A company’s slip may have led to a hack, free AI and incident response advice, and more.
Welcome to Cyber Security Today. It’s Friday, November 17th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
The hackers behind the recent theft of data from the Plume home and small business Wi-Fi service credit the company for their success. According to the news site HackRead, the hackers call themselves MonkeyInject. They opened an account on the X platform to tweet that they compromised the company through the password of a former employee that hadn’t been deleted when they left the company this year. The gang didn’t explain how they got the credentials. But it’s a reminder that the second an employee leaves IT has to cancel their network access.
The U.S. Cybersecurity and Infrastructure Security Agency has released a Roadmap for Artificial Intelligence Applications. It’s a guide for how the agency will use responsibly create and use AI systems and prevent the malicious use of AI. Organizations looking to develop their own AI guidelines could use this document as a blueprint.
By the way, last week the CISA and the Federal Emergency Management Agency published a guide for emergency managers who have to deal with cybersecurity incidents. It’s aimed at helping emergency managers develop cyber incident response plans to, as the agencies put it, prevent a bad day from becoming worse.
Hospitals in New York State would have to establish a cybersecurity program and take proven steps to assess internal and external cybersecurity risks under new proposed regulations. Hospitals would also have to appoint a chief information security officer, force all staff to use multifactor authentication when accessing the IT network remotely, and run tests of their incident response plans to ensure patient care continues while IT systems are restored. There will be a period for public comments before the proposed regulations are finalized. They wouldn’t come into force until 2025.
Malware isn’t the only thing that can be hiding in open-source packages on the NPM, PyPI and other repositories. There’s also protestware. This is code with scripts that make messages pop up on your screen. A report this week from ReversingLabs notes the latest example of protestware has a message of support for Palestinians. The code isn’t malicious, but it is a distraction for app developers.
You may have seen TV ads for or even used the services of Stanley Steemer, a house cleaning company. The Ohio company is notifying almost 67,000 customers their personal information was copied by a hacker earlier this year. Data stolen included credit or debit card numbers along with security codes.
A bank with branches in Nebraska and Colorado is notifying over 23,000 customers of a data theft. Adams Bank and Trust says hackers copied financial account numbers or credit/debit card numbers of customers along with associated security codes, access codes, passwords or PIN numbers for their accounts. The hack took place in May. Initially an investigation found no evidence that any data had been copied. But in September the bank realized some customer files were accessed.
Finally, Black Friday is a week from today, followed by Cyber Monday. Possibly great online sales are already being offered — and also ads created by crooks for non-existent products that capture your payment card data and passwords. Bitdefender reminds shoppers not to be fooled by email, text or social media offers just because they have brand names of shopping platforms like Amazon, Walmart and Target. If a deal is too good to be true, it’s probably a fake.
Later today the Week in Review podcast will be out. Guest commentator Terry Cutler and I will discuss how an unpatched vulnerability led to the compromise of energy company firewalls in Denmark, voice fraud and still more news about ransomware.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.