Box storage platform suffers outage
On Friday, the cloud storage provider suffered a critical outage that affected all its services including logins, uploads, downloads, and API calls. Users were greeted with a 503 HTTP error. The outage started at approximately 9:00 a.m. EST and was fixed by 1:30 p.m. the same day. Box has not yet announced the cause of the outage. This is a developing story.
MongoDB suffers breach
The database company stated it first noticed unusual activity on Wednesday, and that the unauthorized access to “certain corporate systems,” has resulted in customer account metadata and contact information being exposed. Representatives emphasize that the company is “not aware of any exposure to the data that customers store in MongoDB Atlas.” This, too, is a developing story.
States lag in tackling political deepfakes
According to the National Conference of State Legislatures, only three states, Minnesota, Michigan, and Washington enacted laws this year in an attempt to tackle the issue of deepfakes, specifically in advance of the 2024 election year. Another seven states introduced bills designed to tackle the issue, but those stalled or failed due to issues such as First Amendment rights, vague disclosure requirements, a lack of understanding of the technology among lawmakers, and anticipated difficulties in enforcement.
(NBC News)
Inquiry finds pharmacies share medical data with police without a warrant
According to a Congressional investigation spearheaded by Senator Ron Wyden and Representatives Pramila Jayapal and Sara Jacobs, the largest pharmacy chains in the US, including CVS Health, Kroger, and Rite Aid, “have hand ed over Americans’ prescription records to police and government investigators without a warrant. Although HIPAA regulates the use and exchange of health information in hospitals and doctor’s offices, the law gives pharmacies leeway. The Washington Post reports that “Because the chains often share records across all locations, a pharmacy in one state can access a person’s medical history from states with more-restrictive laws.”
(MSN.com)
Huge thanks to this week’s episode sponsor, Barricade Cyber Solutions
Another library shuts down due to cyberattack
The latest in a string of library shutdown stories, the Public Library of London, Ontario a Canadian city of 422,000 was forced to shut down its branches due to a “major systems outage.” This comes on the heels of ransomware attacks on two of the biggest libraries in the world, the Toronto Public Library, and the British Library. Brett Callow, ransomware expert at Emsisoft, clarifies that “while libraries may not seem like lucrative targets, they often carry the kind of cyber insurance that will pay out ransomware hackers in the event of a devastating incident.”
Seattle cancer center held for ransom
According to The Record, “On Friday morning, the Hunters International ransomware group listed the Fred Hutchinson Cancer Center on its leak site, claiming to have stolen 533 GB of data.” Known as Fred Hutch, the center is a nonprofit and the with eight clinical care centers in the state. It originally issued a statement about the attack on December 1. Reports said the group was extorting individual patients as well, sending threatening emails and offering to remove their sensitive data for $50.
Mirai-based botnet targets QNAP video recorder devices
This new Mirai-based DDoS botnet is called InfectedSlurs, and actively exploits two zero-day vulnerabilities. Researchers at Akamai discovered the botnet in October, and they believe it has been active since at least 2022. According to Security Affairs, the InfectedSlurs botnet is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-47565 (CVSS score 8.0), in QNAP VioStor NVR (Network Video Recorder) devices. The vulnerability affects VioStor NVR Versions 5.0.0 and earlier w which QNAP states are as discontinued for support; however, the vendor recommends upgrading VioStor firmware on existing devices to the latest available version.
Last week in ransomware
Last week saw ongoing PR problems for ALPHV/BlackCat whose own systems went down for almost five days. According to Bleeping Computer, while explaining away the outage as hardware or hosting issues, many of the gang’s affiliates did not buy their story and started to contact victims directly. Last week also saw the arrest of the banker/money launderer for the HIVE gang. KraftHeinz is investigating claims of an attack by the Snatch group, Tipalti, the accounting software behind Roblox, Twitch, and Twitter/X is investigating ransomware claims, Navy contractor Austal USA confirms a cyberattack, and Sony is investigating claims that Rhysida breached Insomniac Games.