top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #83 - February 5, 2024

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade

Source: The Hacker News

The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam.




New Banking Trojan Exploits Patched Windows SmartScreen Flaw

Source: Data Breach Today

The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. Researchers at Unit42 found the updated Trojan now exploits a Windows SmartScreen bypass vulnerability tracked as CVE-2023-36025 that Microsoft patched in November 2023.




Medical Center Fined $4.75M in Insider ID Theft Incident

Source: Info Risk Today

Federal regulators fined a New York City medical center $4.75 million and called for a correction action plan to settle potential HIPAA violations discovered during the investigation of a hospital insider who sold patient data to an identity theft ring in 2013.




New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Source: Bleeping Computer

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a 9.6 severity rating and is an out-of-bounds write vulnerability in FortiOS that allows unauthenticated attackers to gain remote code execution (RCE) via maliciously crafted requests.




Super Bowl LVIII Presents a Vast Attack Surface for Threat Actors

Source: Dark Reading

The NFL's digitization of almost all aspects of the event means it has a lot more turf to protect for itself, and for the game's tens of millions of fans. The outcome of this year's Super Bowl matchup between the Kansas City Chiefs and the San Francisco 49ers on Feb. 11 at the Allegiant Stadium in Las Vegas will likely remain unknown until the last down of the game. But one thing that is already abundantly clear is that attackers will have no shortage of targets to blitz at the event.



113 views

Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page