Data Privacy Weekly: Your Industry News Series

01. UK National Health Service Faces Largest-Ever Ransomware Attack

UK battles a rising wave of cyberattacks as Barts Health NHS Trust investigates alleged ransomware incident. ALPHV ransomware gang claims to have stolen 70 terabytes of sensitive data, including passports and confidential emails, in what they say is the biggest breach of healthcare data in the UK.

This follows a recent ransomware attack on the University of Manchester, where hackers accessed an NHS dataset with information on 1.1 million patients. The UK’s public sector, including Ofcom and the University of the West of Scotland, has been targeted by cyberattacks in recent months.

Read More
UK National Health Service Faces Largest-Ever Ransomware Attack
Microsoft rebrands Azure Active Directory to Microsoft Entra ID

02. Microsoft rebrands Azure Active Directory to Microsoft Entra ID

Microsoft is rebranding its Azure Active Directory (Azure AD) as Microsoft Entra ID. The name change, set to be completed by the end of 2023, will not affect the service’s capabilities, including single sign-on and multifactor authentication. Microsoft also introduced two new services, Entra Internet Access and Entra Private Access, in public preview.

Entra Internet Access secures public-facing web services, while Entra Private Access allows remote access to internal corporate resources. The company aims to expand Microsoft Entra to enhance security and provide real-time access decisions.

Read More

03. Chinese Hackers Breach US Government Emails in Microsoft Cloud Exploit

Chinese hackers breached US government emails through a Microsoft Cloud exploit, gaining unauthorized access to email accounts for a month before being detected. The breach, carried out by a China-based hacking group referred to as “Storm-0558,” targeted email systems for intelligence collection and impacted around 25 organizations, including government agencies in Western Europe and the US. Microsoft has implemented mitigations and is working with authorities to protect affected users, while the exact number of compromised organizations and government agencies remains undisclosed.

Read More
Chinese Hackers Breach US Government Emails in Microsoft Cloud Exploit
MOVEit Cyber Attack Affects Deutsche Bank, ING, Postbank, and Comdirect

04. MOVEit Cyber Attack Affects Deutsche Bank, ING, Postbank, and Comdirect

Deutsche Bank, ING, Postbank, and Comdirect have experienced customer data leaks due to a breach in the Cl0p MOVEit hacks. The banks used the same third-party vendor, Majorel, which suffered a cyber-attack. The leaked information includes customers’ names and international banking account numbers, potentially enabling unauthorized direct debits.

Only customers who used the account switching service during specific periods are affected. ING Bank and Comdirect have also confirmed their involvement in the breach. The banks recommend that customers monitor their accounts for unauthorized transactions. The MOVEit attacks have impacted numerous companies globally.

Read More

05. Hackers Exploit Windows Policy Loophole, Forge Kernel-Mode Driver Signatures

Hackers are exploiting a Windows policy loophole to forge signatures on kernel-mode drivers, primarily targeting Chinese-speaking threat actors. Cisco Talos reported that the attackers are using open-source tools to alter driver signing dates and load malicious drivers with expired certificates. Microsoft has taken steps to block all certificates and stated that no compromise of Microsoft accounts has been identified.

The weakness stems from an exception allowing cross-signed drivers under specific conditions. Threat actors use signature timestamp forging software to deploy thousands of unsigned drivers, bypassing Microsoft’s verification process. This method poses a significant threat, granting full access and compromising the system.

Read More
Hackers Exploit Windows Policy Loophole, Forge Kernel-Mode Driver Signatures

Explore More Topics

Explore the full range of services offered by Encryption Consulting.

Feel free to schedule a demo to gain a comprehensive understanding of all the services Encryption Consulting provides.

Request a demo