{"id":23101,"date":"2022-05-23T08:23:08","date_gmt":"2022-05-23T12:23:08","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=485328"},"modified":"2022-05-25T14:58:32","modified_gmt":"2022-05-25T18:58:32","slug":"cyber-security-today-may-23-2022-a-work-from-home-warning-students-are-victims-of-ransomware-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-may-23-2022-a-work-from-home-warning-students-are-victims-of-ransomware-and-more\/","title":{"rendered":"Cyber Security Today, May 23, 2022 \u2013 A work from home warning, students are victims of ransomware, and more"},"content":{"rendered":"<p>A work from home warning, students are victims of ransomware, and more.<\/p>\n<p>Welcome to Cyber Security Today. It\u2019s Monday May 23rd, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. It\u2019s a long holiday weekend in Canada, so thanks for tuning in.<\/p>\n<p><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23190179\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\"><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>COVID-19 has forced<\/strong> many employees to work from home. But that can pose tremendous risks if IT leaders don\u2019t ensure cybersecurity policies enforced in the office are also practiced at home. The latest example of poor planning allegedly involves the U.S. government. <a href=\"https:\/\/krebsonsecurity.com\/2022\/05\/when-your-smart-id-card-reader-comes-with-malware\" rel=\"noopener\">As cybersecurity reporter Brian Krebs reports<\/a>, Washington issues smart cards to employees and defence contractors for logging into government applications, which they use from their offices with government-approved smart card readers. When COVID hit many of these people had to work from home. But they weren\u2019t issued approved card readers for use from home. Nor, apparently, did they get advice on where to buy an approved reader. At least one person turned to Amazon to buy a device that met the government\u2019s Common Access Card standard. However, a driver that was on the device manufacturer\u2019s site seems to be infected with malware. That could have led to government systems being infected. It isn\u2019t known how many federal employees in the U.S. bought compromised card readers. One lesson is if an organization requires a special login ID for employees it has to be prepared if they suddenly have to work from home.<\/p>\n<p><strong>The annual Pwn2Own hacking contest<\/strong> at Vancouver\u2019s CanSecWest conference ended Friday with<a href=\"https:\/\/www.zerodayinitiative.com\/blog\/2022\/5\/18\/pwn2own-vancouver-2022-the-results#two\" rel=\"noopener\"> 17 participants winning just over $1 million.<\/a> They did it by finding ways to evade defences in commercial software such as Windows, Ubuntu and several browsers. Winners included a team that was able to get into the infotainment system used in a Tesla Model 3 car. The contest, sponsored by Trend Micro\u2019s Zero Day Initiative, is run at a number of cyber conferences around the world to help find vulnerabilities before crooks do.<\/p>\n<p><strong>Here\u2019s another example<\/strong> of a third-party ransomware attack. An American non-profit called Battelle for Kids, which holds student data from a number of school systems across the United States, has acknowledged it was hit last year by a ransomware attack. This was revealed <a href=\"https:\/\/www.cps.edu\/globalassets\/cps-pages\/about-cps\/policies\/student-online-personal-protection-act\/battelle-for-kids-data-breach-english.pdf\" rel=\"noopener\">in a letter sent to parents<\/a> by Chicago\u2019s public school system on Friday. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ransomware-attack-exposes-data-of-500-000-chicago-students\/\" rel=\"noopener\">According to the Bleeping Computer news site,<\/a> the data of almost a half-million students in the Chicago system between 2015 and 2019 was copied by the attackers. It included their names, dates of birth and some performance scores. Data on 60,000 Chicago school board employees was also stolen. No Social Security or home addresses were stolen.<\/p>\n<p><strong>I\u2019ve reported before<\/strong> on the need of application developers to watch for malicious software packages on open source libraries like NPM. That\u2019s not the only place malware can be deposited. <a href=\"https:\/\/blog.sonatype.com\/new-pymafka-malicious-package-drops-cobalt-strike-on-macos-windows-linux\" rel=\"noopener\">Researchers at Sonatype have discovered<\/a> a malicious package in the open Python registry called PyPI. The bad package has a similar name to the legitimate library called PyKafka. Tricking victims by closely spelling a file name to a legitimate name is called typosquatting, and its common in open source registries. Earlier this month Sonatype found a file with a name similar to the popular library called \u2018colors.\u2019 Application and web developers using open source files must make sure they download and scan only legitimate files to use in their work.<\/p>\n<p><strong>Finally, <\/strong>last week Cisco Systems\u2019 Talos threat intelligence service <a href=\"https:\/\/blog.talosintelligence.com\/2022\/05\/the-blackbyte-ransomware-group-is.html\" rel=\"noopener\">published an information paper<\/a> on the BlackByte ransomware gang. One common way it infects organizations is by getting an employee to open a phishing email. But another way is by attacking unpatched applications, particularly SonicWall\u2019s VPN and Microsoft Exchange. This means chief executives have to ensure there are regular security awareness training sessions for employees, and IT leaders must have a rigorous patch management program.<\/p>\n<p>Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-may-23-2022-a-work-from-home-warning-students-are-victims-of-ransomware-and-more\/485328\">Cyber Security Today, May 23, 2022 \u2013 A work from home warning, students are victims of ransomware, and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on  being prepared for working from hone, hacking contents winners, a ransomware attack on a third-party public school data provider amd more<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-may-23-2022-a-work-from-home-warning-students-are-victims-of-ransomware-and-more\/485328\">Cyber Security Today, May 23, 2022 \u2013 A work from home warning, students are victims of ransomware, and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"author":17,"featured_media":20704,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-23101","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23101","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=23101"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23101\/revisions"}],"predecessor-version":[{"id":23230,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23101\/revisions\/23230"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/20704"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=23101"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=23101"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=23101"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}