Cyber Security Today, May 27, 2022 – Another warning to app developers, and an alleged leader of a business email compromise gang is arrested

Share post:

Another warning to app developers, and an alleged leader of a business email compromise gang is arrested. Welcome to Cyber Security Today. It’s Friday May 27th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
Another warning is going out to software developers using open-source packages after more compromised code was found. According to researchers at Sonatype, compromised versions of the popular package called ‘ctx’ began appearing in the Python language PyPI registry this week. Developers using ‘ctx’ in their applications should check if they have an infected version. In addition, someone has created a fork of the PHP language package called ‘phpass’ found in the GitHub repository. The purpose of both compromises would be to steal passwords. On Monday I told listeners that a malicious package in the PyPI with a similar name to the legitimate package called PyKafka had been found. Again, these incidents stress the importance for developers to check the validity of any components they download for inclusions in their apps. Police in Nigeria have arrested a man they say is behind a gang running international business email compromise scams. It’s the latest move under what police call Operation Delilah to fight these types of scams, which usually trick employees into wiring money to a bank account controlled by crooks. Researchers at Palo Alto Networks noted that 11 alleged members of this gang were arrested in December. At the time the alleged leader fled Nigeria. However, he was arrested trying to get back into the country. Wanna download a cracked video game or pirated movie? You can, but the odds are you’ll also be hacked. The latest example comes from researchers at Red Canary, who found malware that hijacks victims’ browsers in such phony files. Why? So victims will be redirected from wherever they want to go to advertising websites. The lesson: You get what you pay for. Only in this case if you pay for nothing, you may get trouble. That’s it for now — but remember later today the Week in Review edition will be out. Guest Terry Cutler of Cyology Labs will join me to discuss the latest move by the Conti ransomware gang. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, May 27, 2022 – Another warning to app developers, and an alleged leader of a business email compromise gang is arrested first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

Cyber Security Today, Week in Review for week ending Friday, June 14, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, June 14th,...

A conversation with Senator Colin Deacon: Driving innovation in Canada’s government. Hashtag Trending, the Weekend Edition

Senator Colin Deacon has brought a fresh perspective to the Canadian Senate, leveraging his background as a startup...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways