Cyber Security Today, April 4, 2022 – British teens face Lapsus$-related criminal charges, an MFA warning and updates needed for Github, Rockwell PLCs and Apple devices

Share post:

British teens face Lapsus$-related criminal charges, an MFA warning and updates needed for Github, Rockwell PLCs and Apple devices. Welcome to Cyber Security Today. It’s Monday, April 4th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
Two of the seven young people recently detained in the United Kingdom for allegedly helping the Lapsus$ extortion gang now face criminal charges. The two, both teenagers, are charged with four counts of unauthorized access to a computer and one count of fraud. One 16 year old has also been charged with causing a computer to perform a function to secure unauthorized access to a program. Separately, the SANS Institute is reminding IT leaders to train employees to be wary of techniques used by attackers to get around multifactor authentication. This is because one of the ways the Lapsus$ gang has been able to worm its way into victims’ IT systems is by exhausting an employee with MFA approval requests. Multifactor authentication login protection often involves setting up a cellphone to receive a text message with a six-digit code. Usually that code has to be entered on a separate device in addition to a username and password. However, some MFA systems let a user press an “Accept” button on the screens of their mobile device to send the code and complete the login. This is called a push notification. If a Lapsus$ gang member gets hold of a victim’s username and password, they bombard the victims’ phone with repeated multifactor code requests hoping the victim will get annoyed and just press ‘Accept.’ Sometimes attackers will try harassing employees when they’re sleeping, hoping they’ll just press the button and let them get back to sleep. With the code received, the hacker gets into the IT system. A commentary published Friday by researchers at the SANS Institute notes this tactic isn’t new. In fact sometimes hackers are smart enough to slowly send code requests. So where push notification is allowed employees have to be reminded not to fall for this trick – and if they get unexpected code approval requests it should be reported. Attention developers using the Github application development platform: Security updates have been released for the Community and Enterprise Editions of the platform. Github says they have to be installed immediately. They fix a number of vulnerabilities. The most serious is the inadvertent setting of a hardcoded password for accounts using an OmniAuth provider like OAuth, LDAP or SAML. An attacker getting hold of the password can take over a Github user’s account and manipulate or destroy their work. Attention industrial operational network administrators: If you have programmable logic controllers from Rockwell Automation in your environments they need to be patched immediately. Security researchers at Claroty have discovered two serious vulnerabilities in Rockwell’s Logix series of devices and in the Studio 5000 Logix Designer software for creating apps. These vulnerabilities can allow an attacker to modify code and therefore damage a systems’ operations. How does the Internet keep working in war-torn Ukraine? In certain parts of the country it can’t. But according to the news site The Record, where they can rival telecommunication companies are now working together to share their networks and personnel to keep connectivity up. Finally, Apple released important fixes for some models of iPhones, iPads and Macs. Usually they get installed automatically, but it doesn’t hurt to check. Remember links to details about podcast stories are in the text version at You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, April 4, 2022 – British teens face Lapsus$-related criminal charges, an MFA warning and updates needed for Github, Rockwell PLCs and Apple devices first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Hashtag Trending Feb.23- Companies losing top talent with long hiring processes; Intel – the “foundry for the world?”; AT&T outage

(PRE MUSIC ANNOUNCEMENT) If you know me, you know I’m passionate about three things – music, books and data. My interview on the weekend edition hits two of those passions. I read a book called Winning with Data Science, and it blew me away. So, I reached out and managed to get one of the

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways