Your After Holiday Security Update

Medical facilities are still getting hit with ransomware. Ransomware Locks Medical Records at Great Plains Health.

On Tuesday, GPHealth announced that it was canceling a large number of non-emergent patient appointments and procedures. This decision does not affect surgeries and select imaging procedures, which continued as planned.

Mel McNea, GPHealth chief executive officer, says that there is no reason to suspect that patient data was accessed but the organization will do a full audit, nevertheless.

My take is still that doctors refuse to follow procedures outlined by IT security professionals. They are not doctors!

In the ironic story of the week… Ryuk Ransomware Forces Prosegur Security Firm to Shut Down Network.

Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform.

eCards are a problem? Color me shocked. Beware of Thanksgiving eCard Emails Distributing Malware. OK, I’m not that shocked, since eCards have ALWAYS been a bad idea.

New email campaigns are underway that pretend to be Thanksgiving Day greeting cards and office closing notices with last minute invoices. Users who fall for the emails and open the attached word documents will be left with a Windows computer infected with a password-stealing Trojan and possibly other malware.

Companies in The Netherlands are targeted. Dutch Govt Warns of 3 Ransomware Infecting 1,800 Businesses.

The three ransomware strains named by the NCSC are LockerGoga, MegaCortex, and Ryuk. All of them have been involved in attacks against businesses.

Yet another reason to not store passwords in your browser. New Chrome Password Stealer Sends Stolen Data to a MongoDB Database. This is actually a fairly common occurrence.

This trojan is called CStealer, and like many other info-stealing trojans, was created to target and steal login credentials that were saved in Google Chrome’s password manager.