Critical vulnerabilities: The not-patch-Tuesday list.
As is usually the case this time of month, the most pressing vulnerabilities of recent days were revealed/patched in Patch Tuesday releases.
CVSS 9.8 - So many CVEs: Siemens SIMATIC S7-1500 CPU PLCs have a whopping 404 vulnerabilities in all versions of their software prior to 3.1.0 that can lead to information disclosure, tampering and DoS. Best patch ASAP. CVSS 9.8 - CVE-2023-6448: Unitronics Vision Series PLCs running VisiLogic prior to v9.9.00 are all coded with default administrator passwords, which could let an attacker take control with ease.
CVSS 9.1 - Multiple CVEs: Siemens SCALANCE M-800 and S615 family ICS switches contain a number of vulnerabilities that could allow an attacker to inject code or spawn a system root shell.
CVSS 8.1 - Multiple CVEs: Siemens's SINEC industrial network management software contains a number of vulnerabilities that could allow an attacker to trigger DoS, intercept credentials and escalate privileges.
Patients at Seattle's Fred Hutchinson Cancer Center have begun receiving ransom letters demanding $50 to keep data exposed in a November security breach from being sold on the dark web.
The breach, which Hutchinson acknowledged publicly on December 1, warned that the facility's clinical network was breached by an unknown attacker.
The relatively new Hunters International ransomware gang has since claimed responsibility, claimed it stole 533GB of files from the Cancer Center, and added the org to its list of victims.
Hunters international also claimed responsibility for hacking systems belonging to a US plastic surgeon's clinic and leaking patient photographs to extort a ransom payment in October.
Hutchinson's page addressing the breach doesn't indicate what data was compromised, but the ransom notes sent to patients indicate names, social security numbers, addresses, phone numbers, medical history, lab results and insurance information were stolen.
US dental insurance group Delta Dental has waited a while to fess up to being a victim of attacks on MOVEit.
Consider this your notice: If you're a Delta patient there's a good chance your data - including financial account numbers, credit/debit card numbers and PINs - were lifted along with nearly seven million other patients.
Delta last week informed the Maine Attorney General that it was another victim of the MOVEit file transfer app attack.
While only three Mainers were affected, 6,928,932 folks around the US had their data lifted.
Delta said it didn't spot the breach until July, and said that, along with the aforementioned financial information, drivers license numbers, social security numbers, addresses, health insurance info and health information was also lifted.
As has been the case in other breaches, including MOVEit leaks, Delta is offering free credit monitoring services and a sincere apology to the millions of people who are only now being notified that they need to think about changing their PINs or getting new credit cards.
According to the latest updates from antimalware vendor Emsisoft, which has monitored the MOVEit massacre, Delta and other recently-admitted breaches have brought the total number of organizational victims to 2,686, with nearly 91 million individuals having been affected.
This Cyber News was published on go.theregister.com. Publication date: Mon, 18 Dec 2023 02:43:05 +0000