{"id":35989,"date":"2023-02-24T15:10:05","date_gmt":"2023-02-24T20:10:05","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=529325"},"modified":"2023-02-27T09:09:16","modified_gmt":"2023-02-27T14:09:16","slug":"cyber-security-today-week-in-review-for-friday-february-24-20223","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-week-in-review-for-friday-february-24-20223\/","title":{"rendered":"Cyber Security Today, Week in Review for Friday, February 24, 20223"},"content":{"rendered":"<p data-ar-index=\"0\">Welcome to Cyber Security Today. From Toronto, this is the Week in Review edition for the week ending Friday, February 24th, 2023. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.<\/p>\n<p data-ar-index=\"1\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/26028966\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"2\">In a few minutes Terry Cutler of Montreal\u2019s Cyology Labs will be here to discuss recent news. But first a summary of some of what happened in the last seven days:<\/p>\n<p data-ar-index=\"3\"><strong>Twitter users<\/strong> will soon have to pay to get their two-factor authentication (2FA) codes by SMS. They\u2019ll have to subscribe to the premium Twitter Blue service. Is this logical? Terry and I have opinions.<\/p>\n<p data-ar-index=\"4\"><strong>More malware<\/strong> has been discovered in the open-source <a href=\"https:\/\/checkmarx.com\/blog\/how-npm-packages-were-used-to-spread-phishing-links\/\" rel=\"noopener\">NPM<\/a> and <a href=\"https:\/\/www.reversinglabs.com\/blog\/beware-impostor-http-libraries-lurk-on-pypi\" rel=\"noopener\">PyPI<\/a> code repositories. We\u2019ll ask why repository operators can\u2019t put a lid on this.<\/p>\n<p data-ar-index=\"5\"><strong>Game developer<\/strong> Activision <a href=\"https:\/\/www.hackread.com\/activision-gaming-employees-sms-phishing\/\" rel=\"noopener\">acknowledged it was hacked in Decembe<\/a>r after an employee fell for a text messaging scam. That will be part of our discussion.<\/p>\n<p data-ar-index=\"6\"><strong>In France<\/strong> <a href=\"https:\/\/www.francetvinfo.fr\/faits-divers\/escroquerie-aux-sms-de-l-assurance-maladie-les-suspects-volaient-les-numeros-de-telephone-depuis-leur-voiture_5665943.html\" rel=\"noopener\">five people were indicted<\/a> for using a device normally only accessible to police. They used it to capture hundreds of thousands of mobile phone numbers for spam.<\/p>\n<p data-ar-index=\"7\"><a href=\"https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2023-02-22-gartner-predicts-nearly-half-of-cybersecurity-leaders-will-change-jobs-by-2025\" rel=\"noopener\"><strong>And Gartner predicts<\/strong><\/a> there may be upheaval in infosec departments. Stress is causing cybersecurity leaders to re-evaluate their careers, the company said, predicting that over the next two years nearly half of them will change jobs. Terry will have some thoughts on the pressure on leaders.<\/p>\n<p data-ar-index=\"8\"><strong>Researchers at ESET<\/strong> suspect North Korea\u2019s Lazarus threat group i<a href=\"https:\/\/www.welivesecurity.com\/2023\/02\/23\/winordll64-backdoor-vast-lazarus-arsenal\/\" rel=\"noopener\">s deploying a new backdoor.<\/a> It\u2019s part of malware discovered in 2021 capable of downloading Windows binaries. The new backdoor is one of the payloads. The backdoor module collects system information and provides ways of deleting or exfiltrating files.<\/p>\n<p data-ar-index=\"9\"><strong>Fruit and salad processor<\/strong> Dole had to temporarily shut its production plants in North America earlier this month <a href=\"https:\/\/www.cnn.com\/2023\/02\/22\/business\/dole-cyberattack\/index.html\" rel=\"noopener\">because of a ransomware attack<\/a>.<\/p>\n<p data-ar-index=\"10\"><strong>And a new<\/strong> information-stealing malware is being marketed to threat actors. <a href=\"https:\/\/blog.sekoia.io\/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-1\/\" rel=\"noopener\">According to researchers at the French firm Sekoia<\/a>, the malware is called Stealc. It\u2019s similar to other code that steals data from infected computers like Vidar, Raccoon, Mars and Redline. One way Stealc is spreading is through infected software and mobile apps pretending to be utilities.<\/p>\n<p data-ar-index=\"11\"><em>(The following is an edited transcript of part of the discussion. To hear the full talk play the podcast)<\/em><\/p>\n<p align=\"left\" data-ar-index=\"12\"><strong>Howard:<\/strong> Gartner published research this week about how worn out cyber security leaders are. By 2025, it predicts, half of the cybersecurity leaders will have changed their jobs, and of them 25 per cent will just leave the IT profession for different roles entirely due to multiple work-related stressors. These include low executive support for cybersecurity and making IT focus on compliance rather than risk management. What are you hearing from cybersecurity leaders that you talk to?