Skip to main content

Cybersecurity Update

The federal Cybersecurity and Infrastructure Security Agency (CISA) reported a large scale hacking incident involving government agencies and organizations that use SolarWinds supply chain software.

  • “grave risk” to federal, state and local government networks
  • Symantec has identified infections on over 2,000 computers at more than 100 of its customers
  • Attackers delivered malware to possibly thousands of organizations in the U.S.

The FBI is reporting that the Wizard Spider hacking group of Russia is using Ryuk ransomware to extort $61 million in ransom from US healthcare firms.

Colbi Trent Defiore was sentenced to 3 years in prison for stealing PHI to resell while working for a Medicare enrollment company in Louisiana.

ThreatPost magazine reports that Microsoft Office 365 credentials are under attack by fax alert emails.

  • Email impersonates eFax to coerce users to click on attached document to unleash malware.

Armis Security published report that 97% of devices affected by the Urgent/11 security vulnerabilities have not yet been patched

  • 80% of impacted devices are still vulnerable to attack
  • Relates to CDPwn flaws in the devices that use Wind River VxWorks code
  • (could include printers and MFPs)

Weslaco Independent School District of Weslaco, TX notified an unknown number of students that their info may have been exposed after ransomware attack.

Researchers announced that they have found a way to turn RAM chips into WiFi cards to steal data from computers.

  • Malicious code could be planted by attackers to manipulate the electrical current inside the RAM card in order to generate electromagnetic waves with frequency consistent with WiFi signal spectrum

Taylor Made Diagnostics of Newport News, Virginia notified an unknown number of patients that their PHI was exposed after ransomware attack.

Apex Laboratory of Long Island, NY and satellite in Florida notified an unknown number of patients that their PHI was exposed after ransomware attack.

The U.S. Treasury and Commerce Department announced that Russian hackers broke into network and monitored staff email for months.

The Jersey City Municipal Utilities Authority of New Jersey notified an unknown number of customers that their info may have been exposed after ransomware attack.

The City of Independence, Missouri notified an unknown number of citizens that their info may have been exposed after ransomware attack.

University Hospital of Augusta, Georgia reported that it is turning away 20% of all incoming emails due to security risks

  • Averaging 550 cyber attacks per day

The City of Dade City, Florida notified an unknown number of citizens that their info may have been exposed after ransomware attack.

The Great Neck Yeshiva High School of New York notified an unknown number of students that their info may have been exposed after cyber attack.

Moderna Pharmaceuticals reported that hackers were able to access COVID-19 vaccine data.

The Wall Street Journal reported that on December 14th, Google had an outage which impacted Gmail, G Suite apps and other services.

Spotify notified an unknown number of customers that their info may have been exposed during recent data breach.

Twitter was ordered to pay a $544,600 fine to the EU related to recent data breach.
Helena Public Schools of Montana notifies some employees after burglar snatched USB with their time sheets.

Meharry Medical College in Nashville, TN, notified 20,983 patients that their PHI was exposed after an email phishing attack

MEDNAX Services Inc., headquartered in Sunrise, FL, is a provider of revenue cycle management and other administrative services to its affiliated physician practice groups that notified an unknown number of patients that their PHI was exposed after email phishing attack.

GenRx Pharmacy, headquartered in Scottsdale, AZ, notified an unknown number of patients that their PHI may have been exposed after ransomware attack.

The Pascagoula-Gautier School District in Mississippi notified 7,000 students that their info may have been exposed after ransomware attack.

The Gardiner Public School District in Montana notified 200 students that their info was exposed after ransomware attack.

Avast Security reported that 3 million users are believed to have installed 15 Chrome and 13 Edge browser extensions that contain malicious code.
American Bank Systems, a document management company headquartered in Oklahoma, is being sued by its banking customers when their data was exposed during a breach.

If you like something I've posted please feel free to click the "like" button!

Attachments

Images (1)
  • mceclip0
Original Post
×
×
×
×
×