Tuesday, August 16, 2022
Home Tech News Cyber Security Today, June 27, 2022 – A warning to firms using...

Cyber Security Today, June 27, 2022 – A warning to firms using VoIP systems, malicious files in an open source Python registry, and more

A warning to firms using VoIP systems, malicious files in an open-source Python registry, and more.

Welcome to Cyber Security Today. It’s Monday, June 27th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Organizations turn to voice-over-IP phone systems as a way of saving money. However, if these systems aren’t properly protected they could be an entry point into internet-connected systems. The latest example is a report by researchers at Crowdstrike into their discovery earlier this year of an undocumented vulnerability in a VoIP system made by Ottawa’s Mitel Networks. A suspected ransomware threat actor gained initial access to an organization’s network through the Mitel MiVoice Connect appliance using a zero-day vulnerability. Fortunately, the attack was detected and stopped. After being notified, Mitel issued a critical security advisory in March urging administrators to install a patch to close this hole. Crowdstrike waited until now to issue its report on the incident. Two lessons to IT staff: First, security updates on any internet-connected device on your networks — not just servers and desktops — have to be patched as soon as possible. Second any internet-connected device — including VoIP phone systems — must have anti-virus, anti-malware or firewall protection.

Here’s another example of why application developers shouldn’t automatically trust code posted to open source libraries. Researchers at Sonatype recently discovered five suspicious if not malicious Python packages in the open source PyPi registry. If included in an application some of them could steal Amazon AWS credentials and other information included in software. Sonatype reported its findings to PyPi and the packages have been removed. If you’re worried about whether these libraries are in your application there’s a link to the Sonatype report in the text version of this podcast at ITWorldCanada.com. Developers who use open source packages should research and scan any code they download.

A hacker claims they have already broken into and are selling access to 50 IT networks of organizations that have unpatched versions of Atlassian’s Confluence collaboration suite. According to the security news site called The Record, researchers at Rapid7 found an access broker on a Russian-language criminal forum selling access to the organizations. All of them are allegedly in the U.S. I reported earlier about this particular vulnerability and that a patch has been issued. If your organization uses Confluence and hasn’t installed the patch, do it now — and scan your entire IT environment for possible compromise.

Finally, there are many ways of tricking victims into clicking on email attachments that hide malware. One of the latest was discovered by researchers at a South Korean firm called ASEC. A victim received an email alleging their firm has violated another company’s copyright. The evidence was supposedly in an attached PDF. What that attachment really does is install the LockBit ransomware. While this scam is being tried in Korean, it could easily be used in any language. In fact the report notes this isn’t the first attempt at spreading malware through copyright infringement threats. IT leaders should ensure employees are trained to send any legal threat to the legal department. Staff in the legal department need be trained to consult with IT security staff before clicking on attachments.

That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

- Advertisment -

Most Popular

Inflation chipping away at your back-to-school budget? Here’s how to save

Balancing the budget for back-to-school shopping is more difficult for parents this year as rampant inflation threatens piggy banks nationwide. More than a third of...

Granny does Q&A from beyond the grave after AI was trained to answer for her

Marina Smith MBE, who died in June aged 87, speaks to mourners at her own funeral (Credit: Storyfile)A woman who died in June has...

How to get the Android 13 update on your Pixel right away

Google announced on August 15th, 2022, that it would begin rolling out the Android 13 update to its portfolio of Pixel devices. As is...

Windows 11’s next big update arrives next month with Start menu folders, new gestures, and more

Microsoft is planning to release its next big Windows 11 update, version 22H2, on September 20th. Sources familiar with Microsoft’s plans tell The Verge...