3.9 min to readNews and UpdatesDigital WorkplaceCloud Services

Cyber security update, May

Ravi Bindra
Ravi BindraCISO
A blurry image of a city at night.

SoftwareOne believes there is a need for additional information when it comes to cyber security, as organisations have made it clear that investment in a proper security strategy is paramount. SoftwareOne’s monthly “Cyber Security Update” provides information on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Latest security breaches

A ransomware attack affecting molecular diagnostics company Enzo Biochem led to the exposure of clinical test information and Social Security numbers of almost 2.5 million individuals. Despite reporting that it immediately disconnected its systems from the internet, notified law enforcement and engaged a cybersecurity organisation’s help, the company still suffered a significant data leak.

An investigation by cybersecurity researcher Jeremiah Fowler found that more than 360 million records of user data were leaked in a breach experienced by the free VPN provider SuperVPN. The data included personal information such as IP addresses, email addresses, information on visited websites and more.

A misconfigured cloud environment led to the leaking of additional customer data from Japanese automaker Toyota, which has now reported a total of 260,000 leaked records since 2015. In this case, Toyota explains in a publicly released statement that the leak “was caused by insufficient dissemination and enforcement of data handling rules.”

Cyber security awareness

Japanese pharmaceutical company Eisai says it “immediately” created a company-wide taskforce following a cyber attack in early June. It is currently investigating whether any data was leaked and is working to respond with law enforcement officials and external experts, Eisai reports.

Two lawsuits surrounding the 2022 data breach targeting Mercer University seem to suggest that leaders at the institution failed to prevent the cyber attack when they could have and then waited roughly three months before notifying any affected individuals. One of the lawsuits also claims that the breach led to the fraudulent use of credit cards.

Russian cyber crime gang ClOp has delivered an ultimatum to a number of companies targeted in the recent MOVEit zero-day attack, giving them a deadline of June 14th. The hack resulted in payroll data from 100,000 members of staff at the BBC, Boots and British Airways being leaked. ClOp is threatening to publish this data if the companies fail to email the gang by its deadline.

Cyber security intelligence

A joint cyber security advisory issued on May 9th 2023 warns of Russia’s Federal Security Service (FSB) “Snake” malware. The advisory describes Snake as “the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service”. The Snake tool has been identified in over 50 countries across North America, South America, Europe, Africa, Asia and Australia. It is used to collect sensitive data from high-priority targets, such as international relations documents and diplomatic communications.

Another joint cyber security advisory by the FBI and CISA details the exploitation of a Common Vulnerability and Exposure (CVE) called CVE-2023-27350, which occurs in some versions of PaperCut NG and PaperCut MF print management systems. It allows unauthenticated actors to remotely execute malicious code without any credentials.

Hot Topic of the month: Movelt

After the leak of 100,000 individuals’ data in the MoveIt attack on the BBC, British Airways and Boots, the BBC is offering advice on the actions that organisations affected by data breaches can take.

blue digital waves

Digital Workplace Security

SoftwareOne Digital Workplace Security Services add security without contributing to your staffing overhead. We operate a dedicated security operations center (SOC) that tracks data vulnerabilities globally to prevent losses due to break-ins or employee errors.

Digital Workplace Security

SoftwareOne Digital Workplace Security Services add security without contributing to your staffing overhead. We operate a dedicated security operations center (SOC) that tracks data vulnerabilities globally to prevent losses due to break-ins or employee errors.

Author

Ravi Bindra

Ravi Bindra
CISO

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.