<\/p>\n<p align=\"left\" data-ar-index=\"13\"><strong>Terry Cutler:<\/strong> I\u2019m not sure if you\u2019ve ever seen this meme on the internet where day one of your cybersecurity job you looked like baby Yoda, and two years or three years later, you looked like 900-year-old\u00a0Yoda. The burnout\u2019s real. It\u2019s very, very, very difficult this field, especially if you\u2019re not passionate about it. You\u2019re gonna burn out even quicker. How many times have you heard folks say, \u2018Cybersecurity is paying really, really well.\u2019 But if you\u2019re a plumber, for example, and you want to switch over to cyber, it\u2019s very, very difficult. So you have to be passionate about this field to get in. But there\u2019s a lot of high pressure to manage consistent, evolving threats. Then you got limited resources and conflicting priorities.<\/p>\n<p align=\"left\" data-ar-index=\"14\">For example, you\u2019ll have issues in cybersecurity, but then other business leaders are not on the same page as you. They\u2019re not going to prioritize your requests. And that\u2019ll leave you with a sense of frustration and isolation because you\u2019ll say, \u2018This is a threat. It\u2019s a zero-day [vulnerability]. We have to deploy these patches right away.\u2019 I actually experienced this often in healthcare: There was a vulnerability out and we said let\u2019s scan the [IT] environment. I\u2019m still waiting four months later to get the approval to scan the environment for vulnerabilities. There\u2019s so much red tape in some of these companies. it\u2019s crazy. You have to wait for all the groups to be on the same page and give you permission. As an advisor and such you\u2019re always faced with these delays. And if you\u2019re not on the same page as the other folks, because they don\u2019t understand the risk level, you\u2019re just going to feel like you\u2019re banging your head against the wall. And that\u2019s why people just leave.<\/p>\n<p align=\"left\" data-ar-index=\"15\">You know what? You wanna get hacked? Don\u2019t blame me. Here, sign this paper. That\u2019s what I think CISOs are going to have to do to cover their butts: \u2018I\u2019m advising you of this threat. You don\u2019t want to do it, sign here.\u2019<\/p>\n<p align=\"left\" data-ar-index=\"16\"><strong>Howard:<\/strong> What will it take for CEOs to prevent cybersecurity leaders from leaving their company?<\/p>\n<p align=\"left\" data-ar-index=\"17\"><strong>Terry:<\/strong> CEOs need to prioritize cybersecurity as a critical business function and provide the necessary resources and support to help cybersecurity leaders be successful. The biggest is provide adequate funding. How many times do we try to do audits that are really inexpensive, that could save the company hundreds of thousands, if not millions, of dollars? It probably would\u2019ve just cost 10 grand to avoid headaches. The other thing is the CEOs need to build a cybersecurity culture. Even if the janitor has access to the network to check his email he can click on a ransomware link and infect the whole company. So everybody needs to be on the same page that cybersecurity is really important and understand if the firm gets hit with a cyber attack it could cost their jobs.<\/p>\n<p align=\"left\" data-ar-index=\"18\">One of the bigger things is to bring the CISO to the [executive] table as a respected thought leader. It\u2019s important that the CISO is able to articulate the risks. And provide career paths [for infosec leaders] \u2026 If you don\u2019t do these things you\u2019re not going to attract the top talent to your company.<\/p>\n<p data-ar-index=\"19\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-week-in-review-for-friday-february-24-20223\/529325\">Cyber Security Today, Week in Review for Friday, February 24, 20223<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode features a discussion on employees falling for SMS text scams, Twitter&#8217;s move to make users pay for SMS 2FA and burnt<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-35989","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/35989","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=35989"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/35989\/revisions"}],"predecessor-version":[{"id":36058,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/35989\/revisions\/36058"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=35989"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=35989"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=35989"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}