Look at this week's Cyber Weekly Digest to learn about our top cyber security stories from the last 7 days. This week we dive into a data breach affecting NATO and the cyber attack which impacted NHS ambulances in the UK. Keep reading to stay updated on the biggest cyber security news from around the world.
US government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. After investigating the breach, Maximus found no indication that the hackers progressed further than the MOVEit environment, which was immediately isolated from the rest of the corporate network. The Clop ransomware gang added Maximus to its dark web data leak site this week as part of a big batch of 70 new victims. The entry on Clop's site claims they have stolen 169GB of data, although no data has been leaked yet.
This week, Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. The zero-day, tracked as CVE-2023-38606, is a flaw in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with improved state management. CVE-2023-38606 is the fourth security vulnerability discovered in connection with Operation Triangulation, a mobile cyber espionage campaign targeting iOS devices since 2019. This update means Apple has resolved 11 zero-days impacting its software since the start of 2023.
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest Cooperation Portal claimed by the threat group known as SiegedSec. Earlier this week SiegedSec posted on Telegram what they claimed to be hundreds of documents stolen from the COI Cooperation Portal. During the investigation, analysts noted that the data leak, if confirmed, impacts 31 nations that are members of the NATO alliance, which includes 845MB of files, 8,000 rows of user-related sensitive information, unclassified documents, and user account access details. SiegedSec claimed on their Telegram that the attack was in protest to NATO member countries' attacks on human rights and that ""it is fun"" to leak documents.
Cyber security researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. The researchers also noted the vulnerabilities in around 40% of Ubuntu users. The vulnerabilities, tracked as CVE-2023-2640 and CVE-2023-32629 (CVSS scores: 7.8) and dubbed GameOver(lay), are present in a module called OverlayFS and arise as a result of inadequate permissions checks in specific scenarios, enabling a local attacker to gain elevated privileges. Following the disclosure of the vulnerabilities, Ubuntu has released fixes.
This week, a cyber attack on an NHS supplier has left two ambulance trusts serving millions without access to electronic patient records. Swedish IT healthcare firm Ortivus released a statement confirming an attack affected UK customers who used its hosted data centre. The two trusts involved were the South Central Ambulance Service (SCAS) and South Western Ambulance Service (SWASFT), which serve roughly 12 million people. Neither trust has released any information publicly about the incidents. Although Ortivus claimed no patients have been directly affected, the standard of care will likely suffer if ambulances turn up without the ability to access patient records.