More than 4 million Americans notified of a data breach, and the latest ransomware news.
Welcome to Cyber Security Today. It’s Friday, March 23rd, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
More than 4.2 million American residents are being notified their personal data is at risk. This follows a data breach last summer at Independent Living Systems. ILS offers a number of clinical and administrative services to managed healthcare providers across the U.S. It says the hackers could have got hold of patients’ names, addresses, dates of birth, driver’s license numbers, Social Security numbers, financial account information, mental or physical treatment condition information and more. The company isn’t saying how its system was compromised.
A suspected China-related threat actor is exploiting security devices from Fortinet for espionage against selected targets. This is according to research done by Fortinet and Mandiant. The companies believe the strategy helps in the attacker’s goal of getting to VMWare hypervisors for deeper IT system compromise. The report shows that IT administrators have to keep network devices patched and locked down. It also shows the need to report suspicious activity to the manufacturers of any products on their networks.
Attention security administrators: There’s new background on the recently-discovered Trigona ransomware. Researchers at Palo Alto Networks published a blog with indicators of compromise and other interesting findings. Here’s one: The ransomware uses password-protected executables to hide the malware’s presence. Since being discovered last October, organizations in the United States, Italy, France, Germany, Australia and New Zealand have been hit with this strain.
More on ransomware: Kaspersky has released a decryption tool to help firms hit by ransomware based on leaked code from the Conti ransomware strain. That code was leaked a year ago. Since then many gangs have released modified versions of that code for their attacks. The decryptor has been added to Kaspersky’s Rakhni decryption tool and to the “No Ransom” website.
Hackers use all sorts of tricks to convince people to give up their credit card numbers. Researchers at Avanan found a new one: Send an email to a potential victim claiming their cloud storage is full — but they can get a free extra 50GB of storage by clicking the enclosed button. Then the victim has to validate their account by entering their credit card. Crooks get that number and buy goods for themselves. One tip this is a fraud: Those who check the website address in their browser bar will see it’s not from their cloud provider.
Finally, the people who create special days of the year have declared March 18th, tomorrow, as Digital Cleanup Day. They suggest taking the time to delete unnecessary emails, files, apps, duplicates of photos and videos on your computing devices. Less data means more security. And it eases the burden on your devices by letting them run faster. IT managers, if your organization doesn’t have a data retention and deletion policy, now’s the time to start making one.
That’s it for now. But later today the Week in Review podcast will be out. Among the news items guest David Shipley of Beauceron Security and I will discuss are the cybersecurity recommendations from a Parliamentary committee and a report on the ransomware attack on Newfoundland’s healthcare system.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.