Google blocked 2. 36 million risky Android apps from the Play Store in 2024. DeepSeek revealed a database containing over 1 million chat records. A ransomware attack disrupted a major blood donation organization in New York. January's Windows 10 preview update forced the installation of a new Outlook. Microsoft improved text contrast in all Windows Chromium browsers. Tata Technologies, an Indian tech company, was hit by a ransomware attack. Globe Life's data breach could affect around 850,000 clients. Mizuno USA reported that hackers remained in its network for two months.
Tutorials available include how to access the Dark Web with the Tor Browser, how to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11, and how to use the Windows Registry Editor. Also, guides on backing up and restoring the Windows Registry, starting Windows in Safe Mode, and removing malware such as Trojans and viruses are provided.
Virus removal guides cover how to remove various search redirects, adware, and specific malware like WinFixer and Antivirus 2009. Information and help guides for different ransomware types, including Locky and CryptoLocker, are also included.
The latest downloads feature tools such as Qualys BrowserCheck, STOPDecrypter, and AdwCleaner. The most downloaded include ComboFix and RKill, among others. There are also categories for eLearning, IT Certification Courses, Gear, Gadgets, and Security.
In a recent security alert, the US Cybersecurity and Infrastructure Security Agency (CISA) warned of a backdoor found in Contec CMS8000 healthcare devices, which sent patient data to a remote IP address and allowed remote file execution. Contec is a Chinese company that produces various medical devices. The backdoor was identified by an external researcher, leading to the discovery of unusual network traffic to an external IP belonging to a university rather than the company.
Upon testing, CISA observed the backdoor's ability to download and execute files, enabling complete control over the patient monitors while also transmitting patient data secretly. This activity was not logged, meaning no alerts were sent to device administrators. The malicious behavior was also acknowledged in FDA advisories regarding similar devices, affirming the security issues present in Epsimed MN-120 monitors.
CISA's analysis revealed that the backdoor was linked to a Linux executable that could execute a series of commands to access a remote share and alter device conditions. In testing, the firmware did not follow traditional update protocols and omitted key security practices.
CISA has not confirmed the specific functions of the files received from the remote address, but their presence raises significant security concerns. Communication patterns indicated that patient data was transmitted using an unusual protocol, suggesting design flaws rather than accidental updates.
Despite attempts by Contec to provide firmware updates, CISA found that the malicious code remained, leading to recommendations for healthcare organizations to disconnect affected devices from networks and check for tampering signs.
Further correspondence with Contec remains ongoing, as CISA updates the community about these serious findings. The discussion extends to questions of the appropriate connection practices for such devices and reflects broader concerns regarding device security in healthcare settings and the potential ramifications of such breaches.
No comments:
Post a Comment