{"id":23761,"date":"2022-06-08T08:36:18","date_gmt":"2022-06-08T12:36:18","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=487325"},"modified":"2022-06-09T11:14:16","modified_gmt":"2022-06-09T15:14:16","slug":"cyber-security-today-june-8-2022-a-huge-us-healthcare-provider-data-breach-a-warning-about-a-windows-flaw-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-june-8-2022-a-huge-us-healthcare-provider-data-breach-a-warning-about-a-windows-flaw-and-more\/","title":{"rendered":"Cyber Security Today, June 8, 2022 \u2013 A huge US healthcare provider data breach, a warning about a Windows flaw and more"},"content":{"rendered":"<p>A huge US healthcare provider data breach, a warning about a Windows flaw and more.<\/p>\n<p>Welcome to Cyber Security Today. It\u2019s Wednesday June 8th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23358026\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\"><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p>We\u2019ll start the news with reports of data breaches:<\/p>\n<p><strong>A New England medical imaging provider<\/strong> is notifying 2 million Americans that their personal data may be at risk after a data breach. Shields Health Care Group said a hacker was in its system for just over two weeks in March. Data copied may have included patients\u2019 names, dates of birth, social security numbers, home addresses, medical diagnosis and billing information. <a href=\"https:\/\/ocrportal.hhs.gov\/ocr\/breach\/breach_report.jsf\" rel=\"noopener\">It\u2019s one of the biggest healthcare-related cyber attacks in the U.S. this year.<\/a> Because many Americans have to pay for medical procedures with credit cards healthcare providers are prime targets for hackers. According to a report by Critical Insights, healthcare data on 45 million people in the U.S. was stolen last year, a record high.<\/p>\n<p><strong>Two American gun shops<\/strong> have admitted their websites were hacked, allowing attackers to skin off credit card data of purchasers.<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/online-gun-shops-in-the-us-hacked-to-steal-credit-cards\/\" rel=\"noopener\"> According to the Bleeping Computer news site<\/a>, one company found that data of over 46,000 customers had been stolen in just over eight months starting last June. The other company acknowledged that data on 45,000 customers had been scooped up from its website over two months earlier this year.<\/p>\n<p><strong>Security analysts<\/strong> at the SANS Institute <a href=\"https:\/\/www.sans.org\/blog\/follina-msdt-zero-day-q-a\/\" rel=\"noopener\">warn an unpatched vulnerability in Microsoft\u2019s Support Diagnostic Tool<\/a> is something Windows administrators need to act on. The flaw, called Follina, can be exploited through a malicious Word document. Microsoft has published advice on temporary mitigations which should be acted on because the flaw is being actively exploited. Johannes Ulrich, the SANS Institute\u2019s director of research, says the vulnerability should be at the top of things IT leaders should be worrying about. While many endpoint protection tools can detect and block an attack, consider the workaround of disabling the Support Diagnostic Tool on every endpoint.<\/p>\n<p><strong>Researchers at HP<\/strong><a href=\"https:\/\/threatresearch.ext.hp.com\/svcready-a-new-loader-reveals-itself\/\" rel=\"noopener\"> have discovered<\/a> a new piece of malware being spread by Microsoft Word documents in email attachments. If opened the document runs shellcode stored inside which then drops and runs the malware. That malware, dubbed SVCReady, collects information about the infected PC, which is sent back to the attacker. Employees should be warned about documents asking them to enable editing and enable content to read. Staff should check with an authority before going ahead with such instructions.<\/p>\n<p><strong>Finally<\/strong>, IBM is strengthening its security portfolio. <a href=\"https:\/\/newsroom.ibm.com\/2022-06-06-IBM-Tackles-Growing-Attack-Surface-Risks-with-Plans-to-Acquire-Randori\" rel=\"noopener\">It said this week<\/a> it will buy Randori, a Boston-based company whose software keeps track of externally-facing IT assets and prioritizes which ones post the greatest risk. No price for the deal was announced.<\/p>\n<p>Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That\u2019s where you\u2019ll also find other stories of mine.<\/p>\n<p>Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-june-8-2022-a-huge-us-healthcare-provider-data-breach-a-warning-about-a-windows-flaw-and-more\/487325\">Cyber Security Today, June 8, 2022 \u2013 A huge US healthcare provider data breach, a warning about a Windows flaw and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today&#8217;s episode reports on two data breaches, a warning about a\u00a0 serious unpatched Windows flaw and more<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-june-8-2022-a-huge-us-healthcare-provider-data-breach-a-warning-about-a-windows-flaw-and-more\/487325\">Cyber Security Today, June 8, 2022 \u2013 A huge US healthcare provider data breach, a warning about a Windows flaw and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"author":17,"featured_media":20701,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-23761","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23761","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=23761"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23761\/revisions"}],"predecessor-version":[{"id":23807,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23761\/revisions\/23807"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/20701"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=23761"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=23761"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=23761"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}