ZeroFox Cyber Intelligence Daily Brief - December 31, 2023

ZeroFox Cyber Intelligence Daily Brief - December 31, 2023

ZeroFox Intelligence collects, curates, and analyzes information derived from open and proprietary sources. Here is today’s daily roundup to give you and your clients an advantage over the adversary.

Brief Highlights

• Cyberattack Disrupts Emergency Care at German Hospitals
• NASA Releases New Space Security Best Practices Guidelines
• ALPHV Targets Apparel-Brands Owner VF Corporation

Cyberattack Disrupts Emergency Care at German Hospitals

German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has been the target of recent service disruptions reportedly by an unknown threat actor, suspected to be the Lockbit ransomware group. The attack affected the IT systems supporting three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford. The threat actors gained access to the hospital network and encrypted data. Reportedly, all systems were shut down, and necessary parties and institutions were informed. Although essential patient information is accessible through backups, emergency care in the three hospitals is unavailable, leading to the redirection of patients to other facilities and potential delays in medical care.

NASA Releases New Space Security Best Practices Guidelines

NASA’s Space Security: Best Practices Guide (BPG) has been designed to ensure the longevity and resilience of its space missions against cyber threats. Amongst the several principles NASA highlights, one suggests that space mission systems should be accessed only by authenticated and authorized personnel, devices, and software. Other recommended steps include incorporating an onboard cyber actor actions detection function and a fault management bypass protection. The guideline also suggests that systems should be capable of recovering from communications jamming and spoofing attempts besides being secured with MultiFactor authentication. Additionally, system software updates should be validated as free from malware. For a more comprehensive study of the guidelines, download the BPG brochure here.

ALPHV Targets Apparel-Brands Owner VF Corporation

On December 25, ZeroFox Intelligence observed ALPHV ransomware gang naming VF Corporation, owner of popular apparel brands including North Face, Vans, Supreme, and Jansport, as a victim on its leak site. The group claims that negotiations with VF corporation have been underway since last week. It says it will hide the leak site post “after 3 days in an effort to reduce speculation,” if the company decides to pay the ransom. On December 15, VF Corporation reported a cybersecurity incident where threat actors had managed to encrypt some of its systems and exfiltrate personal data.