TLDR:
- Highly critical report on Microsoft from U.S. Cyber Safety Review Board
- Ransomware attacks on Canadian hospitals and American mortgage lender
During the week ending April 5, 2024, Cyber Security Today covered various significant cybersecurity incidents. A highly critical report by the U.S. Cyber Safety Review Board called out Microsoft for a preventable compromise of Exchange Online email accounts by a China-based group. Ransomware attacks affected five Canadian hospitals and an American mortgage lender, compromising over 320,000 and 211,000 people’s data, respectively. Additionally, a threat actor claimed to have stolen classified files from a U.S. government contractor. The week also saw the discovery of a new piece of malware, Unapimon, by threat actors known as Earth Freybug. Progress Software released critical patches for its Flowmon network monitoring platform, and Google released patches for Android vulnerabilities. The article highlighted the importance of robust cybersecurity practices, transparency in incident reporting, and the need for trust in cloud service providers. Key takeaways included the need for rigorous threat models, automated key rotation, minimum audit logging standards, and more transparent incident reporting in the cybersecurity sector.