No Rest in Cybersecurity [Weekly Cybersecurity Brief]

While many of us here in the U.S. took the recent holiday weekend to honor those who have selflessly served our country, relax and kickoff the beginning of the summer season, those in the global cybersecurity field were a bit busy. From an incident impacting the biotech industry to a Microsoft Office vulnerability threatening businesses, the end of May was marked by a series of newly discovered flaws. But first, we must mention one of the latest warnings to come out of the war in Ukraine.

As reported by Reuters, the German financial regulator BaFin recently doubled down on its concerns regarding the safety of the country’s financial sector in the wake of Russia’s ongoing invasion of Ukraine. Citing an uptick in cyberattacks, BaFin issued an alert that came with more urgency than previous ones they have put out and with a particular focus on IT infrastructure. According to the organization, there is unease over “distributed denial-of-service (DDoS)” attacks, which seek to overwhelm and freeze systems.

While that conflict continues to cause cybersecurity issues, a potential hacking risk has the biotech industry in response mode. BD announced that it plans to release software updates for two of its products after realizing that they presented possible privacy problems. The products include Synapsys, which is used by clinical diagnostic labs, and Pyxis, a system for medication management. The riskier one of the two is Pyxis. That system may still be functioning on default credentials. Andrea Park at Fierce Biotech explains that “If hackers track down the default login info and are able to breach a facility’s network, they could potentially gain access to the confidential health information and other sensitive data stored in the Pyxis platform’s underlying file system.” BD has reported this concern to the FDA and CISA and has stated that it is currently working on ways to prevent this in the future.

As that cybersecurity flaw was being addressed, another vulnerability was also being exposed. What’s known as “Follina,” is a Microsoft Office zero-day vulnerability that researchers are sounding the alarm for. Although Cybersecurity Dive points out that Microsoft has yet to introduce a patch, that isn’t stopping those examining the threat from telling businesses to keep an eye out for signs. Originally uncovered in April, the timeline of “Follina” is now growing, and it is believed that it stems from persistent threat (APT) actors that may have a connection to China. Essentially, a vulnerability in Microsoft is used to distribute Zip archives with malicious Word documents that if downloaded, or even previewed, could provide a hacker with access to install programs or tamper with accounts. Researchers are emphasizing that this campaign could have widespread impact. 

Key Takeaways:

“Germany issues fresh warning to banks of cyber attacks due to Ukraine war” – Tom Sims and Frank Siebelt, Reuters

https://www.reuters.com/technology/german-regulator-issues-fresh-warning-banks-cyber-attacks-2022-05-31/

  • The German financial regulator BaFin recently doubled down on its concerns regarding the safety of the country’s financial sector in the wake of Russia’s ongoing invasion of Ukraine.
  • Their new alert comes amid rising cyberattacks and focuses on the security of IT infrastructure.
  • According to the organization, there is unease over ‘distributed denial-of-service (DDoS)’ attacks, which seek to overwhelm and freeze systems.

“BD to patch cybersecurity risks found in drug dispensing, lab management tech” – Andrea Park, Fierce Biotech

https://www.fiercebiotech.com/medtech/bd-patching-cybersecurity-risks-found-drug-dispensing-lab-management-tech

  • BD announced that it plans to release software updates for two of its products after realizing that they presented possible privacy problems.
  • The products include Synapsys, which is used by clinical diagnostic labs, and Pyxis, a system for medication management. The riskier one of the two is Pyxis.
  • BD has reported this concern to the FDA and CISA and has stated that it is currently working on ways to prevent this in the future.

“Microsoft zero day under attack as industry awaits patch” – David Jones, Cybersecurity Dive
https://www.cybersecuritydive.com/news/follina-threat-apt-patch/624704/

  • “Follina” is a Microsoft Office zero-day vulnerability that researchers are sounding the alarm for.
  • It is believed that it stems from persistent threat (APT) actors that may have a connection to China.
  • Essentially, a vulnerability in Microsoft is used to distribute Zip archives with malicious Word documents that if downloaded, or even previewed, could provide a hacker with access to install programs or tamper with accounts.
Share

You Might Also Like...