{"id":36054,"date":"2023-02-27T07:33:43","date_gmt":"2023-02-27T12:33:43","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=529772"},"modified":"2023-02-27T09:07:36","modified_gmt":"2023-02-27T14:07:36","slug":"cyber-security-today-feb-27-2023-more-lessons-from-the-russia-ukraine-cyber-war-a-us-medical-lab-fined-after-theft-of-old-data-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-feb-27-2023-more-lessons-from-the-russia-ukraine-cyber-war-a-us-medical-lab-fined-after-theft-of-old-data-and-more\/","title":{"rendered":"Cyber Security Today, Feb. 27, 2023 \u2013 More lessons from the Russia-Ukraine cyber war, a US medical lab fined after theft of old data, and more"},"content":{"rendered":"<p data-ar-index=\"0\">More lessons from the Russia-Ukraine cyber war, a US medical lab fined after theft of old data, and more.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Monday, February 27th, 2023. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/26051661\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"3\">The first-year anniversary of the Russian invasion of Ukraine has <a href=\"https:\/\/www.itworldcanada.com\/article\/the-russia-ukraine-cyber-war-one-year-later\/529359\" rel=\"noopener\">spawned a lot of analysis of the cyber side of the war<\/a>. One, <a href=\"https:\/\/www.reliaquest.com\/blog\/russia-ukraine-war-3-cyber-threat-effects-1-year-in\/\" rel=\"noopener\">from researchers at Florida-based ReliaQuest<\/a> caught my eye. It has two conclusions about cyberattacks on businesses that information security pros should think about. First, some cybercrime groups are keeping their allegiance to Russia quiet. This is because after the Conti ransomware group said it was on the side of Russia, a Ukrainian security researcher leaked their communications in retaliation. As a result the gang\u2019s operations were impaired. It allegedly has disbanded. Other cybercrooks that support Russia learned the lesson. They\u2019re quiet about that support. The conclusion: Criminals are no longer focused on just chasing your firm\u2019s money when they chose targets. Second, hacktivists aligned with Russia represent one of the biggest cyber threats to most businesses, the report says. These are groups launching distributed denial of service attacks. Both conclusions complicate things for security teams looking to attribute where attacks come from. My advice: Attribution is less important than a multi-layered defence. Crooks may have chosen your firm because it has revenue. Or because your government supports Ukraine.<\/p>\n<p data-ar-index=\"4\"><strong>An unknown threat actor<\/strong> is using the Discord messaging platform to host ransomware and malware sent to unsuspecting victims. <a href=\"https:\/\/www.menlosecurity.com\/blog\/purecrypter-targets-government-entities-through-discord\/\" rel=\"noopener\">According to researchers at Menlo Security,<\/a> many of the targets are government departments in North America and the Asia Pacific regions. A typical attack starts with an email inviting a victim to click on a link to an app on Discord. The link goes to a malicious password-protected zip file. When opened it downloads malware. Lesson: Employees must regularly be reminded to not trust links in messages, especially if they\u2019re the \u2018Hey, try this.\u2019 variety.<\/p>\n<p data-ar-index=\"5\"><strong>In January,<\/strong> IBM issued a patch to close a serious vulnerability in its Aspera Faspex file transfer tool. The hole serious enough that the <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/02\/21\/cisa-adds-three-known-exploited-vulnerabilities-catalog\" rel=\"noopener\">U.S. government has added<\/a> the bug to its catalog of known vulnerabilities being exploited by threat actors. US civilian government departments have until March 14th to install the patch. If your IT department uses this utility and hasn\u2019t installed the update yet, do it fast.<\/p>\n<p data-ar-index=\"6\">By the way, also added to the patching catalog are two vulnerabilities to Mitel\u2019s MiVoice communications platform.<\/p>\n<p data-ar-index=\"7\"><strong>An American lab<\/strong> that does DNA testing has agreed to pay US$200,000 to two U.S. states as a result of a data breach in 2021. The lab, DNA Diagnostics Centre, failed to properly use reasonable data security measures to protect sensitive personal information, <a href=\"https:\/\/www.attorneygeneral.gov\/taking-action\/acting-ag-henry-secures-400000-settlement-with-dna-diagnostics-center-after-data-breach-exposed-pennsylvanians-personal-info\/\" rel=\"noopener\">the attorney generals of Ohio and Pennsylvania said.