Security News > 2020 > September

An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems - but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.

The Joker malware has been a persistent thorn in Google's side as it keeps popping up in shady apps to infect users of the Google Play store. Google has long been locked in a battle with cybercriminals who create and submit malicious apps to the Play store that somehow sneak past the company's protections.

Instead of waiting to become a victim and reacting to it, a more proactive approach is to regularly perform vulnerability assessments of the devices and services on your network to obtain reports on what issues are found, their degree of severity, and what steps must be taken to correct these vulnerabilities. Moving forward with critical assessments will come after all device data has been obtained using a mix of general-purpose vulnerability assessment tools and specialized ones, as needed.

UHS insists patient care continues to be delivered and that "No patient or employee data appears to have been accessed, copied or otherwise compromised." A UHS spokesperson declined to provide further details or to comment on unsubstantiated claims made via social media suggesting the involvement of the Ryuk ransomware family.

While the spyware previously targeted Windows, iOS and Android users, researchers have discovered these campaigns using new variants that target macOS and Linux users. These samples include "Jabuka.app," a FinSpy variant for macOS, and "PDF," a FinSpy variant for Linux.

As we'll explain below, the curiously mangled phrase "To increase the quality and quantity of waste material" doesn't just refer to the ruined files that a ransomware attack leaves behind after they've been scrambled with a cryptographic key known only to the crooks. Even though the twisted history of ransomware groups can be hard to follow - at least, those who haven't been caught and prosecuted - it looked as right away as though the report of the gang's demise was a scam all of its own, and that they almost immediately returned with a ransomware strain known as Sodinokibi.

Craig Williams: Companies can no longer base the success of their current or future workforce by comparing it to the traditional workforce of the past, and this is true when measuring the productivity of employees. It's also important for the IT team to have a strong understanding of the needs of the business-and how HR needs to support all employees, whatever their situations.

Text storage service Pastebin last week announced the introduction of two new security features, but some industry professionals believe they will likely be abused by malicious actors. The new features are Burn After Read, which causes pastes to be deleted after they are read, and Password Protected Pastes, which allows users to set a password for the data they post.

A ransomware attack has shut down Universal Health Services, a Fortune-500 owner of a nationwide network of hospitals. In an official statement given out on Monday, UHS noted: "The IT Network across Universal Health Services facilities is currently offline, due to an IT security issue. We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible. In the meantime, our facilities are using their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively."

Incident response and detection is a critical part of your security operation - it's hard to defend against what you can't see, particularly when your attack surface now extends from on-prem and into the cloud. Do you feel like it's the criminals and hackers who have grabbed all the benefits of moving to the cloud, being able to scale up their operations at will, leverage technologies like machine learning and AI, and exploit vulnerabilities left as target organizations hybridize their own operations.