Cyber Security Today, March 6, 2024 – VMware and Apple rush out security updates, a new ScreenConnect malware is found, and more

Share post:

VMware and Apple rush out security updates, a new ScreenConnect malware is found, and more.

Welcome to Cyber Security Today. It’s Wednesday, March 6th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

VMware has pushed out security updates to close four vulnerabilities in major products. They must be installed in ESXi, VMware Workstation, Fusion and Cloud Foundation. An exploit that combines the vulnerabilities would be rated as critical. A malicious actor with local administrative privileges on a virtual machine could use one of the vulnerabilities to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation would be contained within the VMX sandbox. But on Workstation and Fusion, it could lead to code execution on those machines.

It’s not uncommon for threat actors to rush out an exploit once an application vulnerability has been revealed. The goal is to compromise a system before it’s been patched. The latest example is malware discovered by researchers at Kroll aimed at compromising unpatched versions of a remote desktop software used by IT departments called ScreenConnect. Kroll dubs this new malware ToddlerShark, because it resembles malware called BabyShark that’s been used for a while by a North Korean hacking group. I first reported on the need to patch ScreenConnect two weeks ago. Kroll says the list of threat actors trying to compromise unpatched versions of ScreenConnect for initial access is growing.

Most cyber attacks come from outside threat actors. However, IT leaders still have to pay attention to the risks of accidental data loss and thefts from employees and contractors. According to a new report from Code42 Software, the number of insider incidents has increased 28 per cent since 2021. The company’s annual Data Exposure Report includes a survey of over 700 IT security pros in the U.S. Eighty-five per cent expect data loss from insider events to increase in the next 12 months. One factoid I pulled from the report: Companies conducting daily cybersecurity reminders said they experience fewer insider-driven data events a month than those who train staff quarterly.

The U.S. Treasury Department has sanctioned a commercial spyware co-operative called Intellexa Consortium for selling spyware used against American government officials, reporters and policy experts. Two people have also been sanctioned in connection with their work for the consortium. It operates as a marketing label for several companies that sell commercial spyware under the brand-name Predator to authoritarian governments. Last year President Biden issued an executive order forbidding U.S. agencies from directly or indirectly being involved with commercial spyware. Last month Canada, the United States, France and the U.K. were among a number of countries that promised to create international principles limiting the use of commercial spyware.

Apple has rushed out software updates for iPhones and iPads to cover security vulnerabilities. Usually they will be installed automatically, but it doesn’t hurt to check if your device has been patched. Newer devices should be running version 17.4 of the operating system. If your iPhone or iPad says it’s running the latest version of the OS but it’s not at least 16.7.6 then you have a unit that no longer takes security updates.

Finally, X has added the ability for users to make audio and video calls from the Messages part of the mobile app. Unfortunately, according to TechCrunch, your IP address can be seen. Other apps that offer calling capability, like FaceTime, Facebook Messenger, Telegram, Signal and WhatsApp also expose IP addresses. To hide your IP address in the X app go to the Message settings and turn on Enhanced Call Privacy. Those who connect to X through a browser don’t have this problem because they can’t make audio and video calls.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, March 6, 2024 – VMware and Apple rush out security updates, a new ScreenConnect malware is found, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

AI hallucinations ended in a year? Hashtag Trending, Monday April 22, 2024

Capital Gains tax in Canada gets criticized by tech sector.  Amazon drops 100,000 jobs while vastly increasing its...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways