Cyber Threat Report: Cyber Security News for 11/16/23

82% of Attacks Show Cyber-Criminals Targeting Telemetry Data
Cyber-criminals have disabled or wiped out logs in 82% of incidents. The findings come from the latest report from Sophos, which dissected the intricacies of these attacks, shedding light on the speed with which ransomware assaults are now executed, often within hours. Read More

NY Governor Wants New Cybersecurity Rules For Hospitals After Multiple Attacks
Gov. Kathy Hochul wants to force hospitals to establish cybersecurity programs, assess cybersecurity risks, use defensive techniques and infrastructure, and implement protection measures for information systems. Hospitals would have to create a chief information security officer role if they do not have one already. Read More

Meet the Unique New "Hacking" Group: AlphaLock
A “pen testing training organization” that trains hackers and then monetizes their services through a dedicated affiliate program. Read More

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments 
Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Read More

Denmark Hit With Largest Cyberattack on Record
Hackers potentially linked to the Russian GRU carried out a series of highly coordinated cyberattacks targeting Danish critical infrastructure in the nation's largest cyber incident on record. Read More

LockBit Ransomware Leaks Gigabytes of Boeing Data
LockBit leaked over 43GB of files from Boeing after the company refused to pay a ransom. Read More

Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
Atlassian has since disclosed a second flaw known as CVE-2023-22518 (CVSS score: 10.0) that an attacker can also use to set up a rogue administrator account, resulting in a complete loss of confidentiality, integrity, and availability. Read More

Dolly.com Pays Ransom, Attackers Release Data Anyway
On-demand moving and delivery platform Dolly.com allegedly paid a ransom but crooks found an excuse not to hold their end of the bargain. Read More

US Government Unveils First AI Roadmap For Cybersecurity
The roadmap comprises five strategic lines of effort aimed at steering concrete initiatives and articulating CISA’s responsible approach to AI in cybersecurity. Read More

Organizations Should Prepare For The Inevitability Of Cyberattacks On Their Infrastructure
61% of organizations confirmed they had been breached at least once over the last 12 months, with 31% experiencing multiple breaches during the same period. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

Sophos' recent analysis underscores the rising velocity of ransomware assaults, with 82% of cyber incidents involving attackers swiftly erasing or disabling logs. Based on a study of over 232 incidents from the start of 2022 to the middle of this year, there is an essential need for prompt threat responses to minimize potential harm. Despite little variation in tactics between rapid and slower ransomware attacks, maintaining robust protections, comprehensive telemetry, and extensive monitoring is a critical defense strategy against evolving threats.

New York Governor, Kathy Hochul, has proposed new cybersecurity rules for hospitals in response to recent cyberattacks that disrupted healthcare operations. The rules require hospitals to establish cybersecurity programs, assess risks, implement defensive techniques, and appoint a chief information security officer if not already in place. Incident response plans and notifications to government bodies in case of an attack are also mandated. Hochul's budget includes $500 million for hospitals to upgrade technology systems, aligning with the proposed regulations, and the rules will be subject to public feedback before potential approval and implementation one year later.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.