Cyber Security Today, July 21, 2023 – MOVEit victim numbers climb higher, news on spyware, and more

Share post:

MOVEit victim numbers climb higher, news on spyware, and more.

Welcome to Cyber Security Today. It’s Friday, July 21st, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The number of victims of the hack of Progress Software’s MOVEit file transfer software continues to soar. By the estimation of researchers at Emsisoft, over 380 organizations have been listed by the Clop gang or have publicly admitted they were involved. They include Britain’s Office of Communications, the country’s communications regulator. By Emsisoft’s count, 70 schools in the U.S. are on the list.

Meanwhile there is some evidence many MOVEit customers are taking the threat of the vulnerabilities in the applications seriously since news emerged at the end of May. Researchers at Bitsight say internet scans suggest 77 per cent of the organizations it initially found with vulnerable MOVEit installations have been patched or are no longer open to the internet. That could mean, however, 23 per cent are still vulnerable.

On Wednesday’s podcast I reported that JumpCloud, a U.S.-based identity and access management solution, had been hacked by an unnamed country. Since then security researchers at SentinelOne and Mandiant narrowed the attacker down to an unnamed North Korean-based threat actor, while Crowdstrike blames North Korea’s Lazarus Group. JumpCloud now says fewer than five of its corporate customers were hacked, and fewer than 10 employee devices were compromised.

Researchers at Lookout this week published a background blog on a Chinese-based threat group that has been implanting spyware into Android apps it creates. The group is dubbed APT41 by researchers. Their spyware may be found in what is marketed as an Android system app, an adult video content app, a food delivery app, what claims to be keyboards or messaging apps. Note that Google says no apps with this malware are in the Android Play store. So they are likely being sent to victims through email and social media posts. These are untrustworthy ways of getting applications.

Speaking of spyware, check out an investigation by Tech Crunch into sales of the TruthSpy stalkerware and how its developers were able to evade detection by creating fake identities in the U.S. for cashing out purchases. There’s a link in the text version of this podcast.

That’s it for now. But later today the Week in Review edition will be out. Guest commentator David Shipley Beauceron Security and I will discuss a big vulnerability in Microsoft’s cloud, why developers leave secrets in Docker containers, Google’s plan to restrict internet access to some employees, and, of course, ransomware.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, July 21, 2023 – MOVEit victim numbers climb higher, news on spyware, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Sneaky 2FA Attacks Two Factor Authentication: Cyber Security Today for Monday, January 20, 2025

Sneaky 2FA, a new phishing as a service attack defeats two-factor authentication, A scammed company ordered to pay...

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways