Cybersafe Threats – 20th June

Cybersafe Threats 20 June

Each week, Cybersafe.co.uk will be updating you on the latest cyber attacks threatening the private and sensitive data of businesses all over the UK and the world as part of our Cybersafe Threats Weekly Update. As technology evolves, so do cyber criminals and their methods of attack. If your company does not have the right cyber security essentials in place, it runs a serious risk of cyber attackers infiltrating its network and data. The results could devastate your business if your data falls into the wrong hands. Whether it be paying a ransom which could cost you a fortune, losing all your data and not being able to recover it, a fine due to GDPR breaches, or reputational damage, all of these effects could have a severe impact on how (and if) your business will be able to move forwards. 

Cybersafe Threats Weekly Update 20th June 2024  – Below, we update business leaders on what you and your employees need to look out for when assessing cyber threats to their data. This is all within our aim of making your business Cybersafe.

Here are the most prominent cyber threats to businesses which you should be aware of:

Sensitive Patient Data Stolen from NHS

A cyber criminal gang is known as Qilin has published nearly 400GB of sensitive patient data stolen from the NHS provider Synnovis. The data, released on the gang’s darknet site, includes patient names, dates of birth, NHS numbers, and descriptions of blood tests. This hack has significantly disrupted over 3,000 hospital and GP appointments, marking one of the most impactful cyber attacks on the UK’s healthcare system.

The breach occurred on June 3, 2024, when Qilin infiltrated Synnovis’ computer systems, encrypting vital information and rendering IT systems useless. They demanded a ransom payment in Bitcoin, but Synnovis appears to have refused, leading to the data’s publication. A Managed Cyber Security expert described the incident as one of the most harmful cyber attacks in UK history, predicting that it could take several months to restore the affected systems.

NHS England has acknowledged the data breach and is working with Synnovis, the National Cyber Security Centre, and other partners to assess the content of the published files. Synnovis has expressed concern over the development and is conducting a detailed analysis of the leaked data. The hack also revealed business account spreadsheets detailing financial arrangements between hospitals, GP services, and Synnovis.

Ransomware experts note that healthcare organisations are increasingly targeted by cyber criminals seeking substantial payouts. This incident underscores the necessity for robust cyber security essentials and resilience in healthcare IT infrastructure to withstand multiple cyber attacks.

Gitloker attacks abuse GitHub notifications to push malicious OAuth apps

Threat actors are conducting phishing attacks on GitHub users by impersonating GitHub’s security and recruitment teams. Since February, developers have been receiving fake job offers or security alerts via emails from “notifications@github.com,” tagged in spam comments on repository issues or pull requests. These emails redirect victims to phishing sites like githubcareers[.]online, where they are tricked into authorising malicious OAuth apps that access private repositories and user data.

Victims often find their repositories wiped, renamed, and replaced with a README.me file instructing them to contact the cyber attackers via Telegram to recover their data. GitHub staff has been addressing these attacks by encouraging users to report suspicious activity and avoid authorising unknown OAuth apps. GitHub assures users that their systems are not compromised and advises regular reviews of authorised OAuth apps to enhance cyber security.

This campaign highlights the importance of vigilance against phishing attacks exploiting GitHub’s notification and OAuth functionalities.

Microsoft June Patch Tuesday: Fixes for Windows, Outlook, and SharePoint

Microsoft has disclosed a high-severity vulnerability (CVE-2024-30078) affecting all supported versions of Windows, rated 8.8 out of 10 on the Common Vulnerability Scoring System. This flaw allows unauthenticated attackers in physical proximity to execute remote code on the compromised device without any user action, such as clicking a link or executing a file. Despite being classified as “less likely” to be exploited due to the proximity requirement, the vulnerability’s broad impact has raised significant concerns.

Microsoft released security updates on June 2024, Patch Tuesday, to address this issue and strongly advises users to apply these updates immediately. The vulnerability’s discovery coincides with delays in Microsoft’s rollout of Windows Recall, an AI feature for Windows 11 that captures screenshots frequently, raising further security concerns about data accessibility.

Get the Cyber Security Essentials you need

Contact Cybersafe.co.uk for help on how we can help prevent cyber attacks on businesses from cyber criminals and how to become Cybersafe. We’ll send you the right direction of providers and products that help you with cyber security essentials.  Whether you have sensitive data or confidential information within your business, you are always likely to be a target for cyber criminals. We also have a podcast where you can stay up-to-date with the latest cyber security measures that will help your company fight against these threats.

Share the article:

More Posts:

11 July Cybersafe Threats - Covering Data Breaches

Cybersafe Threats – 11th July

Each week, Cybersafe.co.uk will be updating you on the latest cyber attacks and cyber criminal activity threatening the private and sensitive data of businesses all

Cyber Criminal activity in the week leading up to the 4th July

Cybersafe Threats – 4th July

Each week, Cybersafe.co.uk will be updating you on the latest cyber attacks and cyber criminal activity threatening the private and sensitive data of businesses all

Listen to our Podcast:

Stay Cybersafe

with our weekly updates