Cyber Security Today, May 23, 2022 – A work from home warning, students are victims of ransomware, and more

Share post:

A work from home warning, students are victims of ransomware, and more. Welcome to Cyber Security Today. It’s Monday May 23rd, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. It’s a long holiday weekend in Canada, so thanks for tuning in.
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
  COVID-19 has forced many employees to work from home. But that can pose tremendous risks if IT leaders don’t ensure cybersecurity policies enforced in the office are also practiced at home. The latest example of poor planning allegedly involves the U.S. government. As cybersecurity reporter Brian Krebs reports, Washington issues smart cards to employees and defence contractors for logging into government applications, which they use from their offices with government-approved smart card readers. When COVID hit many of these people had to work from home. But they weren’t issued approved card readers for use from home. Nor, apparently, did they get advice on where to buy an approved reader. At least one person turned to Amazon to buy a device that met the government’s Common Access Card standard. However, a driver that was on the device manufacturer’s site seems to be infected with malware. That could have led to government systems being infected. It isn’t known how many federal employees in the U.S. bought compromised card readers. One lesson is if an organization requires a special login ID for employees it has to be prepared if they suddenly have to work from home. The annual Pwn2Own hacking contest at Vancouver’s CanSecWest conference ended Friday with 17 participants winning just over $1 million. They did it by finding ways to evade defences in commercial software such as Windows, Ubuntu and several browsers. Winners included a team that was able to get into the infotainment system used in a Tesla Model 3 car. The contest, sponsored by Trend Micro’s Zero Day Initiative, is run at a number of cyber conferences around the world to help find vulnerabilities before crooks do. Here’s another example of a third-party ransomware attack. An American non-profit called Battelle for Kids, which holds student data from a number of school systems across the United States, has acknowledged it was hit last year by a ransomware attack. This was revealed in a letter sent to parents by Chicago’s public school system on Friday. According to the Bleeping Computer news site, the data of almost a half-million students in the Chicago system between 2015 and 2019 was copied by the attackers. It included their names, dates of birth and some performance scores. Data on 60,000 Chicago school board employees was also stolen. No Social Security or home addresses were stolen. I’ve reported before on the need of application developers to watch for malicious software packages on open source libraries like NPM. That’s not the only place malware can be deposited. Researchers at Sonatype have discovered a malicious package in the open Python registry called PyPI. The bad package has a similar name to the legitimate library called PyKafka. Tricking victims by closely spelling a file name to a legitimate name is called typosquatting, and its common in open source registries. Earlier this month Sonatype found a file with a name similar to the popular library called ‘colors.’ Application and web developers using open source files must make sure they download and scan only legitimate files to use in their work. Finally, last week Cisco Systems’ Talos threat intelligence service published an information paper on the BlackByte ransomware gang. One common way it infects organizations is by getting an employee to open a phishing email. But another way is by attacking unpatched applications, particularly SonicWall’s VPN and Microsoft Exchange. This means chief executives have to ensure there are regular security awareness training sessions for employees, and IT leaders must have a rigorous patch management program. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, May 23, 2022 – A work from home warning, students are victims of ransomware, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Pushing back against rising cloud costs: Hashtag Trending for Wednesday, April 24, 2024

Pushing back against rising cloud costs – one CEO make big savings, Microsoft makes it clear that it...

Digital humans make inroads into customer service: Hashtag Trending for Tuesday, April 23, 2024

Before we get to our stories, coincidentally leading with one on digital humans used in customer service, we...

Cyber Security Today, April 22, 2024 -Vulnerability in CrushFTP file transfer software, security updates for Cisco’s controller management application, and more

This episode reports on a new campaign to steal credentials from LastPass users, a warning to admits of Ivanti Avalanche mobile device management software

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways