The latest news on Windows patches, a warning to medical IT administrators, a Mitel VoIP vulnerability being exploited and more.
Welcome to Cyber Security Today. It’s Wednesday, September 14th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Yesterday was Patch Tuesday, the day Microsoft and Adobe released security updates for Windows and other products. IT administrators should note one patch fixes an escalation of privilege vulnerability that could be leveraged by an attacker that already has access to a server. The vulnerability would allow them to get System privileges. Trend Micro’s Zero Day Initiative says that of the 64 new vulnerabilities patched, five are rated critical and 57 are rated as important.
Your personal computer should be set to receive updates automatically, but it doesn’t hurt to check by going to the Windows Update section of your PC.
IT security leaders are increasingly cutting the number of vendors they buy products from. According to Gartner, three-quarters of organizations it recently surveyed said they have a strategy of security vendor consolidation. Fifty-seven per cent of respondents said their organizations are working with fewer than 10 vendors for their security needs. Why the vendor consolidation? Because security leaders aren’t happy with operational inefficiencies and the lack of product integration, says Gartner.
Unpatched internet-connected medical devices running on outdated software are increasingly being exploited by threat actors. That’s according to the FBI. This week it warned patient safety and the confidentiality of personal health data is at risk. Routine challenges include securely configuring medical devices, devices that lack security features and devices with customized software that needs special patching procedures. Devices at risk include insulin pumps, intracardiac defibrillators, pacemakers and pumps that deliver pain medication. A recent research report conducted by a cybersecurity firm found 53 per cent of connected medical devices and other internet of things (IoT) devices in hospitals had known critical vulnerabilities, the report points out. The FBI urges medical IT administrators to protect connected devices with antivirus software if possible, to encrypt medical device data and to ensure devices can only be accessed through complex passwords. If a device is disconnected from an IT network for service there has to be integrity verification before it is re-connected.
A vulnerability in Mitel’s MiVoice VoIP appliance used by businesses is being exploited by a ransomware group. Researchers at Arctic Wolf said a threat actor recently deployed the Lorenz ransomware on a victim after leveraging Microsoft’s BitLocker Drive Encryption to scramble the organization’s data. Monitoring critical assets alone is not enough to protect against cyber attacks, the report warns. Security teams should monitor all externally facing devices for potential malicious activity, including voice-over-IP telephony applications and IoT devices.
Truck rental agency U-Haul says a hacker got hold of the names and driver’s licence numbers of customers who rented vehicles between November 5th of last year and April 5th of this year. They did it by compromising two unique passwords. That enabled the hacker to access a customer contract search tool. In a copy of a letter being sent to affected customers and filed with the State of Montana, U-Haul isn’t saying how the passwords were compromised, nor how many customers were affected.
Finally, Apple released iOS 16 for iPhones and iPads, as well as a number of security patches for earlier releases. iOS 16 includes Lockdown Mode, for executives, reporters and others worried about targeted attacks. It restricts certain non-essential features so there are fewer ways an attacker can compromise a device.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.