HealthCare constantly attacked

According to the Chief Information Security Officer at John & Johnson, healthcare organizations are constantly under cyber-attacks from nation-state threat actors. She says they are trying to seek vaccine information for the covid-19 virus. This is alarming and hopefully these healthcare organization’s security team are on top of their work.

https://www.zdnet.com/article/johnson-johnson-ciso-healthcare-orgs-are-seeing-nation-state-attacks-every-single-minute-of-every-single-day/?&web_view=true

Cyber attack on Manchester United

Manchester united had to shut its systems down last week because of a cyber attack. They say they currently don’t have any breach in personal data of fans/customers. It seems they were well prepared and had a good plan to minimize damage to their systems in case of an attack.

https://securityaffairs.co/wordpress/111231/hacking/manchester-united-cyber-attack.html?web_view=true

Joker Malware

Joker, a prominent malware family, that targets Android users, has a new variant that uses GitHub to evade detection. Joker uses the promise of HD wallpapers to get people to download it. After it is downloaded it subscribes to a WAP service without consent. Experts say to keep and updated anti-malware application on your smartphone to counter the attack. 

https://cyware.com/news/joker-malware-keeps-amusing-with-new-tricks-and-tactics-00914aac

Attack on Healthcare systems

I  think it important to know that the FBI, Homeland Security, and Health and Human Services are warning of imminent ransomware attacks on healthcare providers. They recommend to back data off with password protection, and have a recovery plan ready.

https://thehackernews.com/2020/10/ransomware-attack-hospital.html

NSA vulnerabilities list

The NSA recently released a list of 25 vulnerabilities Chinese state-sponsored hackers as well as a few smaller hacking groups are exploiting. Most the the vulnerabilities are related to Remote access. These vulnerabilities do have patches already from their vendors. It is important to keep all of your applications up-to-date.

https://cyware.com/news/nsa-lists-25-vulnerabilities-chinese-apt-groups-are-chasing-right-now-7161422b

Largest DDos attack to date

Apparently a China sponsered attack unleashed the lasrgest DDos attack to date on Google back in Sept. 2017, clocked at 2.54 Tbps. Which serveices that were targeted was not released. Just thinking about how large of an attack that is astounds me and the fact it was not known until recently.

https://www.zdnet.com/article/google-says-it-mitigated-a-2-54-tbps-ddos-attack-in-2017-largest-known-to-date/?&web_view=true

Robinhood security problems?

Robinhood Markets Inc has had multiples outages recently due to higher than usual traffic. They may not have had a proper plan for dealing with the extra traffic, affecting the availability of their app. It is critical to have a plan for when things like this happen.

https://www.reuters.com/article/us-robinhood-cyber/robinhood-says-some-customer-accounts-may-have-become-target-of-hackers-idUSKBN26U2CX?&web_view=true

FortiGate VPN possibly open to Man in the middle attacks

I found this article and thought it might be important for anyone using FortiGate VPN to be made aware of. The client only checks that a certificate for client authentication was issued by Fortinet or other trusted certificate authority. This allows a man in the middle attack by allowing an attack to present a certificate for another FortiGate router to get in and intercept data.

https://threatpost.com/fortigate-vpn-default-config-mitm-attacks/159586/

LockBit: Ransomware as a service(RaaS)

Lockbit, initialy called .ABCD virus, use extortion tactics to scare victims in to paying a ransom. They mainly target medium-sized companies in countries, such as, the US, U.K, France, Germany, etc. They get unauthorized access to networks with weak account passwords without multi-factor authorization protection. Stolen data has been posted on Maze ransomware gangs data leak website.

https://cyware.com/news/lockbit-a-new-entrant-taking-big-leaps-23850c68

Cyber Security attacks on students

With most school continuing to be mostly or completely online due to Covid-19, experts fear cyber criminals will target the online classes, and children. Classes potentially get “zoom bombed” is something that would annoy me greatly. The fact that children are online so much to connect to school and getting targeted by cyber criminals is an awful thought. 

As we all know Covid-19 how the world is running at the moment. I find my self agreeing with this article about a post-Covid-world in Cyber Security. With many companies have employees work remotely businesses will feel a larger need for cyber security. Whether that is from AI powered cyber security or even just thinking of their security more before being attacked than after.

https://www.cybersecurity-insiders.com/where-will-the-cybersecurity-industry-be-post-pandemic/

Cyber attacks on healthcare

Not only do we have to worry about Covid 19. There has also been a huge increase in cyber attacks on Healthcare breaches. The article says that there have been an estimated 8.7 million people have have been affected by Healthcare breaches this year. This is very concerning for everyone trying to struggle through this pandemic. 

https://cyware.com/news/a-whopping-rise-in-healthcare-cyber-incidents-944b8191