Cyber Security Today, May 27, 2022 – Another warning to app developers, and an alleged leader of a business email compromise gang is arrested

Share post:

Another warning to app developers, and an alleged leader of a business email compromise gang is arrested. Welcome to Cyber Security Today. It’s Friday May 27th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
Another warning is going out to software developers using open-source packages after more compromised code was found. According to researchers at Sonatype, compromised versions of the popular package called ‘ctx’ began appearing in the Python language PyPI registry this week. Developers using ‘ctx’ in their applications should check if they have an infected version. In addition, someone has created a fork of the PHP language package called ‘phpass’ found in the GitHub repository. The purpose of both compromises would be to steal passwords. On Monday I told listeners that a malicious package in the PyPI with a similar name to the legitimate package called PyKafka had been found. Again, these incidents stress the importance for developers to check the validity of any components they download for inclusions in their apps. Police in Nigeria have arrested a man they say is behind a gang running international business email compromise scams. It’s the latest move under what police call Operation Delilah to fight these types of scams, which usually trick employees into wiring money to a bank account controlled by crooks. Researchers at Palo Alto Networks noted that 11 alleged members of this gang were arrested in December. At the time the alleged leader fled Nigeria. However, he was arrested trying to get back into the country. Wanna download a cracked video game or pirated movie? You can, but the odds are you’ll also be hacked. The latest example comes from researchers at Red Canary, who found malware that hijacks victims’ browsers in such phony files. Why? So victims will be redirected from wherever they want to go to advertising websites. The lesson: You get what you pay for. Only in this case if you pay for nothing, you may get trouble. That’s it for now — but remember later today the Week in Review edition will be out. Guest Terry Cutler of Cyology Labs will join me to discuss the latest move by the Conti ransomware gang. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, May 27, 2022 – Another warning to app developers, and an alleged leader of a business email compromise gang is arrested first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

40 thousand routers compromised: Hashtag Trending for Wednesday, March 27th, 2024

A new cyberthreat is taking down home routers. Germany passes a law insisting on end to end encryption. Reports expose the craziness of tech hiring practices, the US government has had it with SQL injection attacks and Elon Musk gets a smackdown from a federal judge as we see more from the X files –

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Apple gets hammered by the EU again: Hashtag Trending for Tuesday, March 26, 2024

Apple gets hammered by the EU once again while there’s a threat in the US of breaking up the big tech giants. Google appears to have another problem AI implementation, Steve Wozniak is back as an unlikely critic of the TikTok ban, a new open source AI that runs on your computer an an Amazon

CIOs complain of “application sprawl” – Hashtag Trending, Monday March 25th, 2024

Apple may get an unexpected penalty from the US Governments new lawsuit, survey of CIOs complains of application sprawl but proposes that the way to get out of it is “more applications”, 1% of employees cause 89% of data loss events and information surfaces about some potentially enormous developments in AI in the coming months.

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways