We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› Published March 1, 2024 Travelpro Platinum Elite 21″ Carry-On Spinner Wirecutter …
Microsoft has released a substantial set of patches in its February 2024 Patch Tuesday. This update is particularly significant as it addresses a total of 73 vulnerabilities, which includes two zero-day exploits that have been detected in active use by cyber criminals. Among the vulnerabilities patched, five have been classified as critical due to their potential to cause serious harm, such as denial of service, remote code execution, information disclosure and elevation of privileges. Read on for more details.
The two zero-day vulnerabilities that have been actively exploited are particularly concerning:
The implications of these vulnerabilities are severe, as they can be used to compromise user data, disrupt business operations and gain unauthorized access to sensitive information. The complete list of resolved vulnerabilities in the February 2024 Patch Tuesday updates can be viewed in the full report.
In response to these updates, Nuspire has taken immediate action by applying the patches as recommended by the vendor. In addition to patching, Nuspire’s security team is actively threat hunting within client environments to detect any signs of compromise that might indicate the exploitation of these vulnerabilities.
It is crucial for organizations to take proactive measures to protect their systems and data from these vulnerabilities. Here are the recommended steps:
Ransomware activity increased in February according to the latest GRIT Ransomware Report from GuidePoint Security. The report is based on data collected by the GuidePoint Research and Intelligence Team, which reports a 51.5% increase in attacks compared to January and a 15.8% increase in attacks compared to February 2022.
The LockBit 3.0 ransomware group was particularly active in February, posting more than twice the number of victims (129) on its leak site as January (50), accounting for virtually all of the monthly increase in attacks. ALPHV/BlackCat also listed more victims (30) on its data leak site than January (21), with Royal and BinLian in the third and fourth spots. Medusa completed the top 5. There was a 21% decrease in Royal ransomware victims compared to January, but a massive 400% increase in BianLian victims. According to the cybersecurity firm Redacted, the BianLian group appears to have changed tactics and is now increasingly monetizing its breaches without using file encryption and is concentrating on extortion after stealing data.
While the healthcare industry is often targeted by ransomware gangs, there was a shift in the industries targeted by ransomware groups in February, with a marked increase in attacks on the food and beverage, banking/financial services, and engineering industries. The GRIT team reports that healthcare was the 7th most targeted sector out of 10 sectors tracked. While the most active ransomware groups do not appear to be primarily targeting the healthcare industry, there are many smaller ransomware groups that are steadily conducting attacks and GuidePoint Security has warned that these smaller groups, which often break away from larger ransomware groups, are more likely than the larger groups to actively target the healthcare sector.
The researchers also drew attention to the Royal ransomware group, which is a relatively new addition to the threat landscape having only been in operation since September 2022. The group has conducted at least 97 attacks since then but there is concern that activity will increase. Royal is believed to include members from other ransomware operations such…