A phishing email leads to a health data breach, MikroTik routers need an update, and so does Drupal.
Another big data breach has been caused by an employee falling for the business executive email scam. This time it happened in Iowa, where someone working at UnityPoint Health, was fooled by an email that looked like it came from an executive of the institution. The details are sketchy, but somehow the employee gave away a password, and the attacker was able to get personal data on as many as 1.4 million patients in Iowa and North Carolina. There are a couple of ways this could be done happened. One is the attacker spoofs the email address of the executive, perhaps by misspelling his name by one letter, or the name of the institution. The way you can make sure you’re not tricked is to carefully check the email address of every message you get that asks you do something.
The other way is by hacking the email account of the executive, who, because of his senior position wouldn’t have access to sensitive data. So the attacker sends a message from the legitimate email account to someone lower in the company who would have access. The way you can make sure you’re not tricked by this is to be careful when anyone – even in your company – asks for your password or to go to a site and log in again with your password.
Businesses and Internet providers using routers made by MikroTik are being urged to update the routers’ operating system. That’s because several worldwide malware campaigns are exploiting hundreds of thousands of unpatched routers to secretly install Coinhive cryptocurrency miners on the web pages of computers connected to them. A few days ago the Hacker News reported more than 200,000 MikroTik routers had been compromised. The bug was discovered in April and patched then, but apparently many owners or administrators have been sluggish in plugging the hole. So now it’s being exploited. Researchers at Trustwave first noticed that some 183,000 routers were exploited in Brazil. Then it spread to other countries. Made in Latvia, MikroTik routers are sold in Canada and the U.S. Devices running the RouterOS operating system can be upgraded in two clicks, says the company.
Speaking of updates, if you are an IT administrator running the Drupal content management system you’ve got to install the latest software patch. It fixes a security bypass vulnerability that could allow a remote attacker to take control of your websites.