Blog

Latest Cyberthreats and Advisories - August 26, 2022

Aug 26, 2022

8.26 Threats IT fiascos in healthcare, a dramatic rise in cyberattacks and an FBI warning highlight this week’s cybersecurity news. Here are the latest cybersecurity threats and advisories for the week of August 26, 2022.

Threat Advisories and Alerts

Credential Stuffing Attacks Target Legitimate Online Customer Accounts

The FBI warns that cybercriminals are using proxies and configurations to mask credential stuffing attacks on US businesses. Credential stuffing attacks occur when stolen username and password combos are used to take over legitimate accounts. The attacks can cause victims financial loss, reputation damage and downtime. To mitigate attacks, the full IC3 report advises businesses to implement multi-factor authentication, fingerprinting and other security measures.

Source: https://www.ic3.gov/Media/News/2022/220818.pdf

Google Chrome Releases Security Update for Actively Exploited Vulnerability

Google Chrome updates for Mac, Windows and Linux have been released to address multiple vulnerabilities. Reports have been issued that a high-severity Google Chrome vulnerability has been exploited in the wild. Users of the popular browser are advised to make the appropriate security updates immediately.

Source: https://www.csa.gov.sg/en/singcert/Alerts/al-2022-041

CISA Warns of Palo Alto Networks’ PAN-OS Security Flaw

A Palo Alto Networks PAN-OS security flaw has been added to CISA’s Known Exploited Vulnerabilities Catalog after evidence of its active exploitation. The critical vulnerability (CVE-2022-0028) could allow remote attackers to perform reflected and amplified TCP denial-of-service (DoS) attacks. Customers of the affected product are recommended to apply the appropriate security patches. FCEB agencies are required to update by September 12, 2022.

Source: https://thehackernews.com/2022/08/cisa-warns-of-active-exploitation-of.html

Emerging Threats and Research

Phishing Attacks That Use SaaS Platforms Skyrocket 1,100%

A new Palo Alto Networks Unit 42 report reveals a sharp increase in phishing attacks that abuse software-as-a service platforms, like website builders and form builders. From June 2021 to June 2022, attacks have increased 1,100%. These phishing attacks sometimes impersonate legitimate sites to steal login credentials. Email users should be cautious of messages that request urgent action or make bold claims. Avoid clicking on any links or buttons in these emails and instead use a search engine to look up the official website.

Source: https://www.bleepingcomputer.com/news/security/phishing-attacks-abusing-saas-platforms-see-a-massive-1-100-percent-growth/

French Hospital Faces a $10 Million Ransomware Attack

The Center Hospitalier Sud Francilien, which serves an area of 600,000 people and is located near Paris’s city center, was hit with a cyberattack on Sunday, August 21. The bad actors demanded a $10 million ransom in exchange for the decryption key to unlock medical imaging systems, information systems associated with patient admissions and other IT systems. While these vital technologies have been inaccessible the hospital has been referring patients to other medical centers.

Source: https://www.bleepingcomputer.com/news/security/french-hospital-hit-by-10m-ransomware-attack-sends-patients-elsewhere/

Healthcare Data of 1.3 million Patients Exposed Due to Facebook Ad Flop

Over 1.3 million patients may have had their sensitive data leaked because of a botched advertising campaign. The US healthcare provider Novant Health misconfigured a Meta pixel on their site. The pixel was meant to track the success of their Facebook advertisements for their patient portal, but unintendedly sent private information to Meta and its ad partners. The private data included email addresses, financial information and phone numbers.

Source: https://www.theregister.com/2022/08/22/novant_meta_data/

DDoS Attacks Surge 203% The First Half of 2022

A recent Radware report revealed that malicious DDoS attacks grew by 203% in the first half of 2022, compared to the same six month period in 2021. In fact, DDoS attacks are already 60% higher for 2022 than they were for the entire year of 2021. What’s the cause? The report seems to emphasize that Russia’s invasion of Ukraine has altered the threat landscape, shifting it from pandemic-driven cybercrime to patriotic hacktivism and cyber war.

Source: https://www.helpnetsecurity.com/2022/08/23/malicious-ddos-attacks-climbed/

To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.