Security News
Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune. Scripps acknowledged the attack in a statement but didn't specify whether it was a ransomware incident.
IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home programs, increased bring-your-own-device policy adoptions, and rising internal and third-party risks stemming from the COVID-19 pandemic, CyberEdge Group reveals. It's no surprise that many IT security teams are shifting their security infrastructure investments from traditional, on-premises offerings to modern, cloud-based solutions.
An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. It contains /proc/[pid] subdirectories, each of which contains files and subdirectories exposing information about specific processes, readable by using the corresponding process ID. In the case of the "Syscall" file, it's a legitimate Linux operating system file that contains logs of system calls used by the kernel.
The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data. The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital.
An Albany-area school district is investigating a malware attack that forced students in grades 7 through 12 into all-remote learning on Monday, district officials announced. Officials at the Guilderland Central School District said on the district's website that specialists investigating "Technical interruptions" that happened last Thursday "Have determined that the district was the victim of a cyber attack by a threat actor group which used malware to encrypt certain systems throughout the district."
Australian software developer Click Studios on Saturday urged Passwordstate customers to reset all of their passwords if they downloaded a poisoned update using the software's In-Place Upgrade functionality. "Only customers that performed In-Place Upgrades between the times stated above are believed to be affected. Manual Upgrades of Passwordstate are not compromised. Affected customers password records may have been harvested," Click Studios says.
"It's always good to have more attention on embedded systems security, especially when it involves critical infrastructure. However, focusing entirely on Chinese-manufactured or supplied equipment used in U.S. infrastructure does not take into account that equipment manufactured in the U.S. and Europe also contains significant vulnerabilities. In this year alone, we've seen vulnerability disclosures from CISA from companies like Siemens, GE, and Schneider Electric. There's clear evidence that vulnerabilities from manufacturers around the world - not just China - and they need to be mitigated before threat actors take advantage with devastating consequences." Governments need to take an active role in assisting utilities and other parts of critical infrastructure in their push for manufacturers to make meaningful improvements in the grid equipment security, before the equipment is deployed.
When the pandemic struck, schools had to adapt quickly with a wholesale shift to remote learning. Attackers took immediate advantage of this change, targeting newly implemented technologies to access resources and steal data.
A VPN is a digital tool that improves your security and privacy online. An IP can reveal your location and your ISP. However, a VPN changes that.
Excellent New Yorker article on North Korea’s offensive cyber capabilities.