Ukraine leaks details of advanced Russian reactors, a package manager warning to software developers and another processor vulnerability found
Welcome to Cyber Security Today. It’s Monday March 14th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
As the war in Ukraine continues there’s been an interesting development: Ukraine says has hacked and leaked plans for Russia’s leading fast-breed nuclear reactor. According to blogger Jeffrey Carr, author of the book Inside Cyber War, a number of countries are trying to build fast-breed reactors. If the leaked documents are valuable to reactor researchers, they could allow companies to more quickly build these efficient nuclear power plants. That could dilute the number of countries Russia could sell its technology to. On the other hand, the economic sanctions Russia is now facing because of the war is already reducing global customers for almost any product it makes. Carr also told SC Magazine that the leak has another interesting strategic benefit: It didn’t harm the power station or the electricity it delivers to Russians. Meanwhile the news site The Record reports cyberattacks continue to impair Ukraine’s internet providers from giving service to their customers.
Norwood Clinic, which has a number of medical offices in Alabama, is notifying all of its 228,000 patients of a data breach that happened last fall. In a regulatory filing the health provider said it couldn’t determine exactly what the hackers accessed, so it is notifying every patient and giving them free credit monitoring. The files that were accessed had patients’ names, contact information, dates of birth, Social Security numbers, driver’s licence numbers and some of their health information.
Computer games developer Ubisoft has admitted suffering a “cyber security incident” earlier this month. The attack caused temporary disruption to some games and systems, it said. As a precaution all users were forced to create new passwords. As of last Thursday there was no evidence any player’s personal information was accessed, the company said. Ubisoft’s games include Far Cry, the Tom Clancy series and Rainbow Six.
Attention software developers: Vulnerabilities have been found in eight open-source package managers. These are tools used to manage and download what are called third-party dependencies, which are components needed to make an application work. However, researchers at SonarSource discovered vulnerabilities in the Composer, Bundler, Bower, Poetry, Yarn, pnpm, Pip and Pipenv package managers. If hackers contaminate third-party dependencies, they could be spread in applications through the package managers. Then the app could be used to take over an organization’s network and steal data. Some of the eight vulnerable package managers have been patched. SonarSource reminds developers to treat all third-party code they want to add to their applications or toolkits as dangerous unless they are thoroughly scanned. There are more detailed recommendations in the blog. There’s a link in the text version of this podcast.
An Android mobile app pretending to be the McAfee anti-virus application is circulating. It’s a new variant of malware that steals a users’ bank login credentials from their smartphone. According to security researchers at Cyble, what makes it dangerous is this new version also steals data from the Google Authenticator app, used for secure two-factor login authentication into bank accounts, email and business services. It’s vital Android smartphone users only download apps from the Google Play store. Apple iPhone, Watch and iPad users should only download apps from the Apple store. Google and Apple try hard to screen apps listed in their stores. You take your chances downloading apps from anywhere else.
Finally, four years ago security researchers began reporting on memory vulnerabilities in Intel, AMD and ARM processor chips. Called speculative execution problems, they’ve been given nicknames like Spectre and Meltdown. Microprocessor and operating system manufacturers have been issuing patches to try to fix the problems for a while. However, security researchers at a university in Amsterdam have discovered a way around existing protections for the Spectre bug. That has forced Intel, AMD and ARM to release another round of software updates and mitigations to application and operating system makers. One solution for Linux administrators is to disable a capability called unprivileged eBPF and enable Supervisor-Mode Access Prevention (SMAP). There are more detailed recommendations in the researcher’s blog. There’s a link in the text version of this podcast at ITWorldCanada.com
You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.