Cybersecurity Saturday - Ermer and Suter PLLC

From the cyber breach front —

Cybersecurity Dive reports

LastPass, a password manager used by more than 33 million registered users, said an authorized actor was able to breach its systems, taking portions of its source code and some proprietary technical information, CEO Karim Toubba said Thursday.
LastPass said the incident was detected about two weeks ago after it identified unusual activity in the company’s development environment. However, after an investigation, it was determined no customer data or encrypted vaults were accessed.
The company, which has more than 100,000 business customers, deployed containment and mitigation measures and hired a leading cybersecurity and forensics firm to help determine what happened.
“While our investigation is ongoing, we have achieved a state of containment, implemented enhanced security measures, and see no further evidence of unauthorized activity,” Toubba said.
The company is currently evaluating further mitigation measures.

Healthcare Dive adds

Cyberattacks are increasingly being focused on smaller healthcare companies and specialty clinics without the resources to protect themselves, instead of larger health systems that — despite being treasure troves of personal and medical data — generally have more sophisticated security, according to a new report from Critical Insight.
Cybercriminals hit the jackpot this year with the Eye Care Leaders electronic medical records breach, which exposed more than 2 million records. Other major attacks include those against revenue cycle management vendor Practice Resources, printing services vendor OneTouchPoint and accounts receivable firm Professional Financial Company that exposed the data of about 940,000 individuals, 1.1 million individuals and 1.9 million individuals respectively.
Overall breaches are steadily declining from their peak in the second half of 2020. But the trend of focusing on a systemic technology used across most providers is one the cybersecurity firm expects to continue throughout the remainder of the year, the report, which analyzes breach data reported to the HHS, said.

From the cyber vulnerabilities front —

CISA announced on August 24, 2022

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Mozilla security advisories for Firefox 104, Firefox ESR 91.13, Firefox ESR 102.2 and Thunderbird 91.13, Thunderbird 102.2 and apply the necessary updates.

On August 23, 2022, CISA updated its August 16, 2022, alert on “Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite.”

From the ransomware front —

Cyberscoop tells us

Ransomware cases jumped 47 percent amid a rise in attacks involving newer strains of malicious software infecting targets, according to the cybersecurity firm NCC Group.
Reported incidents increased to 198 in July from 135 in June, according to the firm that issues semi-regular reports on ransomware activity by tracking websites that post victims’ details.

The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst’s note on the Karakut threat profile.

Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to steal data and then threaten to auction it off or release it to the public unless they receive payment of the demanded ransom, which have been known to range from $25,000 to $13,000,000 in Bitcoin, with payment deadlines typically set to expire within a week of first contact with the victim. The group likely has ties to the Conti ransomware group, either as a business relationship or as a side business with Conti. Karakurt is also known for extensive harassment campaigns against victims to shame them. HC3 recommends the Healthcare and Public Health Sector (HPH) be aware of their operations and apply appropriate cybersecurity principles and practices found in this document in defending their infrastructure and data against compromise.

Here’s a link to the latest Week in Ransomware from the Bleeping Computer, which has the following lead —

We saw a bit of ransomware drama this week, mostly centered around LockBit, who saw their data leak sites taken down by a DDoS attack after they started leaking the allegedly stolen Entrust data.

From the cyber defenses front —

Security Intelligence offers businesses advice on creating and improving a Ransomware Playbook.

Cybersecurity Dive tells us

With all the uncertainty around the economy — and recession fears — organizations have to make some tough decisions as they plan 2023 budgets.
IT budgets are expected to take a hit, as Gartner predicts that, while organizations will continue spending on IT, it will be at a much slower pace than in recent years.
If IT spending is slowing, will business leaders follow a similar approach for cybersecurity budgets? The answer is probably not. Gartner predicts that the end-user spending on both security technology and services will see an annual growth rate of 11% over the next four years, and many security professionals agree with that assessment.
That’s the way it should be, according to Bob Stevens, VP of public sector at GitLab.
“If it isn’t already, I foresee security becoming one of the top investment areas for companies and government agencies in the coming year – especially in the form of DevSecOps,” said Stevens.
In fact, cybersecurity is now one of the top spending considerations for government and private sector leaders, according to GitLab’s 2022 Global DevSecOps Survey.

Health IT Security reports

More healthcare organizations are engaging with healthcare cybersecurity and data privacy consulting vendors to help mitigate risk and avoid the numerous repercussions of healthcare cyberattacks, data breaches, and HIPAA violations, a new KLAS reportnoted.
Researchers asked healthcare professionals about the security and privacy consulting vendors that their organizations worked with and how satisfied they were with vendor relationships, services, operations, and value.
Respondents reported being highly satisfied with First Health Advisory and Impact Advisors in particular. Healthcare professionals also reported improved executive involvement within Clearwater and CynergisTek, the latter of which recently entered
Other assessed vendors included tw-Security, Intraprise Health, Guidehouse, Fortified Health Security, and Meditology Services.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Subscribe to FEHBlog