Why a hacker created a fake conference website after the event, and more.
Welcome to Cyber Security Today. It’s Monday, October 16th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
Not all hacking gangs keep the same strategy. Take the Clop/Cl0p ransomware group, for example. In addition to ransomware attacks in the past year it’s found gold stealing data by exploiting vulnerabilities in file transfer applications like Progress Software’s MOVEit. Another example is a gang researchers at Trend Micro call Void Rabisu RAB-IS-OO. Early in its life it was behind ransomware attacks for profit. Then it hacked targets in Ukraine and EU politicians. A new report says one of its latest tactics was to go after those who attended or were interested in the June meeting of the Women Political Leaders Summit in Belgium. In August, after the conference, the gang set up a look-alike website hoping to lure and attack people of influence. How? Well, the fake website offered photos supposedly from the conference that those who were there might like to download. However, those who did also downloaded a backdoor into their computers. There are a couple of lessons: One is threat attackers are conniving sons-of-guns. The other is the rule of basic cybersecurity awareness training: Be aware of where you go on the internet. The URL of the real conference site ended in .com, the fake site ended in .org.
Microsoft has launched an AI bug bounty program. It’s offering up to US$15,000 for vulnerabilities in AI components in its Bing and Edge browsers such as Bing Chat, Bing Image Creator as well as in Skype mobile apps. Submissions will be reviewed under the same terms as the Microsoft 365 bounty program. Note that for public sector employees who make successful submissions the bounty goes to the government department. This rule is to make sure the payment doesn’t violate the gifts and ethics rules of a government agency.
OrthoAlaska, a group of orthopedic providers in Alaska, is notifying over 161,000 patients that personal data it held was stolen a year ago. It took until last month for the company to find all current addresses of victims so they could be notified. Data stolen could have included a patient’s date of birth, driver’s licence or state identification, social security number, payment card number, medical information and more.
A British financial regulator has fined credit rating agency Equifax the equivalent of about US$13 million over a data breach in 2017. The Financial Conduct Authority levied the fine because Equifax failed to manage and monitor the security of data it sent for processing to head office in the U.S. The breach allowed hackers to access the personal data of just under 14 million people. The authority said the hack was entirely preventable. Worse, Equifax headquarters knew of the data theft but didn’t tell the UK division for six weeks — and then only minutes before headquarters announced it.
Finally, Juniper Networks has released patches for more than 30 vulnerabilities in its Junos OS and Junos Evolved operating systems. Network admins with Juniper equipment should evaluate the impact of these vulnerabilities and patch accordingly.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.