Tuesday, January 19, 03:32
Home security Microsoft: Warns hospitals about ransomware attacks exploiting COVID-19

Microsoft: Warns hospitals about ransomware attacks exploiting COVID-19

Microsoft warns hospitals that Gateway and their VPN devices are vulnerable to ransomware attacks that seek exposed endpoints. Technology giant claims hackers hiding behind ransomware REVILE (also known as Sodinokibi), scan it Internet for vulnerable systems, with VPN be widely used at this time as, in view of COVID-19, employees are required to stay and work at home. This group of hackers seems to change her malware infrastructure used last year in new attacks aimed at exploiting vulnerable health care facilities, such as hospitals, which are under extreme pressure to deal with patients infected with COVID-19.


According to Microsoft, these attacks are different from ransomware attempts made on commodities, as hackers exploit their expanded knowledge of system management, while also exploiting common misconceptions about network security. The company also added that as soon as hackers infiltrate into one network, perform in-depth recognition and customize privilege escalation and side-based movements errors security and vulnerable services they discover on the network. In these attacks, hackers usually insist, even for months, on untrusted networks, and then develop ransomware payload. This type of ransomware is harder to recover because it can be difficult for victims to find where hackers have discovered bugs and to locate inboxes, credentials, endpoints or applications that have been compromised.


Reportedly, ransomware attacks, including REvil, had targeted bugs found in Citrix ADC and Gateway products. There is also a suspicion that the team exploited last year's errors on the VPN Pulse Security platform to infringe on Travelex. The National Center for Cyber ​​Security (NCSC) and the NSA warned last October that these products had been targeted. APT hackers.


Microsoft recommends them users to do updates often and carefully, carefully monitor remote access and enable notifications of attacks on Windows as well as the AMSI (Antimalware Scan Interface) for Office VBA in Office 365 environments. Finally, a report released by the company in February contains more details on how users can defend, to some extent at least, ransomware attacks.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Pohackontas
Pohackontashttps://www.secnews.gr
Every accomplishment starts with the decision to try.

LIVE NEWS

00:02:29

FCC: Extremists turn to radio equipment after banning from social media

The US government warns that extremists could turn to radio equipment to plan their future attacks, ...

Android: How to make Signal the default messaging app

Signal is a popular encrypted messaging application that focuses on privacy. It is an alternative to ...

Google Cloud: We use some SolarWinds, but we were not affected by the hack

Google Cloud CISO Phil Venables has revealed that the cloud uses software from the vendor, SolarWinds, but states that the use ...

Scotland Environment Service: ransomware continues to affect us

The Scottish Environmental Protection Agency (SEPA) has confirmed that it was hit by a ransomware attack last month and continues to face ...

Backdoors and vulnerabilities were discovered in FiberHome routers

Backdoors and other vulnerabilities have been discovered in the firmware of a popular FiberHome FTTH ONT router. FTTH ONT stands for Fiber-to-the-Home Optical Network ...

GitHub apologizes to an employee who fired! What happened;

GitHub has admitted that it was wrong to fire a Jewish official who made "anti-Nazi" comments about the Capitol riots.

By 2030 AI will replace the people of cybersecurity

Security company Trend Micro recently conducted a new survey that reveals that more than two-fifths (41%) of IT leaders believe ...

Chinese Winnti APT targets organizations in Russia and other countries!

Security researchers at Positive Technologies have uncovered a series of attacks carried out by a Chinese APT hacking team targeting organizations in Russia ...

Silicon Valley is investing a huge amount of money in India

From March to November, even when COVID-19 destroyed economies around the world, the richest man in India ...
00:02:01

Microsoft, Salesforce, Oracle are designing a digital vaccination passport

A Covid digital vaccination passport is being developed jointly by a team of health and technology companies, as well as governments, airlines and ...