April 21, 2024 at 10:04PM
MITRE revealed it was the victim of a cyber attack, despite its strong security measures. The Akira ransomware, deployed by Russian-linked groups, is still a threat, exploiting old vulnerabilities in Cisco software. Important security flaws, including sensitive data exposure and credentials theft, were discovered in various critical systems. Cerebral, an online mental health care company, agreed to pay over $7 million to settle charges of disclosing customer health information.
Key takeaways from the meeting notes:
1. MITRE, a security organization, reported being subjected to a cyber attack using zero-day flaws in Ivanti virtual private network. The incident serves as a reminder that no organization is immune from cyber attacks, prompting the need for increased vigilance and defense approaches.
2. International cyber security agencies issued a warning about the Akira ransomware, deployed by Russian-linked groups, exploiting vulnerabilities in Cisco’s Adaptive Security Appliance and Firepower Threat Defense software. The warning includes details of indicators of compromise and tactics used by the attackers and encourages organizations to stay updated with security measures.
3. Critical vulnerabilities were identified in Atlassian’s Bamboo Data Center and Server, as well as in products from companies like Rockwell Automation, Mitsubishi Electric, Electrolink, and Unitronics. These vulnerabilities pose significant risks and should be patched immediately.
4. Cerebral, an online mental health care company, agreed to pay over $7 million to settle charges of sharing customer data with various social media platforms through tracking tools embedded in its website and apps. The company was also accused of engaging in deceptive practices related to substance use disorder treatment.
Overall, the meeting notes highlight the prevalence of cyber threats and vulnerabilities across various sectors, emphasizing the importance of maintaining strong cyber security measures and staying vigilant against potential attacks.