Cyber Threat Report for the Week of 7/20/21

U.S. Announces New 2nd Round Cybersecurity Requirements for Critical Pipeline Owners
The Department of Homeland Security on Tuesday required owners and operators of critical pipelines that transport hazardous liquids and natural gas to implement "urgently needed protections against cyber intrusions." Read Article

Fortinet's security appliances hit by remote code execution vulnerability
Cure worse than the disease for anyone with the 'fgfmsd' daemon activated. Read Article

US: Chinese Government Waged Microsoft Exchange Attacks
China's Ministry of State Security Also Accused of Carrying Out Ransomware Attacks. Read Article

The Android apps on your phone each have, on average, 39 security vulnerabilities
Over 60% of Android apps contain security vulnerabilities, with the average number of bugs per app totaling a whopping 39 vulnerabilities. Read Article

HP patches vulnerable driver lurking in millions of HP & Samsung printers for 16 years
Cyberattackers could exploit the bug to secure system-level privileges. Read Article

Don’t Wanna Pay Ransom Gangs? Test Your Backups
Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take. Read Article

Microsoft Patch Tuesday, July 2021 Edition
Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. At least four of the vulnerabilities addressed today are under active attack, according to Microsoft. Read Article

Sweeping report details how NSO Group spyware leverages iOS software for surveillance
These most recent discoveries indicate NSO Group’s customers are currently able to remotely compromise all recent iPhone models and versions of iOS. Read Article

Law firm for Ford, Boeing, Exxon, Marriott, Walgreens and more hacked in ransomware attack
The law firm said attackers may have accessed Social Security numbers, passport numbers, payment card information, medical information and biometric data. Read Article

U.S. Government Launches First One-Stop Ransomware Resource at StopRansomware.gov
New Website Provides Cybersecurity Resources from Across the Federal Government. Read Article

Actions taken this past week seem to indicate that our government along with other governments are finally at a point of saying enough is enough. The unexplained disappearance of the Russian-based REvil cyber gang, responsible for the worldwide Kasaeya attack, seems to indicate that they were either scared into vanishing or knocked offline by the US government and others. Will they reemerge in the future under the same name or a different one? Only time will tell.

Attacks of all types continue to increase, and this week Healthcare seems to have taken its lumps. HP finally got around to fixing a 16-year-old bug that left millions of HP & Samsung printers vulnerable, and a huge law firm with some of the largest corporations in the world as clients announced that it had suffered a successful ransomware attack and data exfiltration.

This is a good time to review your backup and recovery plans and to test your backups. Your plans are only good if they actually work and testing them is the only certain way of knowing they will work if you really need to use them.