Ransomware Strikes SEIU Local 1000 Amidst Critical Vulnerabilities
Ransomware Strikes SEIU Local 1000 Amidst Critical Vulnerabilities
On February 8, 2024, the Service Employees International Union (SEIU) Local 1000 reported a ransomware attack attributed to the notorious LockBit group. This incident highlights the escalating risks organizations face from ransomware, affecting not only public sector unions but a variety of entities. The attack comes on the heels of critical vulnerabilities disclosed this month, including remote code execution flaws in Fortinet’s FortiOS (CVE-2024-21762 and CVE-2024-23313) and serious weaknesses patched by Microsoft in their February Patch Tuesday update, addressing 73 vulnerabilities, including two zero-days. The urgency for organizations to bolster their defenses is palpable, especially as the healthcare sector prepares for an imminent cyberattack that could disrupt services across Minnesota.
Also In Security Today
- Fortinet FortiOS Vulnerabilities: Critical remote code execution vulnerabilities (CVE-2024-21762 and CVE-2024-23313) could allow attackers to execute arbitrary code. CVE-2024-21762 is reportedly being exploited in the wild.
- Microsoft Security Updates: Microsoft released patches for 73 vulnerabilities, including two zero-days affecting Outlook and Dynamics, emphasizing the importance of timely updates for security.
- Healthcare Cyberattack: Consulting Radiologists, Ltd. is preparing for a cyberattack starting February 11 that could impact over 100 facilities in Minnesota, stressing the need for resilient healthcare security.
- Data Breach Alert: A staggering leak of approximately 26 billion user records has been reported, highlighting vulnerabilities in cloud storage and the need for enhanced data protection measures.