your passport to all things web
Security Brief 06/07/19
A lot went on this week in security that could affect PSAB staff, both professionally and personally. Sorry for the length of the Email and having to deliver it at conference time, but the bad actors do not seem to look at our calendar and they refuse to work around our schedules : – )
There is a new botnet targeting RDP. For those staff members who access IMIS or remote into the building, this could affect you. We have security software installed on all end points that will prevent the hackers from gaining access to our systems; however, if they continually try to access your computer or our IMIS server, that could cause slow downs on your computer or the IMIS server and could actually cause the computer to fail. Again, even if the computer fails, the hackers will not have gained access. If you experience a slow down or your computer becomes unresponsive, please report it to IT ASAP.
Read more about the RDP botnet . . .
A new phishing Email exactly mimics the standard webmail interface. This attack pretends to be a warning from your email server stating that you must add a recovery phone number to your account or the email account, and all its contents, will be deleted. This is of course, fake, but it will direct you to what appears to be your webmail logon screen where it will steal your password to your email account. Please read over this link and be vigilant.
Read more about phishing campaign . . .
Many staff members have inquired about the Quest Diagnostic hack. We have not said anything to date because the information that is being released is spotty and a lot of it does not make sense indicating that they are unsure as to the scope. What we know at the moment is that it was a third party billing vendor and not Quest Diagnostic. The issue is that the vendor handled many medical facilities and the breach now numbers in the millions. Some reports say that credit card numbers were compromised, some say medical records and test results, some say both. At this point, it is safe to assume that “we” do not know; however, there are two things that are fairly certain at this point. It looks like credit cards were compromised and that anyone that has gotten medical tests done probably now has at least their credit cards exposed and possible their test results, etc. as well. We are providing some links to the more accurate articles below. Should anything else develop, we will let you know.
Nearly 12 million Quest Diagnostics patients affected by data breach
LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach
AMCA Healthcare Hack Widens Again, Reaching 20.1M Victims
For those staff members that deal with secure information, two new breach laws were enacted by various states this week. Of note is the fact that electronic signatures are now considered a breach. Damages resulting from the loss or publication of a signature online are now actionable in court. At this point in time, Pennsylvania is not part of the legislative action, however it is only a matter of time. We may want to start paying attention to this as we update websites, etc. In addition, a breach, loosely, is defined as your name or Email address in combination with a password, social security number, etc. Now, several states are including security questions as part of what constitutes a breach. Therefore, you name or other personal identifier along with a security question (not necessarily a password) would now constitute a breach and would require reporting.
A new phishing campaign is underway that pretends to be a list undelivered email being held for you on your Outlook Web Mail service. Users are then prompted to decide what they wish to do with each mail, with the respective links leading to a fake login form.
Read more about the Undeliverable Email Scam . . .
A new phishing campaign is underway that pretends to be from the “Office 365 Team” warning you that your email account cancellation has been approved and that all your email will be deleted unless you cancel the request within the hour. Please note that IT controls all Office 365 accounts for PSAB staff and passwords are not issued to staff for just this reason. If you get one of these Emails, please report it to IT for screening.
On the brighter side, the new iOS for you iPhone’s will allow you to block incoming spam calls.
Here’s how to block robocalls and spam on your iPhone with iOS 13