Weekly Cybersecurity Recap May 20
Table of Contents
- By Patrick Ryan
- May 20, 2022
The digital landscape is becoming more treacherous as the new year takes shape. Check out the news headlines, and you will find mention of ransomware, phishing, malware, and more. Ongoing web-based attacks from Russia also loom as a constant threat. Let's take a quick look at some of the more notable attacks and developments from the digital security industry in the third week of the month.
MSPs Warned About Pending Attacks
MSPs have received a warning about a potential spike in digital attacks. Five Eyes Alliances issued the warning. The potential online offensives would be levied against both MSPs and their customers. MSPs provide information technology services to various clients, so such an attack would have wide-ranging ramifications. There are some allegations that Russian hackers are behind the threats against MSPs in the West.
An AvosLocker attack has resulted in data theft at a healthcare company. The successful attack stole information from a Texas-based healthcare provider CHRISTUS Health. CHRISTUS operates healthcare facilities in the southern portion of the United States along with Mexico and South America. The online attack stole personal information pertaining to the healthcare company's patients.
Information from more than 600 facilities was accessed during the digital offensive. However, patient care was not compromised during the attack. The information theft comes on the heels of a similar digital heist performed one month earlier. McKenzie Health System, a healthcare specialist, based in Michigan, was targeted during the attack.
Botnet Targets Windows and Linux
A Sysrv-K botnet is targeting computers with both Linux and Windows operating systems. The botnet relies on flaws in a Spring Framework and plugins used in WordPress. The aim is to compromise targeted systems with malware that uses the target computers' internal computing power to mine cryptocurrency that the hacker then sells for profit.
This botnet is somewhat unique in that it scans the web for targets for the transmission of malware, zeroing in on especially weak digital defenses. The attack highlights the need to update digital security with the industry's latest solutions, protect credentials, and take additional steps to secure operating systems that are web-facing.
iPhones are Being Targeted Even When in the Off Position
iPhone users should be aware their phones might be subjected to hacking even when not powered on. The powering off of iPhones still permits the UWB, Bluetooth, and NFC to work. Such features open the door for hackers to add malware and use the device from afar. Hackers are compiling sensitive information from targeted phones and using that information to steal identities or make fraudulent charges.
Microsoft Patch Leads to Authentication Issues
A patch update for Microsoft is now leading to authentication problems. If you use a computer with a Windows operating system and it has authentication errors or other unexpected problems, it might result from a patch recently provided by the software giant. The patch update for May might also cause failures in the Active Directory domain services. The flaw also affects the Network Policy Server, Remote Access Service, Routing, and Protected Extensible Authentication Protocols. The underlying problem is an issue with the certificate mapping with machine accounts.