Last week cyber news
Two weeks ago, it was announced that the medical services provider Synnovis suffered a ransomware attack that affected several hospitals in London. The Qilin Strike Group claimed responsibility for the attack. After that, the Ministry of Health in the United Kingdom published a statement according to which the systems that hospitals use to detect the patient’s blood type are not functioning properly, this causes delays in providing urgent blood doses and puts patients at risk. The Ministry of Health in Great Britain is now reporting that in the first week of the ransomware attack, hospitals in the country had to cancel 800 surgeries and 700 appointments.
Israel’s National Cyber Directorate recently detected an active phishing campaign in Israeli cyberspace. The campaign was operating widely across all sectors of the economy. The National Cyber Directorate associates this campaign with the Iranian attack group MuddyWater, based on familiarity with its infrastructure and typical operating methods (TTPs).
Do you use travel apps like Booking and others? They collect more information about you than you think. Research by the CyberNews website shows that the various travel apps have high permissions for your phones, even though they don’t declare this in the app stores, so, for example, some of the apps have access to your text messages, camera, microphone, files and more, some can even make calls on your behalf. Although the app developers must declare in the app store the permissions they use, some declare only partial information when in practice, once the apps are installed, they use higher permissions than those declared.
Microsoft’s monthly security update
This week, Microsoft released about 51 security updates for vulnerabilities in supported software, and another 7 software updates for the Edge browser based on the Chromium project. The details of one vulnerability have been made public. One vulnerability is classified as critical. 18 vulnerabilities could be exploited by a remote code execution (RCE) attacker. It is highly recommended to test the updates in a test environment and install them as soon as possible.
