A major US healthcare provider data breach, Windows vulnerability warning, and more.
Welcome to Cybersecurity today. It’s Wednesday, June 8, 2022. I’m Howard Solomon, contributing cybersecurity reporter for ITWorldCanada.com.
We’ll start the news with data breach reports:
A medical imaging provider in New England is notifying 2 million Americans that their personal data may be at risk following a data breach. Shields Health Care Group said a hacker had been infiltrating its systems for more than two weeks in March. Copied data may include patient names, dates of birth, social security numbers, home addresses, medical diagnoses, and billing information. This is one of the largest healthcare-related cyberattacks in the US this year. Because many Americans pay for medical procedures with a credit card, healthcare providers are a prime target for hackers. According to a report by Critical Insights, healthcare data of 45 million people in the US was stolen last year, a record high.
Two American gun shops admitted their website had been hacked, allowing attackers to scrape a buyer’s credit card data. According to the news site Bleeping Computer, one company discovered that the data of more than 46,000 customers had been stolen in just over eight months from last June. The other company admitted that data on 45,000 customers had been collected from its website over the first two months of this year.
Security Analyst at the SANS Institute warns an unpatched vulnerability in the Microsoft Support Diagnostic Tool is something Windows admins need to act on. The vulnerability known as Follina can be exploited through a malicious Word document. Microsoft has advised on temporary mitigations that should be taken as the vulnerability is being actively exploited. Johannes Ulrich, research director at the SANS Institute, says security vulnerabilities should be at the top of the things IT leaders should worry about. While many endpoint protection tools can detect and block an attack, consider disabling the Support Diagnostic Tool on every endpoint.
Researchers at HP discovered a new piece of malware being distributed by Microsoft Word documents in email attachments. If opened, the document will run the shellcode stored inside, which will be stripped and run malware. That malware, called SVCReady, collects information about the infected PC and is sent back to the attacker. Employees should be alerted to documents that ask them for permission to edit and allow content to be read. Employees should check with the appropriate authority before proceeding with such instructions.
Final, IBM is strengthening its security portfolio. This week it said it would buy Randori, a Boston-based company whose software tracks external IT assets and prioritizes which ones pose the greatest risk. No price for the deal has been announced.
Remember the links to detailed information on the podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find my other stories.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts, or add us to Flash Summary on your smart speaker.