By OptionOne Technologies
We searched through the most popular cybersecurity websites to bring you the latest industry news, updates, and tips.
Daixin Team Hackers Target Health Organizations with Ransomware
CISA is warning healthcare organizations that a team of hackers is targeting their industry with ransomware, The Hacker News reported. U.S. cybersecurity and intelligence agencies recently published a joint advisory warning of attacks by a cybercrime game known as “the Diaxin Team.”
The group has been linked to multiple ransomware incidents in the healthcare and public health sectors. Their attacks have encrypted multiple systems at healthcare organizations, including electronic health records, diagnostics, and internet services.
The attacks have been orchestrated via virtual private network (VPN) servers, taking advantage of unpatched security flaws and compromised credentials obtained through phishing emails.
Organizations are advised to apply the latest software updates to all systems, enforce multi-factor authentication, segment their networks, and maintain offline backups.
List of Common Passwords Accounts for Nearly All Attacks on Two Server Types
Tens of millions of credential-based attacks targeting two types of servers (SSH and RDP) were carried out using a small fraction of passwords from a list of leaked credentials, DarkReading reported.
Vulnerability firm Rapid7 used a network of honeypots to discover that 99.997% of all the passwords used in attacks on two types of services were from a list known as “RockYou2021.” The RockYou2021 file contains 8.4 billion entries, but the passwords used in attacks numbered only 512,000 permutations.
Security firms have repeatedly learned that users continue to pick bad passwords, despite years of evidence that poor password selection can lead to breaches. In 2019, an evaluation of leaked passwords found that the top passwords used were “123456,” “123456789,” and “qwerty.”
Zoom for Mac Patches “Spy-On-Me” Bug
Zoom recently announced a bug in the Mac version of its software that allowed a “debugging port” to open when camera mode rendering context is enabled as part of the Zoom App Layers API. This established a “listening network connection,” that could allow someone to take control of the app.
According to a report by Naked Security by Sophos, the bug has been fixed, and users should update their Zoom accounts immediately.
The report suggests, “Update your macOS Zoom Client to version 5.12.0 or later, and the debugging port will stay closed when you use Zoom. On a Mac, go to the main ‘zoom.us’ menu and choose ‘Check for Updates…’ to see whether you’ve got the latest version.”
96% of Companies Have Insufficient Security for Cloud Data
According to a report by CSO, the vast majority of organizations aren’t confident in their ability to secure sensitive cloud data. A new report by Cloud Security Alliance (CSA) revealed that only 4% of the 1,663 IT and security respondents reported sufficient security for all their cloud data.
Apart from struggling with securing sensitive data, organizations are also having trouble tracking data in the cloud. Over a quarter of organizations polled aren’t tracking regulated data, nearly a third aren’t tracking confidential or internal data, and 45% aren’t tracking unclassified data, the report said.
Furthermore, about 62% of organizations reported they are somewhat highly likely to experience a cloud data breach in the next year.
Centralized Enterprise Secrets Management Is Becoming Increasingly Important
The enterprise IT environment is characterized by “continuous digital transformation,” with remote and mobile work becoming the norm. However, enterprises are facing increasing challenges in keeping data secure in this environment.
Effective secrets management may be the key to addressing common challenges, CIO magazine suggests. In this context, secrets management refers to the tools and best practices used to store, access, and manage digital authentication credentials, or “secrets.” These include passwords, but also public and private encryption keys, SSH keys, APIs, tokens, and certificates.
CIO suggests that secrets management is inherently centralized: “Secrets kept in cloud platforms that perform continuous integration/continuous delivery (CI/CD) are required, by their nature, to manage and allow access to other machines and software. For this, they need to store secrets and signing keys (used for sealing code and software updates), which are frequently stored in non-secure locations such as a developer’s laptop or a build server.”
This “secret sprawl” makes secrets vulnerable to hacking. At some companies, a secrets management solution may be warranted.
Security by Design is Vital to Protecting IoT
The growth of IoT technology is giving rise to new cybersecurity threats. According to an article by CSO, security by design is likely the best approach to mitigating risks as the world embraces connected devices and smart cities. Security by design requires products, such as software and devices, to be designed with a secure foundation, rather than designed for function and then secured later.
The article cites Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC), who spoke during Singapore International Cyber Week.
“We all know that connected places are an evolving ecosystem, comprising a range of systems that exchange, process, and store sensitive data, as well as controlling critical operational technology,” said Cameron. “Unfortunately, this makes these systems an attractive target for a range of threat actors. The threat posed by nation states is particularly acute.”
Workable international standards will be key to ensuring IoT is secure in the future.
Here are our latest cybersecurity tips:
- Use a password manager at your company. Not only are they convenient, but they make password governance much more streamlined and easier to enforce. In most cases, it is unrealistic to expect employees to both come up with secure passwords and remember them.
- Use a secure file-sharing system. You need the means to protect and transfer sensitive data and files. A secure file-sharing system gives you this capability, and it makes accessing files remotely both convenient and more secure.
- Keep work and personal emails separate. It may be tempting for your employees to use a personal email address for work, especially if they work from home. This can create security issues, as company data may be forwarded to email accounts that aren’t properly managed.
Thanks for Reading
That’s it for the latest Cybersecurity Briefing from OptionOne Technologies. Fill out our form below to learn more about our services.