Short Takes – 2-15-25

Woman hospitalized in Wyoming with H5N1 bird flu. LATimes.com article. Pull quote: “This marks the first human case of bird flu in Wyoming and the 70th human case in the United States since 2024. Although the U.S. Center for Disease Control and Prevention’s website lists only 68 human cases on its website, it does not yet include this case or another announced earlier this week in a poultry worker from Ohio.”

In rural West Texas, a measles outbreak grows with no end in sight. NBCNews.com article. Pull quote: “The latest measles case count likely represents a fraction of the true number of infections. Health officials — who are scrambling to get a handle on the vaccine-preventable outbreak — suspect 200 to 300 people in West Texas are infected but untested, and therefore not part of the state’s official tally so far.”

New mandatory USCG cyber regulations. What you need to know. PenTestPartners.com blog post. Pull quote: “Requirements include the appointment of a Cybersecurity Officer (CySO) who will be in charge of compliance. The development of a Cybersecurity Plan and an Incident Response Plan and it’s important that all personnel complete cybersecurity training starting on July 17, 2025, to meet the requirements. Organizations must also conduct two cybersecurity drills annually to test their readiness.”

Ransomware in Healthcare: Lessons Learned from Interlock Attacks. Forescout.com blog post. Pull quote: “Comparing our original Chaya_002 report and the later reports of Interlock ransomware by other companies reveals a clear evolutionary path. The consistent patterns in infrastructure usage, Powershell code structure, network observables and operational methodology strongly suggest a direct developmental relationship between these malware families. Understanding these relationships and patterns is crucial for threat hunting and defense strategies against future evolutions of this threat actor.”

The Explosion of Hardware-Hacking Devices. Eclypsium.com blog post. Pull quote: “Other potential security issues arise when we wish to validate the firmware source code and determine if there are known vulnerabilities or backdoors either in the code itself or (more commonly) derived from 3rd-party libraries. The development environments, such as PlatformIO, make it easy for developers to get up and running by automatically pulling in the required code libraries.”