Health system ransomware attack highlights patients' vulnerability
Source: Axios
A crippling ransomware attack on the second-largest U.S. nonprofit health system is showing how much patients can be left in the dark when critical health care infrastructure goes down. Why it matters: The attack earlier this month on CommonSpirit Health, which has 142 hospitals in 21 states, left IT locked, delayed surgeries and caused widespread disruptions in patient care. It also left millions of patients waiting at least two weeks to learn if their personal information was compromised, experts say.
A phishing campaign is spreading brand new malware targeting Facebook users
Source: Tech Radar
Ducktail updates its arsenal with new weapons. Ducktail, a known phishing campaign that hijacks Facebook accounts running advertising campaigns for businesses, is now distributing a brand new infostealer malware.
US Airport Websites Targeted by Russian KillNet Group
Source: Gov Info Security
KillNet Declared 'War' in May After Thwarted Eurovision Song Contest Attack. A pro-Russian political hacking group is claiming responsibility for distributed denial-of-service attacks that knocked offline the public websites of several major U.S. airports. Air travel was not affected.
Microsoft Fixes 1 Zero-Day, Leaves 2 Exchange Bugs Unpatched
Source: Data Breach Today
October's Patch Tuesday Includes Fixes for 84 Bugs. There are no fixes for a pair of recently uncovered Microsoft Exchange zero-day vulnerabilities possibly being exploited by Chinese hackers in this month's Microsoft patch dump, but the company has rolled out a fix for another zero-day that could give attackers system-level privileges.
Not So Fast: Retailer Shein Fined $1.9M for Breach Cover-Up
Source: Data Breach Today
39 Million Shoppers of Shein and Romwe Weren't Notified of Personal Data Exposure. Fast-fashion clothing brand Shein has been fined $1.9 million by the New York state attorney general for multiple failings tied to a massive 2018 data breach.
Comments