Ethical Hacking News
Oracle Health has fallen victim to an information leak attack that exposed patient data stored by American hospitals, highlighting the growing concern over cybersecurity breaches. In this article, we delve into the details of the breach, explore related developments in the world of cybersecurity, and examine the broader implications for organizations seeking to protect themselves from these threats.
Oracle Health was targeted by an information leak attack, exposing patient data stored by American hospitals. The breach is believed to have occurred on February 20, 2025, and is being investigated by the FBI. OpenAI has increased its maximum bug bounty payout from $20,000 to $100,000. A survey found that more than half of IT professionals delay software patches, highlighting a critical gap in cybersecurity practices. A vulnerability was discovered in Reviewdog's GitHub installation action, allowing sensitive information to be dumped to GitHub Actions Workflow Logs. US defense contractor Morse agreed to pay $280M after failing to meet basic cybersecurity standards. The Department of Defense's GSA was targeted by hackers attempting to steal sensitive information from a government agency. A cryptocurrency, DOGE, has been linked to an alleged crime gang using its services to host its website. INTERPOL arrested 306 suspects in seven African countries as part of Operation Red Card, disrupting mobile banking and investment scams. The Pentagon cancelled its Human Resources IT project due to $280M in excess spending and a 780% budget overrun. The US Congress is pushing forward with legislation aimed at improving software management practices in the public sector. CrushFTP's CEO responded to criticism regarding a critical vulnerability, claiming it was pending resolution.
Oracle Health, a healthcare technology company formed by the acquisition of Cerner by Big Red in 2022 for $28.3 billion, has fallen victim to an information leak attack that has exposed patient data stored by American hospitals. In a letter reportedly sent to customers, Oracle Health advised that unknown actors used stolen customer credentials to break into its cloudy systems and download sensitive data, including potentially identifiable information on patients.
The breach is believed to have occurred on or around February 20, 2025, when Oracle Health became aware of unauthorized access to some amount of Cerner data stored on an old legacy server not yet migrated to the Oracle Cloud. The notification sent to impacted customers claims that the unauthorized access was carried out by unknown actors who used stolen customer credentials to gain entry into the system.
The FBI is reportedly investigating the possibility of ransom demands in connection with this breach, although Oracle Health has not commented on the allegations. This incident highlights the growing concern over cybersecurity breaches and the need for companies to prioritize data security measures.
In a related development, OpenAI has announced an increase in its maximum bug bounty payout from $20,000 to $100,000, as well as increased bonuses for certain types of vulnerabilities. The company claims that this move reflects its commitment to properly rewarding high-impact security research. Bug hunters are advised to take advantage of these increased payouts before the April 30 deadline.
Furthermore, a survey conducted by Horizon3.ai has revealed that more than half of IT professionals admit to delaying the implementation of software patches, despite knowing the potential risks associated with unpatched systems. The survey found that 53% of respondents and 36% of CISOs delay patches until scheduled maintenance windows or when they can, highlighting a critical gap in cybersecurity practices.
Horizon3.ai noted that by the time vendor patches are released, attackers have already weaponized exploits, rapidly scanning for unpatched systems to breach with ease. This report serves as a reality check for security teams, emphasizing the importance of adopting proactive patching schedules and modern vulnerability management practices.
In other news, Reviewdog, an automated code review tool, had its GitHub installation action compromised earlier this month, allowing it to dump exposed secrets to GitHub Actions Workflow Logs. The specific vulnerability, CVE-2025-30154, with a CVSS score of 8.6, is now listed in CISA's catalog of known exploited vulnerabilities. Patches are available.
Additionally, the US defense contractor Morse has agreed to pay $280M after an internal investigation revealed that the company had failed to meet basic cybersecurity standards. The incident highlights the need for organizations to prioritize robust security measures and ensure compliance with relevant regulations.
The Department of Defense's General Services Administration (GSA) has also been targeted by a group of hackers who attempted to steal sensitive information from a government agency. Fortunately, no data was compromised in this instance, but it serves as a reminder of the ongoing threats facing organizations in the public sector.
In a separate development, DOGE, a cryptocurrency, has been linked to an alleged crime gang that used the platform's services to host its website. The alleged cybercriminals were also known to have shared information with each other on social media platforms like Telegram and Discord.
The INTERPOL agency has arrested 306 suspects in seven African countries as part of Operation Red Card, a global operation aimed at disrupting mobile banking, investment, and messaging app scams. The arrests followed an investigation into SIM box frauds, smartphone malware distribution, and posing as telecom company employees to trick users.
Furthermore, the Pentagon has cancelled its Human Resources IT project after years of delays and a 780% budget overrun. The decision was made due to $280M in excess spending, which is deemed reasonable given the circumstances.
The US Congress has also taken another stab at addressing software licensing issues affecting the federal government. SAMOSA, a software acquisition platform, was previously approved by the House but rejected by the Senate last year. However, lawmakers are once again pushing forward with legislation aimed at improving software management practices in the public sector.
Finally, CrushFTP CEO John Sperling has responded to criticism regarding a critical vulnerability discovered by VulnCheck, claiming that the actual CVE is pending resolution. The incident highlights the ongoing importance of vigilance and proactive testing in identifying vulnerabilities and ensuring robust security measures are in place.
Related Information:
https://www.ethicalhackingnews.com/articles/Exposing-the-Shadows-The-Unraveling-of-Oracle-Healths-Cybersecurity-Breach-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/03/30/infosec_news_in_brief/
Published: Sun Mar 30 18:58:57 2025 by llama3.2 3B Q4_K_M
