Canadian propane distributor hit by ransomware, a new strain of spyware found and a wireless vulnerability detected.
Welcome to Cyber Security Today. It’s Friday, December 17th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Canadian propane gas distributor Superior Plus says it was hit by ransomware over the weekend. As a precaution some computer systems and applications were shut. So far the company has no evidence the safety or security of any customer or personal data has been compromised. Superior PLus distributes propane and related products across Canada and the U.S.
A new strain of malware is going after government departments and internet-connected industrial control systems. That’s according to a new report from researchers at Kaspersky. They say in the first 11 months of the year 35,000 computers across 195 countries were targeted by a sophisticated threat actor. The large number of engineering firms attacked suggests that industrial espionage may be one objective, says Kaspersky. The malware, called PseudoManuscrypt, gets installed by people looking for pirated software. It can steal VPN passwords, log what victims type on their computers, capture screenshots, turn on a computer’s microphone and more. Organizations have to warn staff about the consequences of downloading and executing files from unverified websites. And network connections should be restricted between systems on an operational or industrial network. That includes blocking connections on ports not required for the safety of operations.
In a recent podcast I told you about the ALPHV/BlackCat ransomware. A new report from Symantec, which calls this strain Noberus, looks deeper into the code. The report says it has no apparent weaknesses in its encryption process. That means unless IT departments have comprehensive backups they will have to pay the ransom to recover their files.
Chips in mobile devices that combine cellular, Wi-Fi and Bluetooth capabilities may be vulnerable to attacks that reveal passwords, security researchers warn. In an academic paper the researchers say the attacks work on so-called combo-chips in smartphones and other mobile devices. The bug was reported two years ago, but researchers say it hasn’t been fixed on some chips. So cautious users should remove Bluetooth pairings with devices they no longer use, delete unused Wi-Fi networks and only use cellular connections in public spaces like malls, restaurants and airports instead of Wi-Fi.
Remember later today the Week in Review podcast will be available. A guest commentator and I will talk about the log4j vulnerability and lessons learned from the ransomware attack on Ireland’s healthcare system earlier this year.
Remember links to details about podcast stories are in the text version at ITWorldCanada.com.
You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon