Cyber Security Today, June 7, 2024 – More news about Snowflake attacks, and a warning to better protect Docker containers

Share post:

More news about Snowflake attacks, and a warning to better protect Docker containers.

Welcome to Cyber Security Today. It’s Friday June 7th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for TechNewsday.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

There’s more news about the outbreak of attacks on organizations that use the Snowflake data storage and analytics service. Snowflake says the problem is customers aren’t enabling the use of multifactor authentication as an extra protection for logins. But where are crooks getting credentials to log into Snowflake accounts? Apparently they’re buying them. Reporters at TechCrunch discovered thieves are selling hundreds of alleged stolen Snowflake login credentials of users that subscribe to the service. Snowflake is urging users to enable multifactor authentication.

Later today on the Week in Review edition of the podcast guest commentator David Shipley of Beauceron Security and I discuss the attacks on firms that use Snowflake.

Another issue we’ll look at are continuing privacy concerns about Microsoft’s new Recall tool. According to The Register, at a Boston cybersecurity conference this week Microsoft’s chief scientist brushed aside worries of cybersecurity and privacy experts about the capability. If enabled, Recall takes and stores snapshots every five seconds of a user’s screen on certain new models of Windows 11 PCs. Although Microsoft says the data will be stored locally and encrypted, researchers doing tests on preview versions found the data is unencrypted and therefore easy to steal.

Poorly-protected Docker containers are being exploited to install cryptocurrency miners. The warning comes from researchers at Trend Micro. The unnamed attackers are doing this by first taking advantage of exposed Docker remote API servers. Then they install Docker images from the open-source Commando project. Commando creates Docker images on demand for developers. There are a couple of things container administrators should do to prevent this: Containers and APIs must always be properly configured to prevent being compromised. IT departments should make sure only official or certified container images are in their environments. And containers shouldn’t be run with root privileges.

Researchers at Synopsys are warning of a serious flaw in the Google Chrome extension called EmailGPT. The app helps people using Gmail to write better messages by using OpenAI’s GPT artificial intelligence. However a bug allows a hacker to do nasty things, including steal email messages. Synopsys tried and failed to get a response to its findings for the past 90 days. So it released the warning. The app has been downloaded 87,000 times.

There’s more evidence that hackers are getting more data with every theft. According to the Privacy Commissioner of Canada’s just-released annual report, in a recent 12-month period businesses reported 693 data breaches affecting about 25 million accounts of Canadians. By comparison almost the same number of data breaches reported the year before involved only about half as many accounts.

And the province of British Columbia says an unnamed country may have broken into email accounts of 22 employees. CBC News says the announcement follows news that the government is investigating an attempt to break into its IT systems in April.

Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

Cyber Security Today, Week in Review for week ending Friday, June 14, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, June 14th,...

A conversation with Senator Colin Deacon: Driving innovation in Canada’s government. Hashtag Trending, the Weekend Edition

Senator Colin Deacon has brought a fresh perspective to the Canadian Senate, leveraging his background as a startup...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways