Ransomware attacks repeatedly pose risks to the confidentiality and availability of healthcare records. Lately, an Italian website for COVID vaccination enrollment was crippled by a cybercriminal group. In other news, a VC firm from Silicon Valley suffered an investor data breach due to a ransomware attack. Meanwhile, a set of newly discovered vulnerabilities in OT devices could prove to be a nightmare for industrial systems. Without much ado, let’s dive in for top cybersecurity highlights for the day.
- An alleged ransomware group attacked the vaccination registration system in Italy’s Lazio region, preventing residents from booking new vaccination appointments for days.
- Silicon Valley-based Advanced Technology Ventures exposed financial information affecting the company’s private investors or limited partners in a ransomware incident.
- The NSA and CISA provided hardening guidance In a new technical report describing security challenges in setting up and securing a Kubernetes cluster.
- Forescout reported 14 critical vulnerabilities in the NicheStack TCP/IP stack used in millions of OT devices manufactured by more than 200 vendors.
- A ransomware attack hit six British schools and their umbrella organization Isle of Wight of Education Federation, knocking their websites offline. It is expected to delay the new term scheduled in September.
- The APT31 group was spotted targeting Russian firms for the first time. Experts claim it has been working on new methods of hacking and infecting gadgets since the beginning of 2021.
- The Human Factor 2021 report by Proofpoint noted a spike in Captcha scams in 2020 with 50% more clicks during 2020 as compared to the previous year.
- SentinelOne discovered DoS vulnerabilities in Cobalt Strike—a legitimate penetration testing tool, which is often misused by blackhat hackers—that can hamper beacon C2 communication channels and new payloads.
- According to Atlas VPN, the U.S. was a target of 35% of all DDoS attack attempts in June 2021, followed by the U.K at 29%.
- Connected device security provider Finite State raised $30 million in Series B funding led by Energize Ventures, with participation from Schneider Electric Ventures and Merlin Ventures.