Cyber Security Today, April 1, 2022 – Spring Java framework needs patching, nation-state attackers take advantage of Ukraine war and a warning to student job seekers

Share post:

Spring Java framework needs patching, nation-state attackers take advantage of Ukraine war and a warning to student job seekers. Welcome to Cyber Security Today. It’s Friday, April 1st, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
  Software developers using the Spring Java application development framework should install the latest security updates. These close three vulnerabilities. Two were discovered this year. The third is a patch for an older vulnerability some researchers have dubbed SpringShell or Spring4Shell. That’s because they think its similar to the Log4Shell vulnerability in the Apache log4j logging library. That may or may not be true. Regardless, a patch for that particular hole was released on Thursday by VMware, which owns the Spring framework. Lots of threat actors are using the war in Ukraine as cover for spear phishing attacks, according to Google. It says government-backed threat actors from China, Iran, North Korea and Russia as well as some unattributed groups are using war-related themes to trick victims into opening malicious emails or clicking on malicious links. For example, someone is impersonating military personnel to extort money for rescuing relatives in Ukraine. A Russian-based threat actor sometimes referred to as Calisto has launched credential phishing campaigns targeting several U.S.-based non-profits and think tanks. They’re also going after the military of several Eastern European countries as well as a NATO Centre of Excellence. A group believed to be from China’s military has conducted campaigns against government and military organizations in Ukraine, Russia, Kazakhstan, and Mongolia. So, be careful of unexpected email with themes about the war. Meanwhile fixed broadband satellite provider Viasat has acknowledged the consumer side of its service was disrupted in Ukraine and several European countries by a cyber attack just as the Russian invasion started on February 24th. The attack didn’t affect Viasat’s mobility service, it said, or service to government customers. But it damaged some customer modems so much that Viasat has shipped tens of thousands of replacement units to distributors. The company said an attacker exploited a misconfiguration in a VPN appliance to gain remote access to the management segment of the satellite network. Then they issued destructive commands to the modems. University and college students are understandably eager to have money to pay rent to make a dent in their student loans. However, crooks are preying on that eagerness with tempting emailed job offers from recruiters they never meet. One goal is to get the victims’ name, address, birthday and social insurance number for identity fraud. Another is to sucker the victim into handing over money. The so-called jobs can be as varied as caregivers, mystery shoppers, administrative assistants, models, or rebate processors. Some enticements are that the victim can work from home. Sometimes the recruiter asks for a small amount of money upfront by promising big money later. In the worst cases the victim ends up working as an unsuspecting money mule for a criminal gang. These job offers are sometimes dazzling. Earlier this year Proofpoint discovered a scam trying to recruit university students for an executive personal assistant role at the United Nations Children’s Fund, known as UNICEF. Another email offered a three-day modeling job on a film shoot, claiming the company saw the victim’s profile on Instagram. Beware of an unexpected job offer received from a freemail account such as Gmail or Hotmail that spoofs a legitimate organization. Beware of nonexistent or overly simplistic interview questions with little to no information about the job duties. Finally, researchers at Bitdefender have found vulnerabilities in the Wyze Cam computer video camera used by consumers and small businesses. Make sure the latest security patches have been installed. Note that patches are only available for version 2 and 3 of this device. Version 1 is discontinued and no longer receives security fixes. Don’t forget later today the Week in Review podcast will be available. Terry Cutler of Cyology Labs and I will discuss backups, nation-state cyberattacks and how police are being fooled into giving up your subscriber information. You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, April 1, 2022 – Spring Java framework needs patching, nation-state attackers take advantage of Ukraine war and a warning to student job seekers first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Canada, U.S. sign international guidelines for safe AI development

Eighteen countries, including Canada, the U.S. and the U.K., today agreed on recommended guidelines to developers in their nations for the secure design, development, deployment, and operation of artificial intelligent systems. It’s the latest in a series of voluntary guardrails that nations are urging their public and private sectors to follow for overseeing AI in

Cyber Security Today, Nov. 27, 2023 – Ransomware gang posts data stolen from a Canadian POS provider, and more

This episode reports on the latest ransomware attacks, and details of how a gang that scams people selling used products on

Cyber Security Today, Week in Review for the week ending November 24, 2023

This episode features discussion on Australia's decision to not make ransowmare payments illegal, huge hacks of third-party service suppliers in Canada and the U.S. and whether email and smartphone service providers are doing enough to protect

Cyber Security Today, Nov. 24, 2023 – A warning to tighten security on Kubernetes containers, and more

This episode reports on the increasing number of vulnerable Kubernetes containers online, the latest acknowledged data breaches, a browser scam aimed at Macs

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways