Windows TCO Leftovers
-
Dark Reading ☛ Courtroom Recording Platform Abused in Supply Chain Attack
Once deployed, the RustDoor installer allows adversaries to completely take over infected systems, according to the report. The Viewer had been "... available to download via the vendor's website, and it's shipped as a Windows-based installer package that prompts for high privileges upon execution," the researchers explained.
-
The Record ☛ Courtroom recording software compromised with backdoor installer
The malware transmits data about the host system to a command-and-control (C2) server belonging to the threat actors. Rapid7 tracked the issue as CVE-2024-4978 and said it worked with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on coordinating disclosure of the problem.
Rapid7 said the malicious versions of the software were signed by “Vanguard Tech Limited,” which is allegedly based in London.
-
NPR ☛ How the Ascension cyberattack is disrupting care at hospitals
Hospital staff are forced to write notes by hand and deliver orders for tests and prescriptions in person in the ongoing fallout from a recent ransomware attack at the national health system Ascension.
Ascension is one of the largest health systems in the United States, with some 140 hospitals located across 19 states and D.C.
-
The Register UK ☛ Confused by the SEC's breach reporting rules? Read this
According to the breach reporting rules the federal agency adopted in July, public companies must disclose material events under Item 1.05 of Form 8-K. This is the form the SEC requires public companies to submit when they announce big changes that may be material to shareholders.
It means that should a publicly traded company experience a "material" cybersecurity intrusion – one that has a financial impact on the company's operations, or that an investor would want to know before making an investment decision – they need to publicly report it under Item 1.05. In fact, Item 1.05 is titled "Material Cybersecurity Incidents."
-
The Register UK ☛ 70% of CISOs worry their org is at risk of a material attack
Their reasons for sleeplessness were many. Forty-one percent of those surveyed rated ransomware as the top threat over the next 12 months, followed by malware (38 percent), email fraud (36 percent), cloud account compromise (34 percent), insider threats (30 percent) and distributed denial of service attacks (30 percent).
In the case of a ransomware infection, 62 percent of CISOs revealed they would likely pay to restore systems and/or prevent attackers from leaking stolen data. This remains the same as last year's survey – and comes amid ongoing indicators that paying extortionists doesn't prevent sensitive information from being released.
-
Cyble Inc ☛ First Nations Health Authority Cyberattack Confirmed
The First Nations Health Authority (FNHA) in British Columbia is currently grappling with the aftermath of a recent cyberattack on its corporate network. This First Nations Health Authority cyberattack, discovered on May 13, 2024 has prompted swift investigation and action from the authority.
FNHA, renowned as the first and sole provincial health authority of its kind across Canada, detected what it termed as “unusual activity” within its corporate network. Acting promptly, the authority intercepted an unauthorized entity that had breached its network perimeter.