Security Leftovers

posted by Roy Schestowitz on Aug 24, 2023

• Security updates for Wednesday

  Security updates have been issued by Debian (mediawiki and qt4-x11), Fedora (java-17-openjdk, linux-firmware, and python-yfinance), Red Hat (kernel, kpatch-patch, and subscription-manager), SUSE (evolution, janino, kernel, nodejs16, nodejs18, postgresql15, qt6-base, and ucode-intel), and Ubuntu (inetutils).

• Laptop containing confidential data stolen from blood bank of Gurugram hospital

  A laptop containing confidential information was allegedly stolen from the offices of a private hospital’s blood bank, police here said on Tuesday.

  According to a complaint filed by Dr Sangeeta Agarwal, head of blood bank at the Fortis Memorial Research Institute, the laptop was stolen from her office on August 5.

• Data protection breach at military medical facility

  A Defence Forces investigation is under way into another data protection breach of the military’s electronic health record system.

  The latest investigation centres on the alleged actions of a healthcare worker at a military medical facility.

  The Defence Forces has said it is the third alleged breach in relation to the electronic military medical records system Socrates in five years.

• Lapsus$: Court finds teenagers carried out hacking spree

  A court has found an 18-year-old from Oxford was a part of an international cyber-crime gang responsible for a hacking spree against major tech firms.

  Arion Kurtaj was a key member of the Lapsus$ group which hacked the likes of Uber, Nvidia and Rockstar Games.

  A court heard Kurtaj leaked clips of the unreleased Grand Theft Auto 6 game while on bail in a Travelodge hotel.

• Ransomware Attack on CloudNordic paralyzes company and customers

  On Friday, August 18, 2023, CloudNordic, a leading provider of cloud services, fell victim to a serious ransomware attack. The hackers took control of all systems, resulting in extensive downtime and data loss for both the company and their customers.

  The attack was discovered at 04:00, and since then CloudNordic’s IT experts have been working intensively to regain control. Unfortunately, it has proven impossible to recover the lost data, which means that the majority of their customers have lost all data that was stored with CloudNordic. The incident has been reported to the police.

• Helsinki and Uusimaa Hospital District confirms data breach by ex-staff member, 900 patients’ data compromised

  The Helsinki and Uusimaa Hospital District (HUS) has discovered that a former employee, who served as a practical nurse within the district, breached the privacy of nearly 1,000 patients.

  The case was confirmed by HUS Administrative Chief Medical Officer (AVMO) Teppo Heikkilä, who said the nurse gained access to the files through the Apotti patient record system. […]

  On Tuesday, the Hospital District issued a statement regarding two additional suspected, but smaller, breaches. These incidents involved unauthorised access to the medical records of “several dozens or hundreds” of patients.

• FBI Identifies Cryptocurrency Funds Stolen by DPRK

  The FBI is warning cryptocurrency companies of recent blockchain activity connected to the theft of hundreds of millions of dollars in cryptocurrency. Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38). The FBI believes the DPRK may attempt to cash out the bitcoin worth more than $40 million dollars.

• SEC Cybersecurity Rule Leans on Materiality and Reasonableness

  The US Securities and Exchange Commission released its final rule, effective Sept. 5, 2023, on cybersecurity risk management, strategy, governance, and incident disclosure. Investors, registrants, and other market participants should take special notice of two key terms in the regulations: “materiality” and the “reasonable investor.”

  The SEC has deemed disclosures, cybersecurity risk management, and governance to be material to both the market and to a reasonable investor.

  A close look at these terms—and how the SEC and courts have interpreted them—will be a useful guide to those affected by the new rule.

• 2023-08-17 [Older] Atlassian Releases Security Update for Confluence Server and Data Center

• 2023-08-17 [Older] Cisco Releases Security Advisories for Multiple Products

• 2023-08-17 [Older] CISA Releases Three Industrial Control Systems Advisories

• 2023-08-17 [Older] ​ICONICS and Mitsubishi Electric Products

• 2023-08-17 [Older] Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters

• 2023-08-17 [Older] Walchem Intuition 9

• 2023-08-16 [Older] CISA Adds One Known Exploited Vulnerability to Catalog

• 2023-08-16 [Older] CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan

• 2023-08-15 [Older] CISA Releases Two Industrial Control Systems Advisories

• 2023-08-15 [Older] Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU

• 2023-08-15 [Older] ​Rockwell Automation Armor PowerFlex

• 2023-08-16 [Older] Nikto Web Scanner: Unveiling Vulnerabilities and Strengthening Web Security

• 2023-08-13 [Older] Don't Expect Quick Fixes in 'Red-Teaming' of AI Models. Security Was an Afterthought

• 2023-08-15 [Older] Latin Americans Fall Prey to More Online Scams as Cybersecurity Lags

+