{"id":28629,"date":"2022-09-19T08:10:09","date_gmt":"2022-09-19T12:10:09","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=503642"},"modified":"2022-09-19T09:11:35","modified_gmt":"2022-09-19T13:11:35","slug":"cyber-security-today-sept-19-2022-bell-division-recovering-from-ransomware-a-handy-browser-utility-causes-trouble-and-a-vulnerability-in-microsoft-teams","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-sept-19-2022-bell-division-recovering-from-ransomware-a-handy-browser-utility-causes-trouble-and-a-vulnerability-in-microsoft-teams\/","title":{"rendered":"Cyber Security Today, Sept. 19, 2022 \u2013 Bell division recovering from ransomware, a handy browser utility causes trouble, and a vulnerability in Microsoft Teams"},"content":{"rendered":"<p data-ar-index=\"0\">Bell division recovering from ransomware, a handy browser utility causes trouble, a vulnerability in Microsoft Teams and more.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Monday, September 19th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/24411936\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"3\"><strong>A division of Bell Canada<\/strong> is still dealing with the effects <a href=\"https:\/\/www.bell.ca\/Mobility\/Bell-Technical-Solutions-cybersecurity-alert\" rel=\"noopener\">of a ransomware attack<\/a>. The website of Bell Technical Solutions, which installs internet and phone services in homes and small businesses in Ontario and Quebec, was still down on Sunday when this podcast was recorded. The Hive ransomware gang says it got into systems and copied data in August. Bell says the names, addresses and phone numbers of an unspecified number of customers who booked appointments were copied. It also says no information such as credit or debit card numbers, banking or financial data was accessed in the incident. A Bell spokesperson didn\u2019t answer my question about how the attacker got past Bell defences.<\/p>\n<p data-ar-index=\"4\">The Hive ransomware group is also believed to be responsible for a recently-disclosed attack on a New York ambulance service. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-york-ambulance-service-discloses-data-breach-after-ransomware-attack\/\" rel=\"noopener\">The Bleeping Computer news service says<\/a> it\u2019s seen information to make the connection with Hive. Patient names, insurance information and in some cases Social Security numbers were copied when Empress EMS was hacked in May. The ransomware was launched in July.<\/p>\n<p data-ar-index=\"5\"><strong>The desktop version<\/strong> of the Microsoft Teams collaboration application has a security hole, <a href=\"https:\/\/www.vectra.ai\/blogpost\/undermining-microsoft-teams-security-by-mining-tokens\" rel=\"noopener\">say researchers at Vectra AI<\/a>. The application stores authentication tokens in clear text, making it vulnerable to attack if a threat actor gets hold of them. One possibility is that a hacker can bypass multifactor authentication. The researchers say Microsoft is aware of the issue but isn\u2019t immediately fixing the app. So, they say, IT administrators should consider using the web-based version of Teams until the desktop version is updated. Linux administrators should note that support for Teams for Linux will end in December. Apparently the problem is in the Microsoft Electron framework used in Teams. So Vectra recommends developers using Electron make sure OAuth tokens are security stored.<\/p>\n<p data-ar-index=\"6\"><strong>Even the most helpful<\/strong> utilities on your computer can be a security threat. <a href=\"https:\/\/www.otto-js.com\/news\/article\/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords\" rel=\"noopener\">According to researchers at an application security provider called Otto<\/a>, the enhanced spellcheck features for the Google Chrome and Microsoft Edge browsers are risky. If you enter a password into an online form \u2014 like a login page \u2014 and ask the site to show the password that information will be sent to Google or Microsoft for no good reason. Some websites such as AWS and the LastPass password manager have mitigated this vulnerability. The solution is for IT administrators to disable enhanced spell check in the Settings section of the browsers for all employees. Organizations should also consider disabling the \u2018show password\u2019 capability in their login pages, although this is supposed to be a feature to help people make sure they type in the right password.<\/p>\n<p data-ar-index=\"7\"><strong>Municipalities and buildings<\/strong> that use the Kingspan TMS300 CS water tank management system have been warned it has a serious vulnerability. The system allows maintenance experts to monitor tank levels through an app, an online portal or emails. However, a security researcher <a href=\"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-22-256-04\" rel=\"noopener\">reported to the U.S. Cybersecurity and Infrastructure Security Agency<\/a> that the system doesn\u2019t properly restrict access to endpoints. An attacker could modify water tank settings without authenticating. Managers whose infrastructure uses this system should contact Kingspan for advice.<\/p>\n<p data-ar-index=\"8\"><strong>Here\u2019s an update<\/strong> from<a href=\"https:\/\/www.itworldcanada.com\/article\/uber-worker-allegedly-gave-password-to-an-it-impersonator\/503339\" rel=\"noopener\"> Uber on a data breach reported last week<\/a>. The company says there is no evidence the incident involved access to sensitive user data, such as trip history. Uber hasn\u2019t said what was accessed.<\/p>\n<p data-ar-index=\"9\"><strong>Finally,<\/strong> your glasses may be a security risk if you\u2019re on a business video call. <a href=\"https:\/\/arxiv.org\/abs\/2205.03971\" rel=\"noopener\">University researchers in China and the U.S. say<\/a> webcams can pick up the reflection of a computer screen in the glasses people are wearing under certain circumstances. Tests in a controlled lab show a system can be built with 75 per cent accuracy that can read text from that reflection if the font is big enough. If what\u2019s on screen is sensitive corporate or personal data, that could be valuable to a threat actor. And, the researchers say, as higher-resolution webcams come on the market the risk could get bigger.<\/p>\n<p data-ar-index=\"10\">Remember links to details about podcast stories are in the text version at ITWorldCanada.com.<\/p>\n<p data-ar-index=\"11\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"12\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-sept-19-2022-bell-division-recovering-from-ransomware-a-handy-browser-utility-causes-trouble-and-a-vulnerability-in-microsoft-teams\/503642\">Cyber Security Today, Sept. 19, 2022 \u2013 Bell division recovering from ransomware, a handy browser utility causes trouble, and a vulnerability in Microsoft Teams<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on a ransomware attack at a Bell Canada unit, why users should avoid a browser spell check utilit<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-28629","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/28629","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=28629"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/28629\/revisions"}],"predecessor-version":[{"id":28649,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/28629\/revisions\/28649"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=28629"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=28629"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=28629"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}