Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 11, 2022
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 11, 2022

4 years ago Dylan D'Silva
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 11, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 11, 2022. I’ve also included some comments on these stories.

Microsoft’s Autopatch feature improves the patch management process

Microsoft announced a feature called Autopatch that will help organizations keep their systems up-to-date, starting with Windows Enterprise E3 (July 2022), reported Security Affairs. This aims to provide a layer of protection for companies that fail to patch themselves.

ANDREW SWOBODA | Senior Security Researcher at Tripwire

Microsoft is releasing a new feature called Autopatch. This feature allows enterprise environments to install updates with minimal patch interference. The feature allows an enterprise to create testing environments. These environments will be used to ensure that patches will not cause issues. These test environments will increase the number of systems and have testing periods to ensure that patched systems are stable.

Microsoft’s New Autopatch Feature to Help Businesses Keep Their Systems Up-to-Date

The Hacker News also reported on the recent Microsoft announcement to roll out Autopatch as part of Windows Enterprise E3 this July. “This service will keep Windows and Office software on enrolled endpoints up-to-date automatically, at no additional cost,” explained Lior Bela, senior product marketing manager at Microsoft.

DYLAN D’SILVA | Security Researcher at Tripwire

In a bid to help manage vulnerabilities and help businesses and organizations stay up-to-date, Microsoft announced a new feature called Autopatch, which will be available to Windows Enterprise E3 customers starting in July 2022.

Windows Enterprise E3 is based within the Cloud Solution Provider Channel which is subscription based and delivers features exclusively for Windows 10 and 11 Enterprise Editions. Autopatch is intended to keep Windows and Office software that exists on enrolled endpoints up-to-date automatically, forgoing the traditional monthly ‘Patch Tuesday’. Aimed at all supported versions of Windows 10, Windows 11 and Windows 365 for Enterprise. Notably, Windows Server OS and Windows 365 for Business are not supported.

It takes a measured approach by applying updates in sequential ‘rings’, starting with a small set of devices in a corporate network within the ‘test’ ring. After that, it will apply to the next 1% of endpoints within the ‘first’ ring, then moving onto the ‘fast’ and ‘broad’ rings containing the rest of the 9% to 90% machines split between them. If issues are encountered, Autopatch can be paused, and where applicable roll-backs can also be applied or made available.

Thoughts

From my perspective, this is a great way to help organizations stay up-to-date, especially with business critical systems. Having systems patched automatically should help reduce the workload on your IT and Cybersecurity teams, and those specifically responsible for patching and vulnerability management. Keeping systems updated will help manage attack vectors and attack surfaces, thereby continuing to reduce and mitigate risks.

SuperCare Health Data Breach Impacts Over 300,000 People

California-based respiratory care provider SuperCare Health recently disclosed a data breach affecting more than 300,000 individuals, noted Security Week last Monday. In a data security notice posted on its website, SuperCare said the intrusion was discovered on July 27, 2021, when it noticed unauthorized activity on certain systems.

DYLAN D’SILVA | Security Researcher at Tripwire

Here is another example of healthcare being a prime target for cyberattacks because of the PII and PHI-rich data that’s being sought. California-based SuperCare Health identified a breach within their network on July 27th, 2021. With a further investigation, they determined that an unauthorized individual had access between July 23rd and July 27th.

Unfortunately, it took them until February 4th, 2022, to determine the exposed files contained: names, address, date of birth, hospital or medical group, medical record number, patient account number, health-related information, and claim information. In some additional cases, social security numbers and driver’s license numbers were also stored.

It then took SuperCare another 1.5 months to notify impacted individuals.

There aren’t any details as to how the breach occurred, so I can’t provide thoughts/comments on that. Additionally, it’s unclear as to what and why it took them 7 months to determine what data was affected, and then an additional 1.5 months to notify. Although taking a step back, you would need some time to identify that 318,379 people/records had been affected. Did some quick math here: 132 working days between July 27th and February 4th (excluding weekends and holidays), translates to 2411.9 records per day that needed to be evaluated to determine if they were a part of the breach. I’m sure some of the analysis was automated, but the key piece they missed is that they shouldn’t have taken 7 months to publicly disclose the breach.

If you are by chance affected by this breach, these are some recommendations put forth by SuperCare Health, which in general is always good practice:

Review your account statements and notify Law Enforcement of any suspicious activity.

  • Obtain a free copy of your credit report.
  • Place fraud alerts on your credit reports.
  • Place a security freeze on your credit file, which prevents new credit from being opened in your name without the use of a PIN that’s issued when you initiate the freeze.

For those that are responsible for cybersecurity within your organization, take a refreshed look at vulnerability management. It will and should play a key role in reducing attack vectors and shrinking the attack surface. To quote CISA (Cybersecurity and Infrastructure Security Agency), Shields Up!

Keep in Touch with Tripwire VERT

Want more insights from Tripwire VERT before our next cybersecurity news roundup comes out? Subscribe to our newsletter here.

Previous VERT Cybersecurity News Roundups

  • April 4, 2022
  • March 28, 2022
  • March 21, 2022
  • March 14, 2022
  • February 28, 2022
  • February 21, 2022
  • February 14, 2022
  • February 7, 2022

The post ” Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 11, 2022″ appeared first on TripWire

Source:TripWire – Dylan D’Silva

Tags: Cloud, Critical Severity, Hacker, Hacker News, Microsoft, Patch Tuesday, TripWire, Vulnerability

Continue Reading

Previous FBI, U.S. Treasury and CISA Warn of North Korean Hackers Targeting Blockchain Companies
Next Experts Uncover Spyware Attacks Against Catalan Politicians and Activists

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

2 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

5 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

2 days ago [email protected] (The Hacker News)

Recent Posts

  • Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
  • eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
  • Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
  • Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
  • Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT