Stay up to date with the latest cyber-attacks, data breaches and cyber news from around the world in Celerity's weekly cyber-security round up.
Microsoft issued a security update reminder to patch a critical Code Execution vulnerability, CVE-2019-0708 that affects some older versions of Windows. They previously warned that the vulnerability is ‘wormable’ and that future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. Microsoft is confident that an exploit exists for this vulnerability, and if recent reports are accurate, nearly one million computers connected directly to the internet are still vulnerable to CVE-2019-0708.
The recent Healthcare Cyber Heist in 2019 report by Carbon Black found that 83% of healthcare organisations surveyed saw an increase in cyber-attacks. Furthermore, 66% said that cyber-attacks had grown more sophisticated. The report also found that CISO’s top security concerns are related to compliance (33%), budget & resource restrictions (22%), loss of patient data (16%), vulnerable devices (16%) & inability to access patient data (13%).
Hackers have targeted hospitals for years hoping that they will pay ransoms for encrypted data given that lives could be on the line. However, it is now the case that hospitals are being targeted to obtain doctors’ identities which are being sold on the dark web for $500. With a doctor’s details cyber criminals can forge prescriptions for highly sought after drugs such as opioids or submit fraudulent insurance documents for surgeries that never went ahead.
Security Panel - Episode 4 - Incident Response
In this episode we are joined by Andy Yeates, Senior Engineer at IBM Resilient, who will be discussing the incident response area of cyber security. Andy will discuss the importance of a strong incident response plan and how processes can be the difference when reducing response times.
We will be back next week with another round up of cyber-security news.
Remember: cyber-attacks are a matter of 'when' not 'if' - be prepared!