Cyber Security Today, Dec. 1, 2023 podcast – More on Booking.com compromises

Share post:

More on Booking.com compromises

Welcome to Cyber Security Today. It’s Friday, December 1st, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

In previous podcasts In previous podcasts I’ve reported on abuse of the booking.com hotel reservation platform. Here’s the latest news: Researchers at Secureworks last month found a mistake made by an employee led to a hacker stealing the business’ Booking.com credentials. From there the hacker sent emails from Booking.com to people who made reservations at the hotel. The messages, of course, looked official. Unfortunately somehow the attacker then stole money from the guests’ accounts. The employee’s mistake? Responding to an email from a so-called former hotel guest who wanted help finding a lost passport. The initial email didn’t have an attachment or a link, so the employee wasn’t suspicious and trusted the message. However, a follow-up email did have a link to a supposed photo of the missing passport to help the hotel employee. Clicking on that link allowed malware to be downloaded that could copy passwords on the hotel employee’s computer. The hacker used those credentials to log into the Booking.com reservation system for the hotel, and then send phishing messages to hotel guests. It helped — and you know what’s coming — that the hotel didn’t enable multifactor authentication for employee logins to Booking.com.

The U.S. has seized the website of a cryptocurrency mixer called Sinbad used by North Korea and others to launder stolen digital currency. At the same time the U.S. sanctioned the service, meaning no one in the U.S. can use it. Sinbad is used by North Korea’s Lazarus group for exchanging stolen digital currency for cash. Others use Sinbad to hide drug trafficking and child abuse materials.

Remember the Stuxnet attack of 2010? That’s when attackers were able to compromise Siemens internet-connected programmable logic controllers to damage centrifuges processing uranium at a nuclear plant in Iran. Siemens altered the coding of the software to prevent that from happening again. But researchers at Enlyze say they found a way to bypass the fixes. For the past 12 months Siemens has been saying users of its S7 PLCs should be running on version 17 or later for better security.

Fake virus warnings are popping up on the screens of people going to popular websites like the Associated Press, ESPN and CBS. You’ll be on the site and suddenly what looks like an anti-virus scanner is checking your computer — and lo and behold there are three viruses found and a recommendation you take action — like downloading a file or buying a security product. This is a scam. An infected ad on the page triggers the so-called scanner, which is a video that looks like it’s scanning something. Researchers at Malwarebytes say the gang behind this is called ScamClub.

Finally, Apple has released updates for the iPhone iOS and iPadOS operating systems to close vulnerabilities. Your devices should be running versions 17.1.2.

Later today the Week in Review podcast will be available. I’ll talk with Terry Cutler of Cyology Labs about ransomware, the latest explanation from Okta about a data theft from its customer support system and a survey of information security officers whose firms were hacked.

Links to details about news in every podcast episode are in the text version at ITWorldCanada.com.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Dec. 1, 2023 podcast – More on Booking.com compromises first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Hashtag Trending Feb.27- Will AI enable a four-day week?; SpaceX under scrutiny for allegedly blocking satellite internet services in Taiwan; How much does it...

Prelude: Just a note out there. We’ve been having problems with some of our podcasts. Our hosting partner Libsyn says they are working on this. We hope it’s not inconveniencing you. But we’ll push to get this fixed.  If you are having issues, please write me at jlove@itwc.ca  Any data we can gather will be

Sidebar: The powerful Digital Safety Commission

A look at the powers of the proposed five-person body charged with overseeing the Online

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways