Cyber Security Today, June 13, 2022 – Serious bugs found in a building access control system, ransomware news and more

Share post:

Serious bugs found in a building access control system, ransomware news and more. Welcome to Cyber Security Today. It’s Monday June 13th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for  
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
  Vulnerabilities in IT systems can open serious holes in an organization. So can web-connected door locks. The latest example, discovered by researchers at Trellix, has forced building access control system provider Carrier to issue a cybersecurity warning to organizations that use its LenelS2 access control panels. The researchers found eight zero-day vulnerabilities that could allow an outsider full system control and the ability to compromise physical security. That includes the ability to unlock any door, subvert alarms and undermine logging and notification systems. The problem is in motherboards made by a company called HID Global Mercury, used in the Carrier panels and other systems. Carrier has issued firmware updates and mitigations. Linux administrators are being warned of a newly-discovered and hard-to-detect piece of malware. Researchers at BlackBerry and Intezer have dubbed this malware Sybiote. Instead of running as a standalone executable in a server, it is a shared object library that infects all running processes. That gives the attacker rootkit functionality, including the ability to steal passwords and install a backdoor to give remote access. It’s been seen targeting the financial sector in Latin America, but the threat actor could use it more widely. One protection against stolen passwords is the use of multifactor authentication. Monitoring network telemetry for suspicious activity will also be useful aganist this malware. There’s a debate about whether organizations hit by ransomware should pay to get access back to their data. Here’s a nugget of information from a survey by Cybereason that may help make up executives’ minds: Eighty per cent of organizations that paid up said they were hit by ransomware a second time. And of those, 68 per cent said the attack came less than a month later. Here’s another factoid: Nearly two-thirds of companies hit believe the ransomware gang got into their network through a supplier or partner. Here’s more on ransomware: Palo Alto Networks has done an analysis of the HelloXD strain of ransomware, which emerged last November. It appears to be based on the leaked source code for the Babuk ransomware. However, HelloXD includes an open-source backdoor that allows the attacker to browse the victim’s file system, which can help monitor the progress of the ransomware. This report includes a number of indicators of compromise that could be useful to security teams. Finally, there’s two cellphone-related privacy stories to report. Researchers at the University of California have found Bluetooth signals might be able to be fingerprinted to track smartphones and their users. Meanwhile German researchers at the University of Hamburg found that some smartphones with their WiFi turned on may transmit data from networks they previously connected to, including passwords and email addresses. These experiments needed to meet certain conditions to work. But they are a lesson to only turn on Bluetooth and WiFi when you are using them. Otherwise keep them off. In addition, make sure your mobile devices have the latest security updates. And if your mobile device is no longer capable of receiving security updates, it’s time to buy a new one. That’s it for now Remember links to details about podcast stories are in the text version at Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, June 13, 2022 – Serious bugs found in a building access control system, ransomware news and more first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Pushing back against rising cloud costs: Hashtag Trending for Wednesday, April 24, 2024

Pushing back against rising cloud costs – one CEO make big savings, Microsoft makes it clear that it...

Digital humans make inroads into customer service: Hashtag Trending for Tuesday, April 23, 2024

Before we get to our stories, coincidentally leading with one on digital humans used in customer service, we...

Cyber Security Today, April 22, 2024 -Vulnerability in CrushFTP file transfer software, security updates for Cisco’s controller management application, and more

This episode reports on a new campaign to steal credentials from LastPass users, a warning to admits of Ivanti Avalanche mobile device management software

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways