Cybersecurity news provided by NetworkTigers on Monday, 10 January 2022.
SAN MATEO, CA — Attackers attempt hacks by mailing USB drives, new Java vulnerability similar to Log4Shell, New Mexico county hit with cyberattack, years old Uber exploit finally fixed, attackers using Google Docs to spread malware, ZLoader malware in circulation, music website “DatPiff” hacked, 2021 cyberattack against UK Ministry of Defence academy revealed, Arkansas hospital payroll offline due to Kronos hack, largest media provider in Portugal attacked, Florida hospital system breached.
Attackers attempt hacks by mailing USB drives
The FBI has issued a warning to retailers that FIN7, a notorious Eastern European hacking collective, has been mailing envelopes containing USB drives to businesses that are purported to include COVID-19 information from the Department of Health and Human Services or Amazon. However, inserting the USB drive in fact injects malicious code into the user’s computer that can be used to gather data and initiate a ransomware attack. Read more.
New Java vulnerability similar to Log4Shell
A serious new Java bug has been detected that has the same root cause as the currently-trending Log4Shell vulnerability, according to researchers. A successful exploit of the bug can allow an attacker to initiate unauthenticated remote code execution. All users running the popular H2 Java SQL database are urged to update their system immediately. Read more.
New Mexico county hit with cyberattack
Bernalillo County, the most heavily populated in the state of New Mexico, has had its services disrupted by a ransomware attack on Wednesday morning. The attack has resulted in many government employees working remotely as buildings remain closed. Safety services are still operational due to backup protocols being in place, although many government services are offline due to system disruption. Read more.
Years old Uber exploit finally fixed
An exploit that would allow criminals to easily send emails to targets from Uber’s official network has finally been closed. However, researchers note that this exploit has been open since 2015 and may have already been used to trick Uber users into providing personal information and payment data. Uber users are encouraged to change their passwords and use challenging login credentials. Read more.
Attackers using Google Docs to spread malware
The comments feature of Google Docs has reportedly been used to spread malware and malicious links that primary target Outlook users, according to researchers at security firm Avanan. The vulnerability has been noted since October, but has not been fixed by Google. Attackers use the comment feature to send a notification email to their target. The nature of the email sent makes it difficult to determine whether or not it can be trusted. Read more.
ZLoader malware in circulation
ZLoader is a Trojan that is used to steal passwords, cookies and other sensitive information from infected systems. However, a new ZLoader campaign spearheaded by the malware gang Malsmoke is hiding the Trojan in a new and more difficult to spot way. ZLoader is being hidden within a “legitimate remote management program from Atera pretending to be a Java installation.” Read more.
Music website “DatPiff” hacked
Free mixtape hosting website “DatPiff” has been hacked with the passwords for more than 7.5 million users being sold online. Users can check Have I Been Pwned to determine if their accounts were affected by the breach. DatPiff account holders are being encouraged to change their passwords and login credentials to words and phrases that do no share any similarity with previously used credentials. Read more.
2021 cyberattack against UK Ministry of Defence academy revealed
In March of 2021, a cyberattack was levied against the UK Ministry of Defense (MoD) Academy that reportedly had a significant operational effect. Revealed by a retired military official, the perpetrators of the attack are still unknown leaving the possibility of state-sponsored hacking on the table. As of today, the MoD’s IT infrastructure is still being restored while stronger defenses are being implemented. Read more.
Arkansas hospital payroll offline due to Kronos hack
The University of Arkansas for Medical Sciences (UAMS) has been reeling from the effects of December’s cyberattack on Kronos, with the hospital struggling to maintain timekeeping records and pay its employees. While the absence of Kronos’ services has been a challenge, the hospital reports that thus far all workers have been paid on time. The UAMS is the state of Arkansas’ largest public employer. Read more.
Largest media provider in Portugal attacked
Impresa, owner of the largest television station and newspaper in Portugal, has reportedly been the victim of a ransomware attack. National cable TV broadcasts are unaffected, but the company’s streaming capabilities have been taken down. The company has also had its Twitter account hacked by the attackers, who have been using it to taunt the company and report to followers that the hijackers still have access to the company’s data. The ransomware group Lapsus$ is believed to be responsible for the attack. Read more.
Florida hospital system breached
Florioda-based hospital system Broward Health has reported that it suffered a data breach on October 15th of 2021. The breach is said to have taken place through a third party organization that had access to Broward Health’s network. The compromise allowed unauthorized users the ability to both access and steal Social Security numbers, patient health data, names, addresses, banking information and more. No illegal misuse of the data has yet to be reported. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses, health care and government agencies globally. www.networktigers.com
NetworkTigers provides the latest industry and cybersecurity news in a weekly roundup at news.networktigers.com.