NIST framework 2.0, Optum linked to BlackCat | #ransomware | #cybercrime

NIST releases cybersecurity framework 2.0

A decade in the making, The National Institute of Standards and Technology (NIST) has released their updated framework for the first time since 2014. The agency says the framework now aims to help all organizations—not just those in critical infrastructure—manage and reduce risk. There is a large emphasis on the guidance helping all organizations meet their cybersecurity goals with additional resources. For those familiar with the original five core functions of the framework—identify, protect, detect, respond, and recover—you will notice the new addition of ‘govern’ to the group, with the purpose of broadening a security framework throughout the entire organization.

(The Register), (NIST)

Optum attack linked to BlackCat ransomware

First, it was MGM Resorts, and now Reuters reports the BlackCat ransomware group is behind the attack impacting the healthcare IT platform, Change Healthcare. Change Healthcare’s platform is widely used within healthcare systems nationwide for processing payments, care coordination, and data analytics, which has severely impacted day-to-day operations since the attack last week. Since the breach, Change Healthcare has provided daily status updates, but the messages have not provided any more details beyond their ongoing efforts to resolve the problem.

(Bleeping Computer), (Change Healthcare)

ScreenConnect exploitations continue

It’s turning into a bit of a feeding frenzy as two new ransomware gangs join the widespread attack on ScreenConnect vulnerabilities. According to Bleeping Computer, the Black Basta and Bloody ransomware gangs have taken advantage of this critical flaw (CVE-2024-1709) by creating admin accounts on Internet-exposed servers, deleting all other users, and taking over any vulnerable instances. CISA added the vulnerability to its catalog last week, ordering U.S. federal agencies to secure their servers by this Thursday.

(Bleeping Computer)

Russian military hackers leverage Ubiquiti EdgeRouters 

In a joint advisory, the FBI, NSA, U.S. Cyber Command, and international partners have warned that Russian military hackers are evading detection by exploiting compromised Ubiquiti EdgeRouters. According to the release, these widely used routers are being utilized globally to harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages. The advisory from the FBI and its partner agencies notes that since the EdgeRouters do not automatically update their firmware unless configured to do so, it is up to the user to perform a hardware factory reset to get rid of the malicious files.

(Bleeping Computer), (IC3)

Huge thanks to our sponsor, Egress

People are the biggest risk to your organizations’ security and they are most vulnerable when using email.

With more advanced threats getting through secure email gateway detection every day, Egress provides AI-powered email security that eliminates both inbound phishing attacks and outbound data breaches. What’s more, Egress’ adaptive security architecture personalizes security for each user based on their real-time risk score. 

Visit to learn more about Egress’ Intelligent Cloud Email Security suite and start detecting email threats your secure email gateway is missing today.

OpenAI vs. the New York Times

The New York Times copyright lawsuit against OpenAI is up for contention as the artificial-intelligence company says the newspaper “hacked” ChatGPT to create misleading evidence. According to Reuters, The Times first sued OpenAI in December, accusing them of using millions of articles and near-verbatim excerpts without the newspaper’s permission. In OpenAI’s recent filing, they claim the Times paid someone to hack OpenAI’s products which caused the chatbot to reproduce copyrighted work using deceptive prompts. To further point fingers, a representative from the Times responded by saying this so-called hacking is actually the organization looking for evidence. 


FTC warns AI regulation is coming 

During a speech on Tuesday, Lina Khan, the chair of the Federal Trade Commission, emphasized that there are no exemptions for artificial intelligence under current laws. Khan outlined the agency’s regulatory direction, highlighting ongoing efforts to establish guidelines for governing the development, utilization, and oversight of AI technology. Notably, she specified that certain personal data, such as health and geolocation information, will be restricted from model training. The FTC has already initiated enforcement actions against companies accused of mishandling consumer data. 

(The Record)

Five million WordPress sites left vulnerable 

A vulnerability found in the LiteSpeed Cache plugin for WordPress has put five million sites at risk. The vulnerability (CVE-2023-40000) could potentially allow unauthorized access to sensitive information or privilege escalations on affected sites. WordPress says the vulnerability is the result of a lack of user input sanitization and escaping output. Users are advised to update to the latest plugin version. 

(The Hacker News)

German consumer center shut down by ransomware

The Hessen Consumer Center, a non-profit organization based in Hessen, Germany, was hit by a ransomware attack that caused their IT systems to shut down. The non-profit provides advice on a variety of topics to residents, including consumer law, finances, and insurance. While the attack primarily impacted the organization’s phone and email systems, there is concern the breach could have exposed the data of those that have used the organization’s services. At the time of this article’s publishing, no major ransomware gangs had claimed responsibility for the attack.

(Bleeping Computer)

Source link


National Cyber Security