Security Digest (June 2023)

Advanced Computer Technologies Security Digest for June 2023

June 2023

As always, Advanced is proud to be here for all your security needs. Reach out now ([email protected]) to determine how you can improve your security posture and keep your business running smoothly.

– The Advanced Security Task Force

Patch Tuesday – 6/13
The 2nd Tuesday of every month is Patch Tuesday! Every Patch Tuesday, Microsoft addresses security vulnerabilities in their products via a large deployment of software updates. This month’s Patch Tuesday addressed 78 security vulnerabilities, 6 of which were considered critical. A full list of these updates can be seen here.

 

HP’s 2023 Q1 Threat Report Warns of Email Threats
  • HP has released their Security Threat Insights Report Q1 2023, providing an assessment of the modern threat landscape.
  • Notable numbers from the threat report include an estimation that roughly 14% of malicious threats pass through email security gateways undetected, emphasizing the importance of end user training. HP also estimates that 80% of all threats to a given organization come via email.
  • HP also observed an increase in OneNote utilization by threat actors. OneNote files (identifiable by their .one filetype) can be used to deliver malicious code while bypassing standard security measures. Once delivered, victims will see an attachment requesting the client enter credentials to access shared documents.
  • Most vendors and users will never provide confidential documents through OneNote. As always, Advanced strongly recommends calling the sender, or Advanced directly, to verify any suspicious looking email.
  • The full HP Q1 Threat Report can be seen here.
HP Issues Warning Regarding ChromeLoader
  • HP has advised of on observed rise in ChromeLoader malware on end user systems.
  • ChromeLoader malware is installed as a Chrome extension from false websites advertising free movie and music downloads.
  • Advanced advises all users be cautious of files downloaded from the web. If you would like to implement website filtering in your environment to reduce the threat of malicious files, reach out to Advanced for flexible options.
  • Additional information on ChromeLoader can be seen here.
FTC Safeguards Compliance Amendment Goes Live
  • The FTC’s Standards for Safeguarding Customer Information (Safeguards, for short) went into action in 2003.
  • The guidelines provide a list of protocols for financial institutions to follow to maintain the safety of customer data.
  • Effective June 9th, the amendment expands the definition of a financial institution to include various types of businesses, including auto dealerships, real estate appraisers, and more.
  • Full details on compliance, and how your company can achieve it, can be seen here.
Verizon’s Data Breach Investigation Report
  • Verizon has published their 2023 Data Breach Investigation Report (DBIR) detailing the modern threat landscape in Cybersecurity.
  • 83% of breaches are initiated by external attackers looking for quick financial gain.
  • 84% of breaches target humans as the attack vector, using social engineering and BEC strategies.
  • One out of every five breaches, 19%, originate from the inside.
  • System intrusion, basic web application attacks and social engineering are among the leading attack strategies.
  • The median cost to victims per ransomware incident more than doubled over the past two years to $26,000
  • 24% of breaches this year involved ransomware, continuing its long-term upward trend as a primary attack strategy.
  • 74% of financial and insurance industry breaches involved compromised personal data — leading all industries by a wide margin.
  • The full report can be seen here.
Microsoft’s Distributed Denial Of Service Attack
  • Microsoft has published a report detailing a Distributed Denial Of Service (DDoS) attack on the company’s services on June 6th.
  • DDoS attacks are performed by sending large amounts of traffic to public facing servers to overwhelm available resources. The primary goal of a DDoS will be to bring services down, rather than compromise or steal data.
  • The threat actors, who Microsoft classify as “Storm-1359”, caused widespread service issues to various Office 365 applications.
  • Microsoft has mitigated these efforts, and has implemented additional DDoS controls to thwart future attacks. Additional details can be seen here.
First Hospital Closes Due to Ransomware
  • St. Margaret’s Health in Illinois fell victim to a ransomware attack in February 2021, forcing them to shut down IT infrastructure at Spring Valley hospital.
  • The payment system was taken offline for months causing billing delays and a significant economic impact on the organization.
  • On June 16th the organization shut down its Spring Valley and Peru facilities due to a number of factors, including the cyberattack, the COVID-19 pandemic, and staffing shortages. The closure of the hospital is expected to have a dramatic impact on residents and marks the first time a hospital has officially cited a cyberattack as a reason for the ceasing its operations.
  • Details on the closure can be seen here.

Recent Posts

Security Digest (June 2024)

July 2024 Patch Tuesday – 6/11 Deep Dive: CVSS Breakdown On Critical Vulnerability Vendor Patch Advisories Apple Updates TeamViewer Compromise Snowflake Breach Snowballs As always, Advanced

Read More »

Security Digest (May 2024)

May 2024 Patch Tuesday – 5/14 Threat Grading Overview Vendor Patch Advisories Threat Breakdown: The Return of Revenge Remote Access Trojan Looking Back: WannaCry –

Read More »

Cybersecurity Triad

New cyber threats are emerging every day, keeping us on our toes. Let’s talk about some of these threats, including credential stuffing, password spraying, and

Read More »

Security Digest (April 2024)

April 2024 Patch Tuesday – 4/9 Threat Grading Overview Deep Dive: CVE-2024-26234 and Digital Signatures – Who Can We Trust? Vendor Patch Advisories Emerging Threat:

Read More »

Categories