<\/a> A hacker was able to copy and exfiltrate 28 databases. The thing is, those databases \u2014 which included patients\u2019 social insurance numbers \u2014 dated back to a 2012 acquisition of a competitor. The lab didn\u2019t realize it still had those databases. Lesson: You can\u2019t secure your organization if you don\u2019t know where all your data is. Or prevent it from being fined for the theft of data you don\u2019t know you have.<\/p>\n<p data-ar-index=\"8\"><strong>News Corp.,<\/strong> which owns Fox News, the Wall Street Journal and other media outlets, has admitted a data breach it discovered this month began as far back as two years ago. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/news-corp-says-state-hackers-were-on-its-network-for-two-years\/\" rel=\"noopener\">The Bleeping Computer news site says<\/a> attackers got names, dates of birth, social security numbers, drivers licence numbers, passport numbers, financial and medical information on some employees. The attackers also accessed email and document storage systems. The suspicion is the attacker is affiliated with China and the goal was spying.<\/p>\n<p data-ar-index=\"9\"><strong>Scammers continue<\/strong> getting away with putting deceptive ads with links on search engines like Chrome. These ads fool unsuspecting victims who give away personal or financial information. One of the latest victims is journalist and author Cory Doctorow. <a href=\"https:\/\/twitter.com\/doctorow\/status\/1628948926941507584\" rel=\"noopener\">He admitted on Twitter<\/a> he was recently fooled by what he thought was a search engine link to his favourite Los Angeles-area takeout restaurant. He ordered a meal on the fake site, which sent the order to the real site \u2014 but secretly added 15 per cent to the tab. Luckily the restaurant spotted something wrong and canceled the order. But there are two questions: First, why can\u2019t search engines do a better job at detecting fake ads, and second, how did a credit card company get fooled? For those who don\u2019t know, an ad on a search engine looks like a description and link to a legitimate website. But if you look closely the word \u2018ad\u2019 or \u2018sponsored\u2019 will appear beside the company\u2019s name. When people search for a product, relevant ads appear at the top of the results. You\u2019ve got to to think carefully if you want to click on them.<\/p>\n<p data-ar-index=\"10\"><strong>Finally,<\/strong> can you trust the privacy descriptions developers write about their apps in Google\u2019s Play Store? Maybe not, <a href=\"https:\/\/foundation.mozilla.org\/en\/blog\/mozilla-study-data-privacy-labels-for-most-top-apps-in-google-play-store-are-false-or-misleading\/\" rel=\"noopener\">say researchers at Mozilla.<\/a> They looked at 40 popular free and paid apps to see if their data collection policies align with what was disclosed on Google\u2019s Data Safety Forms. Those are the descriptions that people who use the Play Store see. There were significant discrepancies between the apps\u2019 own privacy policies and what shows on the Play Store, the report says. This is similar to a finding about apps in the Apple Store, the Washington Post found in 2021. Lesson: No app store platform is responsible for what app developers write about their products. In fact, if you look closely Google and Apple say that. Mozilla suggests platforms that distribute apps require developers to follow a standard disclosure form, just like companies that make packaged food have to put a Nutrition Facts label on their products.<\/p>\n<p data-ar-index=\"11\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"12\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-feb-27-2023-more-lessons-from-the-russia-ukraine-cyber-war-a-us-medical-lab-fined-after-theft-of-old-data-and-more\/529772\">Cyber Security Today, Feb. 27, 2023 \u2013 More lessons from the Russia-Ukraine cyber war, a US medical lab fined after theft of old data, and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on Discord being used to host malware, a data breach at News Corp. the abuse of search engine ad<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-36054","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/36054","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=36054"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/36054\/revisions"}],"predecessor-version":[{"id":36057,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/36054\/revisions\/36057"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=36054"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=36054"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=36054"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}