CYBER NEWS

Created with Sketch.

CISA and the FBI have released a joint advisory highlighting the growing threat behind ongoing Royal ransomware attacks targeting many critical US infrastructure sectors, including healthcare, communications and education

This follows an advisory issued by the Department of Health and Human Services (HHS), whose security team revealed in December 2022 that the operation of the ransomware was linked to a large number of attacks against healthcare organizations in the US. In response, the FBI and CISA shared indicators and a list of linked tactics,…
Read more

Aruba Networks has issued a security advisory to notify customers of six critical vulnerabilities affecting multiple versions of ArubaOS

The US Cyber and Infrastructure Security Agency (CISA) has released ‘Decider’, an open source tool that helps security professionals quickly generate MITER ATT&CK mapping reports. By having a common standard, organizations can quickly share comprehensive and accurate information about newly discovered or emerging threats and help delay their effectiveness. The tool asks user-directed questions about…
Read more

Aruba Networks has issued a security advisory to notify customers of six critical vulnerabilities affecting multiple versions of ArubaOS

The flaws affect Aruba Mobility Conductor, Aruba Mobility Controllers, and WLAN Gateways and SD-WAN Gateways managed by Aruba. Aruba Networks is a California subsidiary of Hewlett Packard Enterprise, specializing in computer networks and wireless connectivity solutions. The affected versions are: • ArubaOS 8.6.0.19 and below • ArubaOS 8.10.0.4 and below • ArubaOS 10.3.1.0 and below…
Read more

Chautauqua Center (TCC) in New York disclosed a HIPAA breach by a business associate. The business associate’s error resulted in the protected health information of 747 physical and occupational therapy patients becoming accessible to other covered entities

According to their victim notification letter, the breach occurred on December 22 at WebPT which provides electronic medical record (EMR) services for Chautauqua Physical and Occupational Therapy. In a letter sent to TCC dated January 13, WebPT explained that the error occurred during an upgrade. In response, WebPT disabled access within 19 hours of the…
Read more

Sentara Health is notifying 741 patients of a data leak after a mistake by a Coronis Health employee

Sentara Health in Virginia reports that on Dec. 19, an anonymous person called their hotline to report that while searching for something online, the caller came across an exposed file with Medicare patient billing information. Sentara quickly verified the caller’s report and determined that the file was uploaded to the Adobe Acrobat website by an…
Read more

On the one-year anniversary of Russia’s war against Ukraine, the US Treasury announced a new set of sanctions against dozens of entities allegedly aiding the Kremlin, including its cyber operations

The war has never been fought only on the ground, but also in cyberspace, with Russia engaging in fake news campaigns, routine distributed denial of service (DDoS) attacks, and the deployment of disruptive malware against Ukrainian targets, including critical infrastructure. Over the past year, the U.S. and other countries have announced numerous sanctions against individuals…
Read more

MortalKombat ransomware victims can now decrypt their locked files for free

Cyber security company Bitdefender has released a universal decryptor for the MortalKombat ransomware – a strain first spotted by cyber researchers in January 2023. The malware has encrypted dozens of victims across the US, UK, Turkey and the Philippines, according to a recent Cisco report. Bitdefender did not say how they obtained the decryption keys…
Read more

The White House directed all federal agencies to delete TikTok from all government devices within 30 days

Canada also announced that it is banning the use of TikTok on all government-issued mobile devices. The EU executive announced last week that it had temporarily banned TikTok from employee phones as a cybersecurity measure https://apnews.com/article/technology-politics-united-states-government-ap-top-news-business-95491774cf8f0fe3e2b9634658a22e56

The US Marshals Service is investigating a ransomware attack that led to data theft

The U.S. Marshals Service (USMS) is investigating the theft of sensitive law enforcement information following a ransomware attack that affected what it describes as an “independent USMS system.” The USMS is an office within the Department of Justice that provides support to all elements of the federal justice system by executing federal court orders, seizing…
Read more

The websites of nine hospitals in Denmark went down on Sunday evening following Distributed Denial of Service (DDoS) attacks by Anonymous Sudan group

The Copenhagen Health Authority said on Twitter that although the hospitals’ websites were down, medical care at the facilities was not affected by the attacks and the websites were back up after two hours. Anonymous Sudan claimed that the attacks were “due to the burning of the Koran”, a reference to the incident in Stockholm…
Read more

Skip to content