Cyber Security Today, May 27, 2022 – Another warning to app developers, and an alleged leader of a business email compromise gang is arrested

Share post:

Another warning to app developers, and an alleged leader of a business email compromise gang is arrested. Welcome to Cyber Security Today. It’s Friday May 27th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
Another warning is going out to software developers using open-source packages after more compromised code was found. According to researchers at Sonatype, compromised versions of the popular package called ‘ctx’ began appearing in the Python language PyPI registry this week. Developers using ‘ctx’ in their applications should check if they have an infected version. In addition, someone has created a fork of the PHP language package called ‘phpass’ found in the GitHub repository. The purpose of both compromises would be to steal passwords. On Monday I told listeners that a malicious package in the PyPI with a similar name to the legitimate package called PyKafka had been found. Again, these incidents stress the importance for developers to check the validity of any components they download for inclusions in their apps. Police in Nigeria have arrested a man they say is behind a gang running international business email compromise scams. It’s the latest move under what police call Operation Delilah to fight these types of scams, which usually trick employees into wiring money to a bank account controlled by crooks. Researchers at Palo Alto Networks noted that 11 alleged members of this gang were arrested in December. At the time the alleged leader fled Nigeria. However, he was arrested trying to get back into the country. Wanna download a cracked video game or pirated movie? You can, but the odds are you’ll also be hacked. The latest example comes from researchers at Red Canary, who found malware that hijacks victims’ browsers in such phony files. Why? So victims will be redirected from wherever they want to go to advertising websites. The lesson: You get what you pay for. Only in this case if you pay for nothing, you may get trouble. That’s it for now — but remember later today the Week in Review edition will be out. Guest Terry Cutler of Cyology Labs will join me to discuss the latest move by the Conti ransomware gang. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, May 27, 2022 – Another warning to app developers, and an alleged leader of a business email compromise gang is arrested first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

AI Engages In Deceptive Marketing: Hashtag Trending for Tuesday, December 3, 2024

Hashtag Trending is brought to you this week by Elisa: A Tale of Quantum Kisses a science fiction,...

AI vs Ghost Engineers: Hashtag Trending for Monday, Dec. 2, 2024

Hashtag Trending is brought to you this week by Elisa: A Tale of Quantum Kisses, a science fiction...

AI Chat Bot Exposes 300,000 Records: Cyber Security Today for Monday, December 2, 2024

This week’s programs are brought to you by the book Elisa: A Tale of Quantum Kisses. Pre-release of...

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways