Hi friends,

I hope you're all doing great. I have a few days off myself, I'm due to start at a new job next week so it's good to have a bit of space in between. I'm very excited to start though, and I'll tell you more about it once I get going there :-)

In the mean time I hope you get value out of this week's issue, and see you all next week! Have a good one!

Dieter Van der Stock

Quick links

  • MITRE says state hackers breached its network via Ivanti zero-days: link.
  • US imposes visa bans on 13 spyware makers and their families: link.
  • Researchers sinkhole PlugX malware server with 2.5 million unique IPs: link.
  • Majority of businesses worldwide are implementing zero trust, Gartner finds: link.

Breaches and leaks

  • "Substantial proportion" of Americans may have had health and personal data stolen in Change Healthcare breach: link.
  • UnitedHealth confirms it paid ransomware gang to stop data leak: link.
  • LA County Health Services: Patients' data exposed in phishing attack: link.
  • Kaiser Permanente healthcare provider: Data breach may impact 13.4 million patients: link.
  • Plasma donation company Octapharma slowly reopening as BlackSuit gang claims attack: link.
  • Russian Sandworm hackers targeted 20 critical orgs in Ukraine: link.
  • Belarusian hackers claim to breach fertilizer plant in retaliation for support of Lukashenko regime: link.
  • DPRK hacking groups breach South Korean defense contractors: link.
  • Synlab Italia suspends operations following ransomware attack: link.
  • Anti-Trump PAC Lincoln Project scammed for $35,000 after vendor email hack: link.
  • Sweden's liquor shelves to run empty this week due to ransomware attack: link.
  • HelloKitty ransomware rebrands, releases CD Projekt and Cisco data: link.
  • Ring customers get $5.6 million in privacy breach settlement: link.

Issues and fixes

  • Over 1,400 CrushFTP servers vulnerable to actively exploited bug: link.
  • Maximum severity Flowmon bug has a public exploit, patch now: link.
  • Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks: link.
  • Microsoft releases Exchange hotfixes for security update issues: link.
  • Older Windows Print Spooler flaw resurfaces, dubbed GooseEgg: link.
  • WP Automatic WordPress plugin hit by millions of SQL injection attacks: link.