Security Leftovers

posted by Roy Schestowitz on May 27, 2023

• New Buhti ransomware gang uses leaked Windows, Linux encryptors [Ed: Ransomware is about 95% Windows; when Microsoft puts back doors in Windows, it blames "China"; when it's something like WordPress extensions, Microsoft media blames "Linux". The pinnacle of one's nerve is attributing holes in proprietary software of VMware to "Linux". Defective software can be installed on any system, but that's like saying cars are unsafe because you can drive them down a cliff.]

• Security updates for Friday [LWN.net]

  Security updates have been issued by Debian (sniproxy), Fedora (c-ares), Oracle (apr-util, curl, emacs, git, go-toolset and golang, go-toolset:ol8, gssntlmssp, libreswan, mysql:8.0, thunderbird, and webkit2gtk3), Red Hat (go-toolset-1.19 and go-toolset-1.19-golang and go-toolset:rhel8), Slackware (ntfs), SUSE (rmt-server), and Ubuntu (linux-raspi, linux-raspi-5.4 and python-django).

• Patients told to contact NT Health following privacy breach of identifiable medical records

  Northern Territory Health says the onus is on individuals to check if the privacy of their medical records has been breached by the government.

• NT Health throws breach notification obligations out the window; says patients should call them to find out if they were affected?!

  According to Northern Territory Health’s website, the Australian government agency manages the Northern Territory public health system, operating across five service delivery regions, six hospitals, 74 health clinics, and seven corporate offices.

• Tennessee Orthopaedic Clinics notifies HHS of breach; has yet to notify patients

  An undated message on the Tennessee Orthopaedic Clinics website states that TOC recently responded to a security incident. They don’t say when they discovered it, but their investigation determined “that an unauthorized party accessed some of our systems between March 20, 2023, and March 24, 2023, and may have accessed or acquired certain files.”

• Two ransomware groups claimed to have attacked Albany ENT & Allergy Services and leaked data, but AENT doesn’t mention that at all in their notification?

  On April 28, DataBreaches reported that two different ransomware groups claimed to have attacked Albany ENT & Allergy Services, P.C. in Albany, New York. This week, Albany ENT & Allergy Services notified regulators and 224,486 affected employees and patients about a breach. Their notification is stunning, however, for its lack of certain details.

• NYSDFS Fines Lender and Mortgage Servicer $4.25M for Cybersecurity Failures Including Vendor Management

  Yesterday, New York’s Department of Financial Services (“DFS”) announced another enforcement action under the state’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (“Reg 500”). According to the press release, OneMain Financial Group LLC (“OneMain”) will pay a $4.25 million penalty to New York State for alleged violations of Reg 500.