Top Cyber News January 2022 – Week 1

Published by Abelaash Kumar at January 6, 2022

Newly Discovered Lapsus$ Ransomware Targets Several Organizations in a Month

During the New Year’s holiday, Impresa, Portugal’s largest media conglomerate, was infected with the new Lapsus$ ransomware.

Cybernews: Portugal's largest media conglomerate, was infected with the new Lapsus$ ransomware. — Newly Discovered Lapsus$ Ransomware

The gang claimed responsibility for the attack by defacing all Impresa websites with a ransom note. Aside from a ransom demand, the message claimed that the group had gained access to the company’s online IT server infrastructure, including all SIC and Expresso websites and channels.

The attack, however, had no effect on radio or cable television broadcasts.

While the company has reclaimed control of many of its impacted sites, the gang claims to still have access to company resources.

Saltzer Health Informs Patients of Personal Information Exposure

Saltzer Health, which is owned by Intermountain Healthcare, is informing patients that their personal information may have been compromised after an unauthorised party gained access to an employee email account.

Cybernews: Saltzer Health, which is owned by Intermountain Healthcare, is informing patients that their personal information may have been compromised after an unauthorised party gained access to an employee email account. — Saltzer Health

The attackers had access to the employee email account between May 25 and June 1, 2021, according to the organisation.

According to the company, an investigation into the incident revealed that the email account did contain personal information that was potentially compromised during the period of unauthorised access.

Names and contact information, driver’s licence numbers and state identification numbers, and, in some cases, Social Security numbers and financial account details are all potentially affected information.

Unauthorised access to medical information includes diagnosis, medical history, treatment details, prescription medication information, and physician information, as well as health insurance information.

Log4j flaw attack levels remain high, Microsoft warns

After observing state-sponsored and cyber-criminal attackers probing systems for the Log4j ‘Log4Shell’ flaw in December, Microsoft has warned Windows and Azure customers to remain vigilant.

Cybernews: 'Log4Shell' flaw in December, Microsoft has warned Windows and Azure customers to remain vigilant. — Log4j flaw attack levels remain high

Because of the widespread use of the error-logging software component in applications and services, the Apache Software Foundation announced on December 9 that it will take years to remediate Log4Shell.

Microsoft warns customers that they may be unaware of the extent of the Log4j problem in their environment.

Read the latest cybersecurity trends