data offline to protect our clients and the company while further investigations and corrective measures are in progress. This decision generates a partial unavailability or slowdown of our services and client interfaces.” Following the cyberattack, the Bureau Veritas teams, backed by third-party IT experts, are currently focusing on establishing business continuity, with the initiation of its incident response procedure.”
Title: Password Usage Analysis of Brute Force Attacks on Honeypot Servers
Date Published: November 24, 2021
Excerpt: “In an older study by Microsoft, it was determined that users should spend less effort on password management issues for don’t-care and lower consequence accounts, allowing more effort on higher consequence accounts. Unless you are using a password manager doing the work for you, of course. Your efforts to come up with a strong password are wasted at sites that store passwords in plaintext or reversibly encrypted. Sites that require minimum length and/or use other complexity standards have always been a major annoyance. Not only because every site uses a different standard, some of which have been made obsolete, they also encourage users to come up with simple passwords that just barely meet the standard. Am I right, MyDogsName1 and P@$$w0rd?”
Title: Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally
Date Published: November 24, 2021
https://thehackernews.com/2021/11/eavesdropping-bugs-in-mediatek-chips.html
Excerpt: “in a hypothetical attack scenario, a rogue app installed via social engineering means could leverage its access to Android’s AudioManager API to target a specialized library — named Android Aurisys HAL — that’s provisioned to communicate with the audio drivers on the device and send specially crafted messages, which could result in the execution of attack code and theft of audio-related information.”
Title: Observing Attacks Against Hundreds of Exposed Services in Public Clouds
Date Published: November 22, 2021
https://unit42.paloaltonetworks.com/exposed-services-public-clouds/
Excerpt: Four types of applications, SSH, Samba, Postgres and RDP, were evenly deployed across the honeypot infrastructure. We intentionally configured a few accounts with weak credentials such as admin:admin, guest:guest, administrator:password. These accounts grant limited access to the application in a sandboxed environment. A honeypot will be reset and redeployed when a compromising event is detected, i.e., when a threat actor successfully authenticates via one of the credentials and gains access to the application.”
Title: Higher Education in Europe: Understanding the Cybersecurity Skills Gap in the EU
Date Published: November 24, 2021
Excerpt: “The report – ENISA Report – Addressing the EU Cybersecurity Skills Shortage and Gap Through Higher Education – takes a look into data gathered by the Cybersecurity Higher Education Database – CyberHEAD in order to make a prediction on the future trends. This database is the largest resource of its nature and is able to provide a reliable and up-to-date snapshot of cybersecurity academic programmes available across Europe. Key findings reveal that the number of programmes and students engaged in cybersecurity higher education are growing. As a consequence, the number of graduates in the next 2-3 years is expected to double. However, gender balance is still an issue with only 20% of female students enrolled.”