Cyber Security Today, Feb. 23, 2022 – Warning to SQL Server admins, logistics company hit by cyber attack and more

Share post:

A warning to SQL Server admins, a logistics company hit by a cyberattack and more.

Welcome to Cyber Security Today. It’s Wednesday, February 23rd, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Administrators who oversee Microsoft SQL Server databases are being warned to lock down those servers. This comes after security researchers at a South Korean company called ASEC discovered a threat actor is targeting SQL Servers to install the Cobalt Strike beacon. That beacon reports back to hackers that a server has been penetrated and is ready for surveillance and downloading malware. The researchers say the threat actors are looking for SQL Servers open to the internet. Then they use brute force or dictionary attacks to crack administrator passwords. With that opening they can install Cobalt Strike on the network. Administrators are urged to better protect passwords with multifactor authentication and to disconnect SQL Server from the internet if remote access isn’t needed.

Expeditors International, a U.S. logistics and freight forwarding company, had to shut most of its worldwide operations over the weekend after a cyber attack. According to the Bleeping Computer news site, a tipster said the company was hit by ransomware. However, that has not been confirmed.

On Tuesday afternoon the company said it is operating under a business continuity plan, using backup procedures and alternative solutions to support customers.

The top three countries whose internet users suffered data breaches in 2020 were the United Kingdom, the United States and Canada. That’s according to an analysis of data by researchers at Surfshark. Roughly 3,400 internet users per million were hacked in the U.K., 1,724 per million in the U.S. and 163 per million in Canada. Belgium, Australia, South Africa and France were the next on the list. By the researchers’ estimates, every third online crime victim fell for a phishing attack.

Possibly some good news for everyone with a smartphone: Researchers at Kaspersky saw the number of malware packages installed on mobile phones protected by the company dropped compared to 2020. However, the past four years have been up and down. In 2018 attacks were up, then down in 2019 and back up in 2020. Overall, though, not only did the number of attacks on smartphones dropped last year, it was at its lowest point in four years. But while the overall number of attacks are down, Kaspersky warns the sophistication of malware is going up. That means the impact of a successful attack on the user of a mobile device – such as the theft of a bank account or stolen data – may be greater than before.

That’s it for now. Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Feb. 23, 2022 – Warning to SQL Server admins, logistics company hit by cyber attack and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

The US government and Its Microsoft dependency: A cybersecurity dilemma

Microsoft's series of high-profile cybersecurity failures has once again spotlighted the complex relationship between the tech giant and...

US government faces criticism over Microsoft security failures: Hashtag Trending, Tuesday April 16, 2024

Solar power is the largest source of new US electricity generation for the sixth month in a row, Microsoft is hiking prices on Dynamics 365 business apps by up to 16.7%, VMware’s Desktop Virtualization products rebranded as “Omnissa”, Tesla is laying off over 10% of global workforce amid delivery slump and the U.S. government gets

US government faces criticism over handline Microsoft cybersecurity failures: Hashtag Trending for Tuesday April 16, 2024

Solar power is the largest source of new US electricity generation for the sixth month in a row, Microsoft is Hiking Prices on Dynamics 365 Business Apps By Up to 16.7%, VMware’s Desktop Virtualization Products Rebranded as “Omnissa”, Tesla is Laying Off Over 10% of Global Workforce Amid Delivery Slump and the U.S. Government gets

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways