Cyber Security Today, Sept. 29, 2023 – Protect your routers from this attacker, new open-source malware packages found, and more

Share post:

Protect your routers from this attacker, new open-source malware packages found, and more.

Welcome to Cyber Security Today. It’s Friday, September 29th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

A China-based threat actor is taking a roundabout way of hacking major companies. The group, dubbed BlackTech, is hacking the network routers of subsidiaries of major companies. Then it uses that access to pivot into the servers at the firm’s headquarters. That warning comes from American and Japanese government cyber agencies. BlackTech is also called Circuit Panda and Radio Panda by other security researchers. Apparently it hopes network appliances used at branch offices aren’t watched as carefully as edge devices closer to a firm’s head office. After compromising a branch router the attackers try to blend their traffic with regular corporate IT traffic. Among the routers compromised are those made by Cisco Systems. Network administrators are urged to closely monitor both inbound and outbound connections from IT network devices to both internal and external systems. They should also limit access to administration services of edge devices. And networks should only have devices with secure boot capabilities.

Threat actors continue to take advantage of the open-source NPM and PyPI code repositories. These are sites where developers drop open-source packages that anyone can use for their own applications. But as I’ve reported several times, hackers are planting their own code, hoping to sucker developers into downloading their malicious packages. Once the malware is on the developer’s computer it steals data from there — such as passwords and security keys — and do the same from the developers’ apps. The latest discovery comes from researchers at Phylum. They say a threat actor this month has been dropping a number of malicious packages into NPM and PyPI in a continuous campaign. Many of the pieces of code have complex obfuscation techniques to hide their real functions. For protection, developers have to scan and test any open-source code they download.

Here’s another of those ‘ooopsy’ incidents with generative artificial intelligence: Anyone can use Google’s Bard AI chatbot to ask questions. But those who do hope the questions and answers will be private. However, according to the news site Fast Company, until recently the text of conversations with Bard AI were indexed and could be found if anyone searched for information on the same topic. That’s because Bard AI has a feature: The ability to share a text conversation with those you chose. Unfortunately there wasn’t a control limiting the share feature to only those who started a Bard AI conversation. Google says it will plug that hole.

Here’s some data breach news: Community First Medical Centre of Chicago is notifying over 216,000 people that some of their personal information was stolen in a July cyber attack at the hospital.

More American corporate victims of the MOVEit file transfer hack are emerging. Among them are NorthEast Community Bank of White Plains, New York and Millyard Bank of New Hampshire. Both are notifying people that some of their personal information was stolen from outside companies with MOVEit servers that the banks used for information processing.

Finally, crooks continue making fake phone calls to people at home claiming to be from Windows. In one of the most recent ones the caller says they are from “Windows Security Department” and quickly ask you to write down and enter into your computer a new security or authorization key. This is a scam. No one from Windows or Microsoft knows your phone number. No one from a legitimate company will call and ask you to change settings on your computer, or call ask permission to log into your computer, or call and tell you to download something to install in your computer.

Remember later today the Week in Review podcast will be available. Guest David Shipley of Beauceron Security and I will talk about October Security Awareness Month, proposed Canadian artificial intelligence and privacy legislation, and ransomware.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Sept. 29, 2023 – Protect your routers from this attacker, new open-source malware packages found, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for week ending Friday, March 1, 2024

This episode features a discussion on how hard it is to kill a ransomware gang, Canada's proposed new online harms bill, why organizations still allow staff to use vulnerable software

Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC

In an interview Errol Weiss talks about the challenges facing hospitals a

Cyber Security Today, March 1, 2024 – Warnings to GitHub users and Ivanti gateway administrators, and more

This episode reports on a recommendation that enterprises drop Ivanti Policy Secure and Connect Secure devices because threat actors can get around mitigations for recent vulne

Hashtag Trending Mar.1- HP debacle; Humanoid robots closer to hitting our workplaces; Apple blew $10 billion on the electric car before pulling the plug

If rumours are true and this one should be, I started it, we have a special edition of the Weekend show where we talk about the evolution of the role of the CIO with two incredible CIOs as the CIO Association of Canada turns 20. Don’t miss it.  MUSIC UP Can HP make you love

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways