Welcome reader to your CybersecurityHQ report.

Headlines

The Biden administration-appointed Cyber Safety Review Board released a recent report condemning Microsoft for its cybersecurity practices in the fallout of a recent breach by Chinese hackers. The board considers the breach preventable, caused by a “cascade of errors.” That makes the incident egregious, given that it gave threat actors access to many email accounts for senior US officials.

The report highlights a series of avoidable errors and even points out that Microsoft can’t fully describe how and why the breach occurred. The board recommends fundamental changes in Microsoft's culture, something the company’s recent statements have somewhat agreed with.

Cybersecurity firm Volexity discovered a zero-day exploit in Palo Alto Networks’ PAN-OS firewall software, and the company has scrambled to put hotfixes in place. The company rates the exploit as extremely severe, highlighting just how important it is to get a patch in place.

The attack was first seen on April 10th, with related activities tracked on April 11th and earlier incidents dating all the way back to March 26th. As of April 15th, Palo Alto Networks has released patches for PAN-OS and is developing further fixes, along with providing guidelines on workarounds.

The Chase Healthcare saga seems to never end, and now the group RansomHub has started to publish the data allegedly stolen in the much-reported February attack. As evidence, they published screenshots of some information they claim was taken from Chase Healthcare, including medical claims, invoices, patient details, and more sensitive data.

They are demanding a ransom to be paid by Friday, or else they’ll release all the info. The company already paid the ALPHV hacker group $22 million in ransom for the same attack earlier this year. Reportedly, ALPHV did not pay their affiliate group RansomHub a promised share of that money. Now, RansomHub is looking for some kind of payment out of the operation.

Interesting Read

The run-up to major 2024 elections in the US and elsewhere continues to make disinformation and misinformation a topic of interest. In that vein, recent research into Canadian Facebook provides sobering insights. There, around four-fifths of all adults are on the platform, and 51% used Facebook to get news last year. That makes the social media giant’s policies massively influential in the outcome of elections.

Recently, in response to legislation requiring payment to media companies for using their material, Facebook decided to simply ban posting links to “reputable” news sources. That’s left political and news-based memes the dominant form of political posting on Canadian Facebook. Believe it or not, research suggests this has degraded discourse. Read more about it in this post by CyberNews.

Employment Tip: Learn From Incidents

Stay informed on the latest trends and major cybersecurity incidents. Having solutions to these problems quickly at hand makes you an undeniable asset to any company. Being informed of these stories also makes you authoritative in interviews.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team