Cybersecurity news provided by NetworkTigers on Monday, 26 April 2021.
SAN MATEO, CA — Cyberattack forces medical equipment shutdown, ransomware gang demands $50 million, Costco warns customers about fraudulent emails, California transportation authority victim of cyberattack, McAfee reports cybercrime is rising exponentially, hackers with supposed ties to Chinese government exploit vulnerability to break into government systems, human error exposes customer data, Arizona utility portal back online two months after attack, parking app results in compromised user data, QR codes could compromise cybersecurity, driver license numbers stolen from Geico, Vermont Health Connect breached ten times over winter.
Cyberattack shuts down cancer treatment
A cyberattack on third part vendor Elekta used has resulted in a complete shut down of the health system’s radiation machines affecting some 170 hospitals nationwide. Cybercriminals breached the software company forcing them to take their cloud-based software down which has left hospitals scrambling to find ways to continue treatment for their patients. Currently, Elekta does not know what, if any, information may have been compromised in the attack. It is estimating that systems will be back online Monday. Read more.
REvil ransomware gangs steals Apple blueprints
Notorious ransomware gang REvil has allegedly stolen Apple product blueprints from Taiwanese manufacturer Quanta Computer. The gang is demanding $50 million from Quanta in exchange for its stolen information. According to the criminals, the ransom will double to $100 million if it is not met by April 27th. While some of the information that REvil has released regarding Quanta’s other clients, and therefore other potential targets, has been deemed to be inaccurate, the data they have thus far provided a glimpse at looks to be legitimate. Read more.
Costco issues warning about fraudulent emails
Costco Wholesale Corporation has recently issued a warning with regard to a number of current scams impersonating Costco via emails, texts, and posts. The messaging lures victims with the promise of gift cards or cash rewards in exchange for filling out a survey asking for personal information. Another tactic is telling victims that they are eligible for a COVID-19 relief package of merchandise. Costco is instructing people not to open any suspicious emails or provide sensitive data to any messaging that alleges to be representing the company. Read more.
California transportation authority victim of ransomware attack
California’s Santa Clara Valley Transportation Authority has fallen victim to a cyberattack. A group of hackers have claimed to have 150 gigabytes of stolen information and are threatening to release the data unless a ransom is paid. Authorities have been notified and buses and light rail transportation remain operational while some scheduling and logistics systems remain offline. Read more.
McAfee: 640 cyberattacks per minute in last quarter of 2020
McAfee’s recent cybercrime report suggests that the rate of cyberattacks will continue to rise exponentially as the world still works to cope with stay at home regulations and the new challenges brought about as a result. The complexities resulting from social distancing measures created new opportunities for criminals. Malware attacks in the third and fourth quarter of 2020 rose at unprecedented percentages and nearly 3.1 million attacks on cloud user accounts were tallied. The report states that in the final quarter of 2020, there was an average of 640 attacks carried out per minute. Read more.
HackerOne releases update to its platform
HackerOne, a provider of a tool suite used by white hat hackers, has updated its offering by now providing a video capture capability. The new feature will allow organizations to better incorporate contracted ethical hackers into their workflow and allow the hackers to more easily demonstrate the manner in which they discover and exploit vulnerabilities. The update also providers integration into platforms such as GitHub, Jira, and ServiceNow. Read more.
Alleged Chinese hackers exploit VPN to breach US and European agencies
Cybersecurity firm FireEye reports that hackers with supposed ties to the Chinese government have exploited a vulnerability in Pulse Secure VPN to break into government systems across the US and Europe for months. In a statement, Pulse said that the vulnerability affects very few customers and that patches are already in existence to close the gaps. DHS’ Cybersecurity and Infrastructure Security Agency has ordered federal civilian agencies to take several recommended steps to mitigate risk of a cyberattack. Read more.
Human error leads to exposure of New England’s largest power provider
Eversource, a supplier of energy for 3.6 million people across New Hampshire, Massachusetts, and Connecticut, has exposed the information of its users due to a misconfigured folder that was not set to “private.” The error was detected and remedied the same day, but the folder had the wrong security configuration since last August and held data related to 11,000 customers. Eversource does not believe any of the information contained, including Social Security numbers and account numbers, was misused or stolen. Read more.
Hacked Arizona utility portal back online after two months
In February, an attack took down an online portal for utility billing in Kingman, Arizona, preventing users from being able to pay their bills over the internet. The portal’s reconstruction has been moving at a snail’s pace to ensure safety and security in its new form. While the portal is now back online, some features and files on the system are still not fully operational. The attack itself and the length of time it has taken officials to restore their system highlights the challenges present with regard to cybercrime’s influence on government networks and the security of the country’s utilities at large. Read more.
Alabama parking app reveals data breach
ParkMobile, an app used in Mobile, Alabama by Republic Parking to accept electronic payments, has reported that user data has been compromised. According to a statement, email addresses, phone numbers, mailing addresses, and license plate numbers have been illegally accessed but credit card information and transaction history remained secure. ParkMobile is recommending that all users change their login credentials and maintain strong password security to prevent further issues. Read more.
QR codes potential vehicles for malware
Security firm Ivanti recommends vigilance when it comes to peoples’ willingness to use their devices to scan QR codes. The codes, becoming more prevalent in the UK to allow for touch-free access to menus and payment options, could be used to install malware onto devices. The firm is suggesting that both industry and the general population increase awareness of how the codes work and the ways in which their usage could be potentially dangerous with regard to cybersecurity. Read more.
Geico data breach results in stolen license numbers
U.S. insurance giant Geico has reported that it suffered a data breach that allowed cybercriminals to steal users’ drivers license numbers directly from their website. Geico’s statement says that the criminals used login information that they gathered from elsewhere on the web to access the accounts. The company suspects that the drivers license information may be used to fraudulently apply for unemployment benefits. Geico has instructed users to be sure to report any documents coming from their state that might suggest activity that they did not authorize. Read more.
Vermont Health Connect breached ten times over the winter
In ten separate instances, users of Vermont’s state-run Vermont Health Connect reported logging in to find information that was not theirs filled in to the site’s forms. Someone had gotten unauthorized access to their account and attempted to make fraudulent claims. The state’s health exchange has a history of glitches and cybersecurity related issues, some possibly stemming from the site’s reliance on third party vendor OptumInsights. Vermont authorities don’t know if more breaches occurred than were actually reported. Read more.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402