Security Leftovers
-
Security updates for Monday
Security updates have been issued by Debian (burp, chromium, ghostscript, openimageio, pdfcrack, python-werkzeug, thunderbird, and webkit2gtk), Fedora (amanda, libopenmpt, llhttp, samba, seamonkey, and xen), Red Hat (thunderbird), Slackware (mozilla and samba), and SUSE (perl-Net-Netmask, python-Django1, trytond, and virtualbox).
-
HC3: Sector Alert: Rhysida Ransomware
Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads. The group threatens to publicly distribute the exfiltrated data if the ransom is not paid. Rhysida is still in early stages of development, as indicated by the lack of advanced features and the program name Rhysida-0.1. The ransomware also leaves PDF notes on the affected folders, instructing the victims to contact the group via their portal and pay in Bitcoin. Its victims are distributed throughout several countries across Western Europe, North and South America, and Australia. They primarily attack education, government, manufacturing, and technology and managed service provider sectors; however, there has been recent attacks against the Healthcare and Public Health (HPH) sector.
-
Jefferson County Health Center notifies patients about May cyberattack
On or about July 7, Karakurt threat actors added Jefferson County Health Center in Iowa to their leak site to pressure them to pay ransom demands.
Or was it Jefferson County Hospital in Oklahoma that they had hit? Right below their heading claiming it was the Iowa facility, their text indicated it was the similarly named hospital in Oklahoma.
-
SESARAM confirms cyberattack on region’s health service, suspends non-urgent activity Monday
In an update published just minutes ago following a press conference, the news site also reports that Nuno Perry, Director of Cybersecurity Services for the Regional Government, said the cyberattack was the largest, in terms of scope and impact, recorded in the health sector in the Region, and predicts that recovery of the system will be slow. “It’s not something that can be resolved in a day,” he asserted.
-
Biden Administration Launches Effort to Defend Schools From Hackers
School leaders, federal officials and technology executives will convene at the White House to discuss the importance of improving schools’ digital security to prevent hackers from shutting down classes and stealing students’ and teachers’ sensitive personal information. The summit will cover topics such as prioritizing the most effective cyber defenses, practicing cyber incident responses, adopting lessons from physical security preparations and pushing education technology vendors to build safer products.
-
New acoustic attack steals data from keystrokes with 95% accuracy
A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.
When Zoom was used for training the sound classification algorithm, the prediction accuracy dropped to 93%, which is still dangerously high, and a record for that medium.
Such an attack severely affects the target’s data security, as it could leak people’s passwords, discussions, messages, or other sensitive information to malicious third parties.
-
Ransomware Victims Surge as Threat Actors Pivot to Zero-Day Exploits
Threat actors such as the operators of the Cl0p ransomware family increasingly exploit unknown and day-one vulnerabilities in their attacks.