Security News












         Cybercriminals Unleash Ransomware Attack Designed to Compromise the Security of 120 French Hospitals.
         A ransomware infection has left one hospital in a group of 120 resorting to pen and paper as they work to
         remediate an attack custom-designed to attempt to take down all 120. This month, a member hospital of the
         French health company Ramsay Health indicated they have been the victim of a ransomware attack. Cue the
         normal story – many machines were impacted, manual processes were resorted to, a ransom ware demanded,
         and remediation steps were taken almost immediately. It seems like ransomware attacks are so cookie-cutter
         these days. What makes this attack interesting is an admission from Ramsay Health’s hired cybersecurity firm,
         IICybersecurity, that this attack appears to have been custom built to infect the entire hospital group. More
         and more ransomware attacks are being crafted to infect as many machines as is possible to up the chances of
         a paid ransom, so this kind of evolution of ransomware code shouldn’t entirely be a surprise. The good news is
         the attack was caught early enough to only impact a single hospital.

                Source: https://blog.knowbe4.com/cybercriminals-unleash-ransomware-attack-designed-to-
                compromise-the-security-of-120-french-hospitals



         281 BEC scammers arrested in worldwide law enforcement action. Federal authorities announced a
         significant coordinated effort to disrupt Business Email Compromise (BEC) schemes that are designed to
         intercept and hijack wire transfers from businesses and individuals, including many senior citizens. Operation
         reWired, a coordinated law enforcement effort by the U.S. Department of Justice, U.S. Department of
         Homeland Security, U.S. Department of the Treasury, U.S. Postal Inspection Service, and the U.S. Department
         of State, was conducted over a four-month period, resulting in 281 arrests in the United States and overseas,
         including 167 in Nigeria, 18 in Turkey and 15 in Ghana. Arrests were also made in France, Italy, Japan, Kenya,
         Malaysia, and the United Kingdom (UK). The operation also resulted in the seizure of nearly $3.7 million.

                Source: https://www.helpnetsecurity.com/2019/09/11/281-bec-scammers-arrested/



         NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs. Unlike previous side-channel
         vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely
         over the network without requiring an attacker to have physical access or any malware installed on a targeted
         computer. Dubbed NetCAT, short for Network Cache ATtack, the new network-based side-channel vulnerability
         could allow a remote attacker to sniff out sensitive data, such as someone's SSH password, from Intel's CPU
         cache. Discovered by a team of security researchers from the Vrije University in Amsterdam, the vulnerability,
         tracked as CVE-2019-11184, resides in a performance optimization feature called Intel's DDIO—short for Data-
         Direct I/O—which by design grants network devices and other peripherals access to the CPU cache.
                Source: https://thehackernews.com/2019/09/netcat-intel-side-channel.html












                                                    www.accumepartners.com
                                                                                                                     5