Ten-year prison term for hacker group manager, watch for these attacks against universities and more.
Welcome to Cyber Security Today. It’s Monday April 19. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
An American court has sentenced a Ukrainian man to 10 years in prison for his role in the hacking and credit card theft group called FIN7 by researchers. The man was a manager and systems administrator for the group. He was arrested in Germany in 2018 and extradited to the U.S. In 2019 he pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking. FIN7 is also called Carbanak Group or Navigator Group by researchers. According to the Justice Department, FIN7 has more than 70 people who are hackers, malware developers, creators of phishing messages or have other duties. It is alleged the group caused over a billion dollars in losses in the U.S. alone.
Cyber attacks on universities and schools around the world have been increasing. Among the latest victims is the University of Hertfordshire in England, which last week had to cancel online classes, access to email and to critical business systems. But these aren’t the only kinds of attacks the education sector faces. According to a report on the news site The Record, university students and faculty in the U.S. are also getting emails with fake job offers. The offer is for an executive assistant position. It asks recipients to tell the company about bit about themselves and why they should be considered for a job. The goal is to get personal information that can be used in hacking. In one case the crook impersonated being an official from a legitimate company. In other cases the crook impersonated the head of a university department. Always be careful with email messages asking for personal information.
Software developers using a tool called Codecov to help find defects in their code are urged to re-roll any credentials, tokens or keys in their environment that used a Codecov Bash uploader. This comes after the discovery this month that someone had modified the company’s Bash Uploader script. The Bash Uploader sends reports to the application. A threat actor could have exported information in a users’ continuous integration environment as far back as January 31st. Codecov users should check if their Bash Uploader was compromised. There’s a link with more information on how to do that here.
Finally, a number of vulnerabilities have been found in popular software by researchers at Positive Security. These include the LibreOffice and OpenOffice productivity suites, the VLC media player, the Telegram text message app, the Nextcloud file hosting suite, the Wireshark network protocol analyzer and the Mumble open source voice chat app. Some of these have been patched or will be shortly. Make sure you’re running the latest versions, and look for more security updates soon.
That’s it for today. Links to details about podcast stories are in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.