Cybersecurity Saturday

To set the stage, last Tuesday, “ECRI, an independent, nonprofit organization that provides technology solutions and evidence-based guidance to healthcare decision-makers worldwide, lists cybersecurity attacks as the top health technology hazard for 2022 in its just-released annual report.”

What’s more, HC3 issued its Fourth Quarter 2021 Healthcare Cybersecurity Bulletin.

Getting down to business, HC3 also released a useful PowerPoint presentation with background and remediation / prevention tips for the Log4j vulnerability.

From the irony department, ZDNet reported yesterday that

Microsoft researchers have discovered a previously undisclosed vulnerability in the SolarWinds Serv-U software while monitoring threats related to Log4J vulnerabilities. 

Jonathan Bar Or explained on Twitter that while he was hunting for a Log4J exploit attempt, he noticed attacks coming from serv-u.exe. 

“Taking a closer looked revealed you could feed Ssrv-U with data and it’ll build a LDAP query with your unsanitized input! This could be used for log4j attack attempts, but also for LDAP injection,” he wrote. 

“Solarwinds immediately responded, investigated and fixed the #vulnerability. Their response is the quickest I’ve seen, really amazing work on their part!”

On a broader scale, ZDnet also reports that

The US government has urged organizations to shore up defenses “now” in response to website defacements and destructive malware targeting Ukraine government websites and IT systems. 

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new ‘CISA Insights‘ document aimed at all US organizations, not just critical infrastructure operators. The checklist of actions is CISA’s response to this week’s cyberattacks on Ukraine’s systems and websites, which the country’s officials have blamed on hackers linked to Russian intelligence services.

From the latest vulnerabilities front, Cyberscoop informs us that

QR codes are among the few “winners” of the coronavirus pandemic, the joke goes, because restaurants and other businesses have deployed them in far greater numbers over the past few years, in an effort to make more interactions contactless.

The FBI is warning, however, that scammers love them, too.

The bureau’s Internet Crime Complaint Center (IC3), issued a general alert Tuesday about “malicious” QR codes that reroute unsuspecting consumers to the world of cybercrime.

“[C]ybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use,” the announcement says.

Last but never least, here is a link to Bleeping Computer’s The Week in Ransomware.

Leave a Reply

Your email address will not be published.