Security News

Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version. Zoho's ManageEngine Desktop Central is a management platform that helps admins deploy patches and software automatically over the network and troubleshoot them remotely.

Planned Parenthood's Los Angeles division has been hacked, with cyberattackers making off with sensitive personal health information for at least 400,000 patients. The clinical data is highly sensitive: Planned Parenthood offers a variety of sexual health services, including annual well-woman exams, birth control, cervical and testicular cancer screenings, prenatal care, sexual education, vasectomies, and abortions.

Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. According to a data breach notification sent to Planned Parenthood Los Angeles patients, the cyberattack occurred between October 9th and 17th, allowing threat actors to steal files from the compromised network.

Three different state-sponsored threat actors aligned with China, India, and Russia have been observed adopting a new method called RTF template injection as part of their phishing campaigns to deliver malware to targeted systems. "RTF template injection is a novel technique that is ideal for malicious phishing attachments because it is simple and allows threat actors to retrieve malicious content from a remote URL using an RTF file," Proofpoint researchers said in a new report shared with The Hacker News.

Whether or not it was a state-sponsored venture, this attack proved to be a huge wake-up call and shone a spotlight on software supply chain attacks. Hence the emergence of one of the key growing attack vectors in 2021: the "Web supply chain attack".

Last month saw an alarming rise in cyberattacks against healthcare facilities. Ransomware attacks across the globe locked 68 care providers out of their respective networks during Q3 of this year alone, threatening patient safety and privacy.

Fallout from nation-state sponsored cyberattacks will no longer be covered under cyber-insurance policies issued by famed insurer Lloyd's of London. The insurance juggernaut's underwiring director Patrick Davidson just released four new Cyber War and Cyber Operation Exclusion Clauses, outlining the new terms.

Over 150 HP multifunction printers are open to attack via two exposed physical access port vulnerabilities and two different font parsing vulnerabilities discovered by F-Secure security consultants Timo Hirvonen and Alexander Bolshev. Attackers can exploit the vulnerabilities to seize control of vulnerable devices, steal information, and further infiltrate networks to inflict other types of damage, but the good news is that, earlier this month, HP has issued firmware updates that patch the vulnerabilities.

The North Korea-linked ScarCruft advanced persistent threat group has developed a fresh, multiplatform malware family for attacking North Korean defectors, journalists and government organizations involved in Korean Peninsula affairs. ScarCruft specifically controls the malware using a PHP script on a compromised web server, directing the binaries based on HTTP parameters.

Cannazon, one of the largest dark web marketplaces for buying marijuana products, shut down last week after suffering a debilitating distributed denial of service attack. The admins posted that message on November 23, 2021, and today, Cannazon went offline, allegedly forever.