Cyber Security Today, Oct. 20, 2023 – Free anti-phishing guidance, ransomware gang sunk for not patching Confluence servers

Share post:

Free anti-phishing guidance, and a ransomware gang sunk for not patching Confluence servers.

Welcome to Cyber Security Today. It’s Friday, October 20th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 
Every IT security pro’s favourite four-letter word — free — is in the news this week. American cyber authorities released a free 14-page guide to fighting phishing attacks. There’s even a section with recommendations for small organizations with limited IT staff.

It urges firms to make sure employees with administrator and privleged user accounts use phishing-resistant multifactor authentication to protect against credential theft. These employees are the people who have broad access to customer or financial data so they are prime targets of hackers. It also helps, the guidance emphasizes, that as few people as possible have administrative rights.

Organizations should also implement a single-sign-on management application that reduces the chance of employees being tricked into giving up their login credentials.

And of course, the guidance says organizations of all sizes need to give employees regular cybersecurity awareness training that explains how to avoid being suckered by fake emails, texts, voice and video calls.

There’s also advice for application developers. They are urged to have secure-by-design and default principles in their development workflows to reduce the odds of their customers being hit by phishing attacks.

Remember I told you on Wednesday’s podcast about the need to patch Atlassian Confluence servers to close a vulnerability? Apparently a ransomware gang didn’t get the message and as a result had its servers wiped. According to Bleeping Computer, the Ukrainian Cyber Alliance says it got into the IT infrastructure of the gang running the Trigona ransomware through an unpatched hole in their Confluence collaboration server. Then the Alliance copied all the data from the gang’s systems, including source code and cryptocurrency hot wallets. And for good measure the good guys deleted the gang’s websites.

Speaking of patching, organizations that have been slow in installing a patch for on-premise versions of JetBrains’ TeamCity servers are being hit by two North Korean hacking groups. Microsoft said this week that the two groups are taking advantage of a vulnerability announced on September 20th. The same day a security update was released. TeamCity is an application development and deployment platform. The gangs are after valuable data in companies around the world. TeamCity administrators who have not patched their systems yet should quickly apply the update and look for indicators of compromise.

That’s it for now. but later today the Week In Review podcast will be out. Terry Cutler of Montreal’s Cyology Labs and I will look at some early cybersecurity predictions for next year.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Oct. 20, 2023 – Free anti-phishing guidance, ransomware gang sunk for not patching Confluence servers first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for week ending Friday, March 1, 2024

This episode features a discussion on how hard it is to kill a ransomware gang, Canada's proposed new online harms bill, why organizations still allow staff to use vulnerable software

Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC

In an interview Errol Weiss talks about the challenges facing hospitals a

Cyber Security Today, March 1, 2024 – Warnings to GitHub users and Ivanti gateway administrators, and more

This episode reports on a recommendation that enterprises drop Ivanti Policy Secure and Connect Secure devices because threat actors can get around mitigations for recent vulne

Hashtag Trending Mar.1- HP debacle; Humanoid robots closer to hitting our workplaces; Apple blew $10 billion on the electric car before pulling the plug

If rumours are true and this one should be, I started it, we have a special edition of the Weekend show where we talk about the evolution of the role of the CIO with two incredible CIOs as the CIO Association of Canada turns 20. Don’t miss it.  MUSIC UP Can HP make you love

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways