{"id":23324,"date":"2022-05-27T08:06:08","date_gmt":"2022-05-27T12:06:08","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=485711"},"modified":"2022-05-27T14:37:28","modified_gmt":"2022-05-27T18:37:28","slug":"cyber-security-today-may-27-2022-another-warning-to-app-developers-and-an-alleged-leader-of-a-business-email-compromise-gang-is-arrested","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-may-27-2022-another-warning-to-app-developers-and-an-alleged-leader-of-a-business-email-compromise-gang-is-arrested\/","title":{"rendered":"Cyber Security Today, May 27, 2022 \u2013 Another warning to app developers, and an alleged leader of a business email compromise gang is arrested"},"content":{"rendered":"<p>Another warning to app developers, and an alleged leader of a business email compromise gang is arrested.<\/p>\n<p>Welcome to Cyber Security Today. It\u2019s Friday May 27th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23232800\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\"><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>Another warning<\/strong> is going out to software developers using open-source packages after more compromised code was found. <a href=\"https:\/\/blog.sonatype.com\/pypi-package-ctx-compromised-are-you-at-risk\" rel=\"noopener\">According to researchers at Sonatype,<\/a> compromised versions of the popular package called \u2018ctx\u2019 began appearing in the Python language PyPI registry this week. Developers using \u2018ctx\u2019 in their applications should check if they have an infected version. In addition, someone has created a fork of the PHP language package called \u2018phpass\u2019 found in the GitHub repository. The purpose of both compromises would be to steal passwords. On Monday I told listeners that a malicious package in the PyPI with a similar name to the legitimate package called PyKafka had been found. Again, these incidents stress the importance for developers to check the validity of any components they download for inclusions in their apps.<\/p>\n<p><strong>Police in Nigeria<\/strong> <a href=\"https:\/\/www.interpol.int\/News-and-Events\/News\/2022\/Suspected-head-of-cybercrime-gang-arrested-in-Nigeria\" rel=\"noopener\">have arrested<\/a> a man they say is behind a gang running international business email compromise scams. It\u2019s the latest move under what police call Operation Delilah to fight these types of scams, which usually trick employees into wiring money to a bank account controlled by crooks. <a href=\"https:\/\/unit42.paloaltonetworks.com\/operation-delilah-business-email-compromise-actor\/\" rel=\"noopener\">Researchers at Palo Alto Networks<\/a> noted that 11 alleged members of this gang were arrested in December. At the time the alleged leader fled Nigeria. However, he was arrested trying to get back into the country.<\/p>\n<p><strong>Wanna download<\/strong> a cracked video game or pirated movie? You can, but the odds are you\u2019ll also be hacked. The latest example comes from <a href=\"https:\/\/redcanary.com\/blog\/chromeloader\/\" rel=\"noopener\">researchers at Red Canary,<\/a> who found malware that hijacks victims\u2019 browsers in such phony files. Why? So victims will be redirected from wherever they want to go to advertising websites. The lesson: You get what you pay for. Only in this case if you pay for nothing, you may get trouble.<\/p>\n<p>That\u2019s it for now \u2014 but remember later today the Week in Review edition will be out. Guest Terry Cutler of Cyology Labs will join me to discuss the latest move by the Conti ransomware gang.<\/p>\n<p>Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-may-27-2022-another-warning-to-app-developers-and-an-alleged-leader-of-a-business-email-compromise-gang-is-arrested\/485711\">Cyber Security Today, May 27, 2022 \u2013 Another warning to app developers, and an alleged leader of a business email compromise gang is arrested<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on more compromised open-source packages found, and the arrest of an alleged leader of a business email compromise gang\u00a0<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-may-27-2022-another-warning-to-app-developers-and-an-alleged-leader-of-a-business-email-compromise-gang-is-arrested\/485711\">Cyber Security Today, May 27, 2022 \u2013 Another warning to app developers, and an alleged leader of a business email compromise gang is arrested<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"author":17,"featured_media":20709,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-23324","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23324","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=23324"}],"version-history":[{"count":2,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23324\/revisions"}],"predecessor-version":[{"id":23358,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23324\/revisions\/23358"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/20709"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=23324"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=23324"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=23324"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}