Security News for the Week Ending December 31, 2021

W. Va. Hospital Breach Timeline – Way Too Long

The Monongalia Health System was attacked recently and hackers had access to several email accounts, apparently belonging to contractors from May 10 to August 15 or about three months. It took them another 60 days to investigate. They are just not telling us about the breach – more than 7 months after it started. They only figured out that they were hacked because a vendor said that they were not paid (a standard business email compromise attack). They will, no doubt, get whacked by the feds, but this is a lesson to everyone that your vendors are your risk too. Credit: ZDNet

Java Code Repo Riddled with Hidden Log4j Bugs

Remember that you should assume that any code that you download from the net is full of bugs and security holes. If you assume that, and you are lucky, then that is good, if you assume the reverse and you are not lucky, well, not so good. Threatpost is reporting that there are 17,000 unpatched Log4j packages in the Maven Central ecosystem. Many of those will never be patched. CAVEAT EMPTOR

Fallout from Kronos Ransomware Attack – Some Employees Not Receiving Full Pay

Kronos, the international HR firm suffered a ransomware attack several weeks ago. Some employees at appliance maker Electrolux are saying that they are still not receiving their full wages or in some cases, not getting paid at all. In most states the law is pretty specific about paying employees, so if you don’t want to be on the wrong end of an investigation, create a disaster recovery plan. Credit Cyber News

North Korean Hackers Stole $1.7 Billion as an Investment

North Korea considers cryptocurrency a long term investment. As a result, when they steal billions in crypto, instead of selling it, they save it. Maybe that is not a bad strategy. Bitcoin, for example, was worth $313 in 2015, $997 in 2017, $3869 in 2019 and $46,847 right now. So if you stole 1 coin in 2015, your “investment returned 150x today; that is, your $313 crime is worth $46,847. Maybe the North Koreans are onto something. Credit: Dailycoin

Oops, The Dog Ate 77 TB of Our Backups

Well, not exactly, but something ate the backups. Kyoto University in Japan lost 77 terabytes of data when a backup process went wild on their HP supercomputer. The event happened in mid-December when 34 million files were wiped from the system and the backups. The University determined that some of the data cannot be restored. The University has not said how this happened or what the impact of this failed backup process is. Credit: Bleeping Computer

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code