NHS Appeals For Blood and Volunteers After Cyber-Attack

From infosecurity-magazine.com

The NHS is fighting on several fronts to recover from the impact of a crippling ransomware attack last week, issuing urgent appeals for blood donors and volunteers, according to reports.

Several London hospitals, including King’s College hospital and Guy’s and St Thomas’, were impacted by an attack on pathology service provider Synnovis last Monday.

It had an immediate and significant knock-on effect on blood transfusions and test results, and reportedly led to the cancellation of over 200 emergency and life-saving operations, as well as hundreds of urgently referred appointments for suspected cancer patients.

Now the health service is launching an appeal for O blood-type donations to help mitigate the impact of the attack, which has made it harder for doctors to match patients’ blood types as quickly as usual.

Read more…

Duckduckgo Launches Anonymous AI Chatbots

From gbhackers.com

DuckDuckGo has unveiled a new feature, AI Chat, which offers users an anonymous way to access popular AI chatbots.

This innovative service includes models like OpenAI’s GPT 3.5 Turbo, Anthropic’s Claude 3 Haiku, and two open-source models, Meta Llama 3 and Mistral’s Mixtral 8x7B.

Read more…

Mind the Gap: Strengthening Cybersecurity Through Behavioral Awareness

From tripwire.com

Exploring the intricate relationship between people and cybersecurity opens up a dynamic landscape where individuals’ decisions, habits, and intentions significantly impact the safety and integrity of digital systems.

Cybercriminals are savvy opportunists, and like pickpockets, they go where the crowds are. They scan the virtual world, identifying weaknesses in the popular sites and systems people use. Whether it’s social media platforms teeming with personal data or online marketplaces bustling with transactions, cybercriminals meticulously search for chinks in the digital armor.

Natural human biases are one such chink, and are easily exploitable to infiltrate networks, steal sensitive information, or deploy malicious software. This is because humans are not just users of technology but active participants in its ecosystem.

Read more…

Cybersecurity Snapshot: NIST Program Assesses How AI Systems Will Behave in the Real World, While FBI Has Troves of Decryption Keys for LockBit Victims

From tenable.com

Check out the new ARIA program from NIST, designed to evaluate if an AI system will be safe and fair once it’s launched. Plus, the FBI offers to help LockBit victims with thousands of decryption keys. In addition, Deloitte finds that boosting cybersecurity is key for generative AI deployment success. And why identity security is getting harder. And much more!

1 – NIST program will test safety, fairness of AI systems

Will that artificial intelligence (AI) system now in development behave as intended once it’s released or will it go off the rails?

It’s a critical question for vendors, enterprises and individuals developing AI systems. To help answer it, the U.S. government has launched an AI testing and evaluation program.

Called Assessing Risks and Impacts of AI (ARIA), the National Institute of Standards and Technology (NIST) program will make a “sociotechnical” assessment of AI systems and models.

That means ARIA will determine whether an AI system will be valid, reliable, safe, secure, private and fair once it’s live in the real world.

“In order to fully understand the impacts AI is having and will have on our society, we need to test how AI functions in realistic scenarios – and that’s exactly what we’re doing with this program,” U.S. Commerce Secretary Gina Raimondo said in a statement.

Read more…

Check Point Security Gateway Information Disclosure Vulnerability (CVE-2024-24919)

From blog.qualys.com

Check Point Security Gateway is a secure web gateway that is an on-premises or cloud-delivered network security service. Check Point enforces network security policies, including firewall, VPN, and intrusion prevention capabilities.

Check Point published a zero-day advisory on May 28, 2024, regarding CVE-2024-24919 with a CVSS score of 8.6. As per the advisory, the vulnerability results in attackers accessing sensitive information and gaining domain privileges. 

The vulnerability impacts various products from Check Point like CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. The vulnerability has been added to CISA’s Known Exploited Vulnerabilities catalog

Check Point said, “The vulnerability potentially allows an attacker to read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled…” 

Read more…

TotalCloud Insights: Uncovering the Hidden Dangers in Google Cloud Dataproc

From blog.qualys.com

Summary

  • The Apache Hadoop Distributed File System (HDFS) can be vulnerable to data compromise when a Compute Engine cluster is in a public-facing virtual private cloud (VPC) or shares the VPC with other Compute Engine instances.
  • Google Cloud Platform (GCP) provides a default VPC called ‘default.’ This VPC allows inbound connections only on ports 22 and 3389 while permitting all inbound connections within the internal subnet. This configuration can pose a significant security risk when both Dataproc clusters and Compute Engine instances share the default subnet VPC. It can lead to potential data corruption or theft, both serious concerns.
  • The Google Security Team labeled the attack flow as an ‘Abuse Risk.’
  • Qualys TotalCloud now notifies customers of misconfigured Dataproc clusters that are vulnerable to exploitation, offering remediation steps and code for prompt resolution.

Read more…

Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

From thehackernews.com

Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus.

The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vaccine development, and the aviation sector, expanding beyond their initial focus of government organizations, Morphisec said in a report last week.

“In previous campaigns, the infection chain began with phishing emails containing a link to download a malicious file from platforms like gofile.io,” security researcher Arnold Osipov said. “This latest campaign used archive files containing LNK files pointing to a payload stored on WebDAV servers.”

Read more…