The Week In Review 14/12 – 18/12
Insider risk has become increasingly prominent since the pandemic began, largely due to the rise in remote working. A study by the Ponemon Institute has found that both business and security leaders are allowing significant insider risk problems to fester with 54% saying they have no plan in place to address the issue. As many as 18,000 customers have been affected in the Solar Winds Orion Hack with the company confirming roughly 10% of their 330,000 customers use the Orion platform. The hack resulted in the U.S. Government instructing firms to turn off Orion leaving the question are they ever likely to return to using the platform. Numerous enterprise organisations have been targeted in a coordinated phishing hack with the aim of stealing their Microsoft O365 credentials. The campaign, designed to bypass traditional threat intelligence solutions, impersonates companies such as eFax telling users to click on URLs to view their attachments.
Continuing with the assault on the healthcare sector, GE Healthcare became the latest global name to have critical vulnerabilities highlighted in some of their IoT devices, primarily used for radiological and imaging purposes in their hospitals. The flaw occurs in the online maintenance of the devices, with hackers having the ability to access the devices from just being on the same network using default credentials that can be found on online forums or in publicly available manuals. Make sure your Mac is updated… Zero Day Initiative have published how attackers can gain local privilege escalation in macOS. They highlight ways in which attackers could escalate privileges and execute arbitrary code in the context of the kernel.
To ensure the correct controls and policies are in place within your organisation and mitigate insider risk Dionach’s consultancy services are the first steps in creating a robust and response cyber security strategy.
Read about all of this and more below:
Dealing with the Solar Winds compromise
(ncsc.gov.uk)
Employees 85% more likely to leak data the pre COVID-19
(securitymagazine.com)
GE Healthcare imaging devices exposed to hacking
(csoonline.com)
18k customers could be affected by Solar Winds hack
(krebsonsecurity.com)
Ransomware attacks leverage SystemBC backdoor
(threapost.com)
Apple MacOS write privilege vunerabilities
(zerodayinitiative.com)
Microsoft O365 credentials under threat from phishing attack
(threatpost.com