A huge US healthcare provider data breach, a warning about a Windows flaw and more.
Welcome to Cyber Security Today. It’s Wednesday June 8th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
We’ll start the news with reports of data breaches:
A New England medical imaging provider is notifying 2 million Americans that their personal data may be at risk after a data breach. Shields Health Care Group said a hacker was in its system for just over two weeks in March. Data copied may have included patients’ names, dates of birth, social security numbers, home addresses, medical diagnosis and billing information. It’s one of the biggest healthcare-related cyber attacks in the U.S. this year. Because many Americans have to pay for medical procedures with credit cards healthcare providers are prime targets for hackers. According to a report by Critical Insights, healthcare data on 45 million people in the U.S. was stolen last year, a record high.
Two American gun shops have admitted their websites were hacked, allowing attackers to skin off credit card data of purchasers. According to the Bleeping Computer news site, one company found that data of over 46,000 customers had been stolen in just over eight months starting last June. The other company acknowledged that data on 45,000 customers had been scooped up from its website over two months earlier this year.
Security analysts at the SANS Institute warn an unpatched vulnerability in Microsoft’s Support Diagnostic Tool is something Windows administrators need to act on. The flaw, called Follina, can be exploited through a malicious Word document. Microsoft has published advice on temporary mitigations which should be acted on because the flaw is being actively exploited. Johannes Ulrich, the SANS Institute’s director of research, says the vulnerability should be at the top of things IT leaders should be worrying about. While many endpoint protection tools can detect and block an attack, consider the workaround of disabling the Support Diagnostic Tool on every endpoint.
Researchers at HP have discovered a new piece of malware being spread by Microsoft Word documents in email attachments. If opened the document runs shellcode stored inside which then drops and runs the malware. That malware, dubbed SVCReady, collects information about the infected PC, which is sent back to the attacker. Employees should be warned about documents asking them to enable editing and enable content to read. Staff should check with an authority before going ahead with such instructions.
Finally, IBM is strengthening its security portfolio. It said this week it will buy Randori, a Boston-based company whose software keeps track of externally-facing IT assets and prioritizes which ones post the greatest risk. No price for the deal was announced.
Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.