National Internet Safety Month: This June, take 4 easy steps to stay safe online
The U.S. Senate first designated June as National Internet Safety Month in 2005, primarily to raise awareness of internet dangers and highlight the need for education about online safety, especially among young people. In the years since then, with the rise of smartphones, social media and other new technologies, the amount of time people spend online has grown enormously—as have the risks.
Most of the time, cyberattacks occur due to poor cyber hygiene. Fortunately, there are four simple things we can all do to help protect ourselves and, by extension, others:
- Use strong passwords.
- Turn on multifactor authentication (MFA).
- Update software.
- Recognize and report phishing.
CISA’s new cybersecurity awareness program Secure Our World provides many resources for improving online safety, such as short how-to videos on the four actions above, tip sheets in 10 languages, and more.
(Source: CISA)
Microsoft, Google pledge 'low cost' cybersecurity services to rural hospitals
Rural hospitals will gain access to cybersecurity services at reduced prices thanks to a new initiative led by Microsoft, Google and the White House.
The Biden administration said on Monday Google will provide endpoint security advice to rural hospitals and nonprofit organizations at no cost and a “pool of funding to support software migration.” Google will also launch a pilot program with rural hospitals to develop a package of security capabilities that fits each hospital’s needs.
Microsoft concurrently announced a program for rural hospitals which will see the tech giant provide “non-profit pricing” and other discounts of up to 75% for security products used by independent critical access hospitals and rural emergency hospitals.
(Source: The Record)
As many as 165 companies ‘potentially exposed’ in Snowflake-related attacks, Mandiant says
As many as 165 organizations may be impacted by data exfiltration attacks targeting customers of the data storage firm Snowflake, Google’s Mandiant said Monday.
As details regarding the operation targeting Snowflake continue to emerge, the incident has already ensnared a slew of major companies — including Ticketmaster, Santander Group, Advance Auto Parts and others — and affected a huge number of individuals, potentially in the hundreds of millions.
(Source: Cyberscoop)
HC3 Sector Alert: Prevention of Unauthorized Access for Snowflake
On June 2, 2024, Snowflake observed an increase in cyber threats targeting accounts on their cloud data platform. The manufacturer suspects this is due to ongoing, industry-wide, identity-based attacks to access customer data.
Additional research suggests that these attacks use user credentials that are exposed through unrelated cyber incidents. It is not believed that this activity is linked to any vulnerability, misconfiguration, or malicious activity within the Snowflake product, but may be related to CVE-2023- 51662.
The Department of Health and Human Services’ (HHS’) Health Sector Cybersecurity Coordination Center (HC3) strongly encourages all users to review this Threat Alert, and to apply any mitigations to prevent serious damage from occurring to the Healthcare and Public Health (HPH) sector.
(Source: HHS HC3)
Cleveland cyberattack forces government to cut network access
In an update on the social media platform X on Tuesday evening, Cleveland officials said security teams first became aware of “abnormalities” in the city’s IT environment on Monday. After taking “precautionary actions to contain those abnormalities” which involved cutting off access to city systems, the City said it has been busy “investigating the nature and scope of the incident.”
The update also made sure to inform the City’s more than 360,000 residents that all emergency services, including 911 call centers, police and fire departments, as well as EMS services are all operating normally.
Cleveland is Ohio’s second largest city after Columbus, the state capital.
“While it is good that police, fire, and emergency medical services are still functioning in Cleveland, cyber incidents like this have the potential to disrupt public services,” Laundanski pointed out.
(Source: Cyber News)
Drivers could soon see message boards return on Kansas City’s highways
Drivers could soon see real-time information return to message boards across Kansas City metro highways.
The electronic message boards were taken offline after KC Scout was hit by a cyberattack in April which resulted in the loss of traffic cameras and more. For months now, those who wish to navigate Kansas City’s highways have had to find information on both the Missouri Department of Transportation and Kansas Department of Transportation websites.
On Wednesday, June 12, the Missouri Department of Transportation announced that staff celebrated the first successful electronic message board tests. If all testing remains successful, real-time information could return to drivers on Show-Me State roadways within the next week. As of June 12, no further information about the cyberattack, including the root of the attack, has been made available.
(Source: KCTV5 – Kansas City, Missouri)
|