Here are some interesting updates about cybersecurity threats and new trends.
CISA made 1,754 notifications in 2023 to organizations with internet-exposed devices that were vulnerable to ransomware exploitation.
Of those 1,754 notifications, 852 resulted in the vulnerable devices being patched, having a compensating control implemented, or being taken offline.
CISA leverages its Cyber Hygiene Vulnerability Scanning service and administrative subpoena authority to identify vulnerable systems and notify the affected organizations.
Organizations that participate in CISA's free Cyber Hygiene Vulnerability Scanning service typically see a 40% reduction in risk and exposure within the first 12 months.
The RVWP program is mandated by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 and aims to reduce the prevalence of ransomware attacks by getting vulnerable systems patched before they can be exploited.
Source: CISA
The vulnerability, tracked as CVE-2024-3400, was first detected by cybersecurity firm Volexity on April 10, 2024.
Palo Alto Networks acknowledged the issue on April 15, 2024, and released patches and mitigation guidance for customers. They also provided recommendations for using their Panorama centralized management system to defend against the attacks.
The vulnerability has been classified into different levels of compromise, ranging from unsuccessful exploitation attempts (Level 0) to signs of interactive command execution (Level 3). However, Palo Alto Networks stated that the majority of cases they have responded to have been unsuccessful attempts or limited Level 1 and 2 compromises.
Source: Palo Alto Networks
Matthew David Keirans, a former hospital systems administrator from Hartland, Wisconsin, pleaded guilty to federal charges for stealing a co-worker's identity in 1988 and causing the false imprisonment of his victim.
Keirans stole the identity of a co-worker in 1988 and used it for over 35 years, causing the false imprisonment of his victim.
In April 2024, Keirans pleaded guilty to one count of false statement to a national credit union administration and one count of aggravated identity theft.
Source: The Gazette
Hinge has introduced a new "Hidden Words" feature to help users avoid harassment and unwanted messages on the dating app.
The feature allows users to create a personalized list of up to 1,000 words, phrases, and emojis that they do not want to see in messages from potential matches. If someone sends a message containing any of the user's "Hidden Words", that message will be moved to a separate "Hidden Likes" section instead of appearing in the main match feed.
This works similarly to mute features on other social media platforms, giving users more control over the content they see. The goal is to cut down on harassment, catfishing, and other problematic behavior on the dating app.
Hinge's VP of Trust, Safety, and Support said the company is considering expanding the feature's capabilities in the future based on user feedback.
Source: TechCrunch
A significant cybersecurity incident involving Change Healthcare, a company owned by UnitedHealth Group's subsidiary Optum. In February, Change Healthcare was targeted by a ransomware attack attributed to the ALPHV/BlackCat group, which led to operational disruptions across U.S. hospitals and pharmacies. The attackers initially demanded and allegedly received a $22 million ransom from Optum. However, the situation escalated when the data stolen during the attack appeared for sale on RansomHub's leak site, indicating a potential breach of agreement or a continuation of the extortion.
Source: SC Magazine