At a glance.
- Canadian university hit by COVID-19 ransomware operation.
- Social networking app True leaves user data exposed.
- Millions of medical records left unattended.
Canadian university hit by COVID-19 ransomware operation.
Threat actors attempted to infect the University of British Columbia (UBC) with ransomware by disseminating a fraudulent COVID-19 survey, reports Malwarebytes Lab. An email containing a fake questionnaire would usually signal a phishing attack, but this operation instead uses the survey as a means of delivering malware. The email directs the victim to a “mandatory” survey document saved on Box or DropBox. When opened, the document downloads a template containing a malicious macro that unleashes the ransomware. Once encryption is complete, a ransom message requesting eighty dollars appears on the victim’s desktop. There’s no indication that the threat actor is connected with any of the major cybercrime groups, and it’s unclear if UBC was the only target, but the school has stated that the email was sent to no more than one hundred employees.
Social networking app True leaves user data exposed.
True, a social networking app that promises users heightened privacy measures, states on their website that they “believe your privacy matters,” but, as TechCrunch reports, a recent security blunder indicates otherwise. Cybersecurity firm SpiderSilk’s Chief Security Officer Mossab Hussein discovered an unsecured True daily server log dashboard that appears to have been exposed since at least September. The dashboard contained unencrypted user data including contact information, private user-to-user communications, and geolocations. By creating a fake test profile, TechCrunch confirmed that the data on the dashboard was active, and Hussein proved a hacker could use it to access account login tokens to hack into the test account. True has confirmed the dashboard was unprotected and has taken it down, but did not confirm any plans to inform users or authorities.
Millions of medical records left unattended.
It’s currently National Cybersecurity Awareness Month, and in the midst of a global pandemic, this year’s focus is on protecting medical data. Unfortunately, healthcare breaches have been prevalent, and a recent exposure could impact 3.5 million US patients, reports SecurityWeek. Global vice president at security software firm New Net Technologies Dirk Schrader discovered unsecured medical records on a picture archiving and communication system (PACS) that was easily located using public search engine Shodan. The records, which included medical images like MRIs and x-rays, associated patient metadata like name, date of birth, medical concerns, and sometimes even social security numbers, could easily be obtained by any internet user without technical hacking skills. A threat actor could use the sensitive info for extortion or identity theft, or even weaponize the PACS with malware. It’s unclear whether the data have yet been misused, but as Schrader says, “It’s like these systems have been connected to the internet and just forgotten."