Pulse Secure yesterday issued patches to close vulnerabilities in its widely used VPN that have been undergoing active exploitation by an Advanced Persistent Threat Group. CISA, the US Cybersecurity and Infrastructure Security Agency, has warned that the VPN has been under attack since at least June of last year, and it urges "organizations using Ivanti Pulse Connect Secure appliances to immediately run the Pulse Secure Connect Integrity Tool, update to the latest software version, and investigate for malicious activity." FireEye believes some of the exploitation may be connected with the Chinese government.
Scripps Health, which operates hospitals and outpatient clinics in Southern California, is recovering from an "information technology security incident" that began affecting its systems Saturday. Scripps says it's suspended user access to IT systems and reverted to backups, but that it continues to deliver care "safely and effectively."
A report from ThreatFabric assessed 2020 as a banner year for Android banking Trojans. Increased usage coincided with a rise in the sophistication of the criminal-to-criminal market that did much to commoditize this form of cybercrime. The Record notes that cryptocurrency apps received a particularly high share of criminal attention last year.
The Cyber Threat Alliance has updated its assessment of the cyber threat to this summer's Olympic Games in Tokyo. They expect the ransomware activity burgeoning worldwide to present some degree of threat, and they expect that Russian, Chinese, and North Korean actors will take advantage of such opportunities as the Games may present for espionage and influence operations.