Security News

DHS CISA and the FBI today shared more info on how an Iranian state-sponsored hacking group was able to harvest voter registration info from U.S. state websites, including election sites. The attempts to download voter info from election websites took place between September 29 and October 17, 2020, according to the advisory.

The Federal Bureau of Investigation shared indicators of compromise associated with the Iranian state-sponsored threat group behind last week's Proud Boys voter intimidation emails that targeted Democratic voters. The threatening spoofed emails used the "Vote for Trump or Else" subject and warned voters registered as Democrats that they must vote for President Trump and change their party to Republican unless they want the Proud Boys far-right group to come after them.

Although it's a warning that's tailored for the healthcare sector, the report is nevertheless relevant to all of us, and we can all learn from it. Sure, some of the items in the AA20-302A report are specific to healthcare, such as contact details for cybersecurity bodies in the healthcare sector, and specific advice about security "Hardening" on medical devices, which operate under a special regulatory mechanism.

The FBI warns of a threat against the healthcare sector from Ryuk ransomware, and one that's already affected some hospitals. The healthcare industry continues to be a prime target for ransomware, so much so that the FBI and two other government agencies are now warning this sector of impending attacks using the infamous Ryuk ransomware.

Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "Imminent cybercrime threat to U.S. hospitals and healthcare providers." The agencies on the conference call, which included the U.S. Department of Health and Human Services, warned participants about "Credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers."

The US Federal Bureau of Investigation, Departments of Homeland Security, and Health and Human Services issued a joint alert Wednesday warning of an "Imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the Sector with TrickBot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services," the Cybersecurity and Infrastructure Security Agency said in its advisory.

While hotel Wi-Fi is convenient, security is not the priority, federal government says.

The Federal Bureau of Investigation issued a flash alert warning of hackers stealing data from U.S. government agencies and enterprise organizations via internet-exposed and insecure SonarQube instances. Vulnerable SonarQube servers have been actively exploited by attackers since April 2020 to gain access to data source code repositories owned by both government and corporate entities, later exfiltrating it and leaking it publicly.

The report concludes that, far from modern phones being a bastion of privacy and security, there are in fact routinely rifled through for trivial crimes without a warrant in sight. The report gives numerous other examples of phones taken from their owners and searched for evidence, without a warrant - many in cases where the value of the information was negligible such as cases involving graffiti, shoplifting, marijuana possession, prostitution, vandalism, car crashes, parole violations, petty theft, and public intoxication.

The Federal Bureau of Investigation issued a flash alert to warn of the potential use of spoofed US Census Bureau domains in future malicious campaigns including phishing and credential theft attacks. The US Census Bureau is a federal government statistical agency that collects statistical data on the US economy and population, data used by the federal government to allocate over $675B in federal funds to tribal, local, and state governments each year.