{"id":25946,"date":"2022-07-25T08:01:42","date_gmt":"2022-07-25T12:01:42","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=494305"},"modified":"2022-07-25T08:55:47","modified_gmt":"2022-07-25T12:55:47","slug":"cyber-security-today-july-25-2022-public-hearings-on-the-rogers-outage-start-today-a-data-breach-at-entrust-and-patches-issued-for-sonicwall-and-confluence-products","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-july-25-2022-public-hearings-on-the-rogers-outage-start-today-a-data-breach-at-entrust-and-patches-issued-for-sonicwall-and-confluence-products\/","title":{"rendered":"Cyber Security Today, July 25, 2022 \u2013 Public hearings on the Rogers outage start today, a data breach at Entrust and patches issued for SonicWall and Confluence products"},"content":{"rendered":"<p data-ar-index=\"0\"><strong>Public hearings<\/strong> on the Rogers outage start today, a data breach at Entrust and patches issued for SonicWall and Confluence products.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Monday July 25th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23840966\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"3\">\n<p data-ar-index=\"4\"><strong>A televised parliamentary hearing starts<\/strong> this morning into the cause of this month\u2019s huge Rogers internet and wireless outage. First up will be Industry minister Fran\u00e7ois-Philippe Champagne and officials from his department. They may be questioned about the effectiveness of the government\u2019s work with Rogers and other telcos on emergency preparedness. The government established the Canadian Telecom Resiliency Working Group years ago to help telcos work on network resiliency.<\/p>\n<p data-ar-index=\"5\">Next up will be Rogers officials, who will be asked about the root cause of the July 8th collapse of service.<a href=\"https:\/\/www.itworldcanada.com\/article\/public-explanation-of-rogers-outage-has-lots-of-blanks\/494150\" rel=\"noopener\">\u00a0I have a story summarizing a lengthy Rogers explanation<\/a> to the telecom regulator, the CRTC. In that document Rogers blamed the outage on a maintenance update that deleted a routing filter, which caused its internet traffic distribution routers to be overloaded. But Rogers also insists everything done before the code was installed was well-tested, validated and followed established procedures. In the public version of the Rogers submission there is an explanation of the root cause. But the CRTC, which released the document, blanked that section out. It also blanked out the section where Rogers explains what it is doing to prevent a repeat of the crash. Those blanks may be filled in during the hearing.<\/p>\n<p data-ar-index=\"6\">Rogers may also be asked why there was an apparent single point of failure in its network design, and why only now is it working to segregate its wireless and internet networks.<\/p>\n<p data-ar-index=\"7\">Also scheduled to testify are CRTC officials, who may be asked if its oversight failed because Rogers wireless subscribers couldn\u2019t call 911 when its network went down.<\/p>\n<p data-ar-index=\"8\">Finally, other experts will testify about their view of how the lack of competition among Canadian telecom providers might have contributed to the outage.<\/p>\n<p data-ar-index=\"9\">The hearing starts at 11 a.m Eastern time and will be <a href=\"https:\/\/parlvu.parl.gc.ca\/Harmony\/en\/PowerBrowser\/PowerBrowserV2?fk=11791037\" rel=\"noopener\">carried on the parliamentary channel<\/a>, <a href=\"https:\/\/www.cpac.ca\/house\" rel=\"noopener\">CPAC<\/a> (which is the cable public affairs channel), and other outlets.<\/p>\n<p data-ar-index=\"10\"><strong>Entrust,<\/strong> one of the biggest providers of digital identity protection and secure payment solutions, has been hit by a data breach. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/digital-security-giant-entrust-breached-by-ransomware-gang\/\" rel=\"noopener\">According to the Bleeping Computer news service<\/a>, the attack happened last month. Entrust customers, which include governments and businesses, were told earlier this month. It isn\u2019t known if only Entrust corporate data was stolen or if customer data was also involved. The news service quotes a security industry executive saying a ransomware gang got into Entrust\u2019s system by buying and using compromised login credentials of Entrust employees.<\/p>\n<p data-ar-index=\"11\"><strong>On Friday morning\u2019s podcast<\/strong> I told you about a new version of the Qakbot malware that appears to be a Microsoft Write file. <a href=\"https:\/\/blog.cyble.com\/2022\/07\/21\/qakbot-resurfaces-with-new-playbook\/\" rel=\"noopener\">Researchers at Cyble<\/a> have discovered the gang also has another trick for distributing and installing its malware. Victims who are fooled into clicking on an infected attachment will download a password-protected zip file. When the victim tries opening the file it appears to be an Acrobat PDF document. There\u2019s a supplied password the victim has to use to view the file. If they do that malware gets installed. Employees have to constantly be reminded of the dangers of clicking on links in emails and be trained to spot suspicious links. IT security teams have to make sure their antivirus and antimalware solutions can spot this kind of attacks.<\/p>\n<p data-ar-index=\"12\"><strong>SonicWall has issued<\/strong> an urgent patch for a flaw in its Global Management System software for managing the company\u2019s firewalls, email security and remote access devices. This fixes an SQL injection vulnerability. <a href=\"https:\/\/www.sonicwall.com\/support\/notices\/security-notice-sonicwall-gms-sql-injection-vulnerability\/220613083124303\/\" rel=\"noopener\">SonicWall recommends administrators install the patch immediately.<\/a><\/p>\n<p data-ar-index=\"13\"><strong>Microsoft has resumed<\/strong> default blocking of Visual Basic for Applications office macros obtained over the internet. It had temporarily stopped the security precaution, aimed a preventing infected macros from automatically running. <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/microsoft-365-blog\/helping-users-stay-safe-blocking-internet-macros-by-default-in\/ba-p\/3071805\" rel=\"noopener\">Now it has updated its advice<\/a> for IT administrators about options they have for blocking macros through a Group Policy. End users will see a clearer message that a potentially dangerous macro has been blocked.<\/p>\n<p data-ar-index=\"14\"><strong>Finally<\/strong>, Atlassian, which makes the Confluence team collaboration suite,<a href=\"https:\/\/confluence.atlassian.com\/doc\/questions-for-confluence-security-advisory-2022-07-20-1142446709.html\" rel=\"noopener\"> has warned firms<\/a> there\u2019s a major vulnerability in the Questions for Confluence app. Not all companies use this capability. But if they do and they are migrating data to the Confluence Cloud there\u2019s an account that gets created that includes a hardcoded password to the users group. That will allow anyone knowing where to find the password to view and edit non-restricted messages. Now that this vulnerability is known administrators have to install a patch. Note that if the Questions for Confluence app has been uninstalled the vulnerability may still be there. Check the Confluence advisory for details on systems.<\/p>\n<p data-ar-index=\"15\">That\u2019s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That\u2019s where you\u2019ll also find other stories of mine.<\/p>\n<p data-ar-index=\"16\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"17\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-july-25-2022-public-hearings-on-the-rogers-outage-start-today-a-data-breach-at-entrust-and-patches-issued-for-sonicwall-and-confluence-products\/494305\">Cyber Security Today, July 25, 2022 \u2013 Public hearings on the Rogers outage start today, a data breach at Entrust and patches issued for SonicWall and Confluence products<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This podcast has a backgrounder on today&#8217;s public hearing on the Rogers outaage<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-25946","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/25946","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=25946"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/25946\/revisions"}],"predecessor-version":[{"id":25961,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/25946\/revisions\/25961"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=25946"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=25946"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=25946"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}