Skip to main content

0 replies

Cybersecurity Updates

Art PostArt PostAdmin VIP

Cybersecurity Updates

  • With a single update, a popular barcode scanner app on Google Play transformed into malware and was able to hijack up to 10 million devices as reported by Malwarebytes
  • Lavabird Ltd.'s QR code barcode scanner was an Android app that had been available on Google's official app repository for years
    • accounting for over 10 million installs
  • ESET Cybersecurity is reporting that there is a 768% growth in Remote Desktop Protocol (RDP) attacks over the course of 2020
    • detected 29 billion attempted RDP attacks across the year, as cyber criminals attempt to exploit remote workers.
  • The United Nations reported that the country of North Korea is using money it received from hacking to modernize its nuclear weapons and ballistic missiles
    • “total theft of virtual assets from 2019 to November 2020 is valued at
      approximately $316.4 million”
    • illegally obtained proceeds “estimated at up to $2 billion”
  • A security researcher’s analysis of 30 popular health apps (they weren’t named) finds problems:
    • 50% of the apps store PHI
    • 100% of API endpoints were subject to BOLA attacks (broken object-level authorization) that can allow access to full patient records.
    • 50% of the apps allowed clinicians to access to records of any patient by changing the URL that is passed in the “GET” command.
    • 100% of the apps failed to implement certificate pinning to prevent person-in-the-middle attacks.
    • 77% of the apps used hard-coded API keys that never expire and 7% use hard-coded names and passwords.
    • 50% of APIs did not authenticate requests with tokens.
  • Nicholas Faber, 25, of Rochester, New York pleaded guilty to one count of computer intrusion causing damage and one count of aggravated identity theft.
  • admitted that from about 2017 to 2019, he worked with co-conspirator Michael Fish to access the school email accounts of dozens of female college students and then used information from those school email accounts to gain access to the victims’ social media accounts
  • Members of the Egregor ransomware cartel have been arrested this week in Ukraine
    • are the result of a joint investigation between French and Ukrainian police.
    • Egregor gang operates based on a Ransomware-as-a-Service (RaaS) model
    • rent access to the actual ransomware strain, but they rely on other cybercrime gangs to orchestrate intrusions into corporate networks and deploy the file encrypting ransomware.
  • Jones Day Law Firm headquartered in Cleveland, Ohio has published a number of articles on their web site about ransomware attacks and how they have helped or advised clients how to respond to security incidents.
    • threat actors known as CLOP initially posted some screenshots of files they
    • appear to have exfiltrated
    • involve current and confidential communications.
  • Central Piedmont Community College of Charlotte, North Carolina
    experienced a ransomware attack that exposed info on an unknown number of students
  • The Salt Lake Community College of Utah notified an unknown number of students that their info may have been exposed after a cybersecurity incident.
  • Council Rock School District of Pennsylvania notified an unknown number of students that their info may have been exposed after email phishing incident.
  • The federal government reports that 958,000 patients had their PHI exposed because of breaches in January, 2021
  • Bannock County of Idaho notified an unknown number of citizens that their info may have been exposed during recent breach of county servers.
  • Renown Health of Reno, NV agreed to pay a $75,000 fine to settle charges that it failed to provide patients copies of their PHI.
  • Sharp Healthcare of San Diego, CA agreed to pay a $70,000 fine to settle charges that it failed to provide patients copies of their PHI.
  • Syracuse University of New York notified 9,800 students that their info was exposed after email phishing incident.
  • University of Colorado notified an unknown number of students that their info was exposed after cybersecurity incident.
  • The National Counterintelligence and Security Center, as well as CBS 60 Minutes TV program are warning that threat actors with ties to China are continuing to target US healthcare, genomic, and other valuable data through hacking and other malicious activities.
  • Somerset Independent School District of Texas notified an unknown number of students that their info may have been exposed after ransomware attack.
  • VMware Carbon Black analyzed data from attacks on its healthcare customers in 2020 and found 239.4 million cyberattacks were attempted in 2020, which equates to an average of 816 attempted attacks per endpoint.
    • That represents a 9,851% increase from 2019.
  • Nebraska Medical Center notified an unknown number of patients that their PHI was exposed after cybersecurity incident.
  • The City of Oldsmar in Florida notified its citizens that it was able to prevent a hacker from penetrating its network and causing the city’s water supply to be poisoned.
  • Chatham County of North Carolina notified an unknown number of citizens that their info may have been exposed after ransomware attack.
  • Wimberly School District of Texas notified an unknown number of students that their info may have been exposed after ransomware attack.

If you like something I've posted please feel free to click the "like" button!

Original Post

Add Reply

Post

Membership Required

We're sorry. You must be signed in to continue. Sign In or Register
×
Are you sure you want to remove from your Block List?
×
Loading...
×
When you block a person, they can no longer invite you to a private message or post to your profile wall. Replies and comments they make will be collapsed/hidden by default. Finally, you'll never receive email notifications about content they create or likes they designate for your content.
Note: if you proceed, you will no longer be following .
×
Advanced Search
Advanced Search
Link copied to your clipboard.
×

Access to this requires a premium membership.

VIP/Premium Membership

A Premium Membership can carry you to the top of the sales ladder!

Premium Membership Includes:

  • Access to the Premium forums (I'm not going to post all of my secrets in the general forums, but I will post them in the Premium forums).
  • Unlimited downloads of all documents which include competitive proposals, Print4Pay Hotels "Pricing on the Street", competitive quotes, competitive sales orders, RFP's/RFQ's and word/xcel documents that I've created that will help you track your sales, self help sales documents, and much more!
  • As long as you're a Premium Member, you can lean on me for additional help with creative ideas of how to close the deal, add additional value with a third party solution, whatever you need in order to help WIN the deal!
  • Leads, every now and then I'll get a few leads from across the country, this is due the lead generation site I created and all the blogs I've written. A Premium Membership will enable you to receive these leads.

Follow the link on the forums to get your Premium Membership. If you're interested in a lifetime membership please send me an email arthurkpost@gmail.com and we'll send you a pay pal invoice of $399 of a LIFETIME Print4Pay Hotel membership.

$115.00 per 12 Months (plus tax if applicable)
×