With the new additions to Satori’s Data Security Platform, companies gain unprecedented visibility to answer “Where is all my data?” and “Who has access to it?”
Related Posts
Critical Chrome Vulnerabilities Allow Remote Code Execution, Update Now
Critical Chrome Vulnerabilities Allow Remote Code Execution, Update Now
Google has released a significant update for its Chrome browser, addressing multiple high-severity vulnerabilities that could potentially allow unauthorized memory access and other exploits.
The Stable channel has been updated to version 131.0.6778.204/.205 for Windows and macOS and 131.0.6778.204 for Linux, with the rollout expected to span the coming days and weeks.
The latest update includes five critical security fixes, many identified by external researchers. These vulnerabilities primarily impact Chrome’s V8 JavaScript engine and other components, posing risks such as memory corruption, unauthorized access, and potential exploitation through malicious web pages.
Free Webinar on Best Practices for API vulnerability & Penetration Testing: Free Registration
Chrome Vulnerabilities
1. CVE-2024-12692: A Type Confusion issue in the V8 JavaScript engine, reported by Seunghyun Lee (@0x10n) on December 5, 2024. This vulnerability could lead to heap corruption via a crafted HTML page.
2. CVE-2024-12693: An Out-of-Bounds Memory Access in V8, reported by researcher “303f06e3” on December 4, 2024. This flaw could allow attackers to access restricted memory areas, posing significant security risks.
3. CVE-2024-12694: A Use After Free vulnerability in the Compositing component, reported anonymously on September 19, 2024. This issue can cause unexpected behavior or crashes by accessing memory after it has been freed.
4. CVE-2024-12695: Another critical Out-of-Bounds Write in V8, reported by “303f06e3” on December 12, 2024.
Google has withheld detailed information about these vulnerabilities to prevent exploitation until most users have updated their browsers.
In addition to external contributions, Google’s internal security teams have implemented numerous fixes identified through audits and advanced tools like AddressSanitizer and MemorySanitizer.
These efforts aim to address potential vulnerabilities before they can be exploited proactively.
Importance Of Updating Chrome
Given the severity of these vulnerabilities, users are strongly advised to update their Chrome browsers immediately. Failure to do so could leave systems exposed to potential attacks that exploit these flaws.
To update Chrome:
- Open Chrome.
- Click the three-dot menu in the top-right corner.
- Navigate to Help > About Google Chrome.
- Chrome will automatically check for updates and install the latest version.
- Restart the browser to apply changes.
Google expressed gratitude to all external researchers who contributed to identifying these vulnerabilities and emphasized its commitment to rewarding such efforts through its bug bounty program.
This update underscores the importance of keeping software up-to-date to mitigate risks associated with increasingly sophisticated cyber threats targeting widely-used platforms like Chrome.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
The post Critical Chrome Vulnerabilities Allow Remote Code Execution, Update Now appeared first on Cyber Security News.
Chinese APT Hacks 48 Government Organizations
Chinese APT Hacks 48 Government Organizations
[[{“value”:”
Earth Krahang, likely a penetration team of Chinese government contractor I-Soon, has compromised 48 government entities worldwide.
The post Chinese APT Hacks 48 Government Organizations appeared first on SecurityWeek.
“}]] Read More
SecurityWeek RSS Feed
UnitedHealth Group Ransomware Attack : Hackers Stolen Patients Data
UnitedHealth Group Ransomware Attack : Hackers Stolen Patients Data
[[{“value”:”
The global American health insurance and services corporation UnitedHealth Group has announced that its health IT subsidiary Change Healthcare was the target of a malicious cyberattack.
Based on its initial targeted data sampling, the company has discovered files containing personally identifiable information (PII) or protected health information (PHI), which may include a significant proportion of the US population.
The business has not yet discovered any indications that materials like complete medical histories or doctor’s files were leaked among the data.
“A malicious threat actor posted 22 screenshots, allegedly from exfiltrated files, some containing PHI and PII, on the dark web for about a week. No further publication of PHI or PII has occurred at this time”, UnitedHealth Group said.
Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot
Change Healthcare Paid Ransom To A Cybercriminal Group
According to the information shared with Cyber Security News, Change Healthcare has paid a ransom to AlphV, also known as BlackCat. This hacking gang had been extorting the company since February.
“A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure,” the company said.
According to cybersecurity and cryptocurrency experts, Change Healthcare paid the ransom on March 1.
This is indicated by a transaction in which 350 bitcoins, or about $22 million, were put into a cryptocurrency wallet connected to the AlphV hackers.
The transaction was originally revealed in a post on the RAMP site, a Russian cybercrime forum, where a purportedly betrayed partner of AlphV expressed dissatisfaction over not having received their share of Change Healthcare’s payment.
But Change Healthcare consistently refused to acknowledge that it had paid the ransom.
To make matters worse, a second ransomware gang has emerged from a dispute among hackers. It claims to have Change Healthcare’s stolen data and threatens to sell it to the highest bidder on the dark web.
The second gang to demand a ransom from Change Healthcare was identified as RansomHub.
According to reports, they claim to possess patient details and a contract with another healthcare provider among the stolen data from Change Healthcare’s network.
While acknowledging that some files had been published, UnitedHealth refrained from asserting that the documents were its own. UnitedHealth stated, “This is not an official breach notification.”
Change Healthcare is still making great strides toward resuming the services that were interrupted by the incident.
With 99% of pharmacies operating as they did before the event, pharmacy services are now almost back to normal.
As more providers transition to alternative submission methods or systems come back online, medical claims are moving through the U.S. health system at almost normal levels.
Change Healthcare is gradually restoring other services, such as eligibility software and analytical tools, with the active reconnection of the clients currently taking precedence.
“While this comprehensive data analysis is conducted, the company is in communication with law enforcement and regulators and will provide appropriate notifications when the company can confirm the information involved,” the company said.
Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.
The post UnitedHealth Group Ransomware Attack : Hackers Stolen Patients Data appeared first on Cyber Security News.
“}]] Read More
Cyber Security News