A warning to tighten security on Kubernetes containers, and more.
Welcome to Cyber Security Today. It’s Friday, November 24th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
Organizations aren’t taking enough care to protect sensitive data held in Kubernetes containers. Researchers at Aqua Security Software say hundreds of organizations and open-source projects they discovered online allow access to secrets like passwords and digital tokens. These include commercial firms and blockchain companies. The problem is employees creating Kubernetes containers may upload them to publicly available online repositories — like GitHub — where they may be hacked. Corporate data, personal data and even source code could be at risk. The solution: Train staff allowed to create Kubernetes containers in proper cybersecurity procedures, including how to encrypt data and the use of a secrets management tool.
The Kansas Supreme Court says an attacker is threatening to release data stolen last month from its IT systems. The documents include administration files, court case records on appeal and some confidential data. Lawyers are still unable to file documents electronically because of the cyber attack.
A North Korean threat group is believed to be behind the compromise of software made by a Taiwan multimedia application firm called CyberLink. Researchers at Microsoft say a CyberLink application installer was modified to download malware. It can fool defences because the digital file is signed for authentication with a valid digital certificate issued to CyberLink. That certificate has now been flagged as bad. CyberLink makes applications such as the PowerDVD multimedia player and the Director Suite 365 video/photo editor. Over 100 devices have been impacted in the U.S., Canada, Japan and Taiwan.
In another small victory for law enforcement, the U.S. Justice Department has seized nearly US$9 million in Tether cryptocurrency from crooks who ran romance and cryptocurrency scams. Victims were convinced to make crypto deposits by pretending they were investing in trusted firms.
Charities aren’t immune to cyber attacks. Just over 35,000 people involved with Big Brothers Big Sisters of America are being notified their personal information was stolen in a cyber attack last March. This not-for-profit organization finds adults to mentor at-risk boys and girls. Data stolen includes names, Social Security numbers, dates of birth, drivers licence numbers, payment card numbers medical and health insurance information.
Just over 30,000 current and former employees of an Arizona county school district are being notified of a data breach. Pinal County Superintendent’s Office said stolen information including names, Social Security numbers and bank account numbers of staff and their dependents may have been stolen in the September cyber incident. According to a news report, the attack was ransomware.
Finally, those of you running Mac laptop and desktop computers should be wary of fake Safari or Chrome browser update requests suddenly appearing on your screens. According to researchers at Malwarebytes, if you download the so-called update it infects computers with a piece of malware called ClearFake. It steals information like passwords. Until this week ClearFake was being distributed through malicious ads. Now the creators are also using infected websites that make a message appear on screens saying you need to update your browser. Anyone getting a request like that — either on their mac, Windows, Android or Apple smartphone device — should resist the urge to click on the ‘Update’ button. Only update any software through the approved home site of the app manufacturer.
Later today the Week in Review podcast will be available. Guest commentator Terry Cutler of Cyology Labs and I will discuss Australia’s decision not to make ransomware payments illegal.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.