Monday, January 24, 2022

Cyber Security Today, Dec. 17, 2021 – Canadian propane distributor hit by ransomware, and more

Canadian propane distributor hit by ransomware, a new strain of spyware found and a wireless vulnerability detected.

Welcome to Cyber Security Today. It’s Friday, December 17th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

Canadian propane gas distributor Superior Plus says it was hit by ransomware over the weekend. As a precaution some computer systems and applications were shut. So far the company has no evidence the safety or security of any customer or personal data has been compromised. Superior PLus distributes propane and related products across Canada and the U.S.

A new strain of malware is going after government departments and internet-connected industrial control systems. That’s according to a new report from researchers at Kaspersky. They say in the first 11 months of the year 35,000 computers across 195 countries were targeted by a sophisticated threat actor. The large number of engineering firms attacked suggests that industrial espionage may be one objective, says Kaspersky. The malware, called PseudoManuscrypt, gets installed by people looking for pirated software. It can steal VPN passwords, log what victims type on their computers, capture screenshots, turn on a computer’s microphone and more. Organizations have to warn staff about the consequences of downloading and executing files from unverified websites. And network connections should be restricted between systems on an operational or industrial network. That includes blocking connections on ports not required for the safety of operations.

In a recent podcast I told you about the ALPHV/BlackCat ransomware. A new report from Symantec, which calls this strain Noberus, looks deeper into the code. The report says it has no apparent weaknesses in its encryption process. That means unless IT departments have comprehensive backups they will have to pay the ransom to recover their files.

Chips in mobile devices that combine cellular, Wi-Fi and Bluetooth capabilities may be vulnerable to attacks that reveal passwords, security researchers warn. In an academic paper the researchers say the attacks work on so-called combo-chips in smartphones and other mobile devices. The bug was reported two years ago, but researchers say it hasn’t been fixed on some chips. So cautious users should remove Bluetooth pairings with devices they no longer use, delete unused Wi-Fi networks and only use cellular connections in public spaces like malls, restaurants and airports instead of Wi-Fi.

Remember later today the Week in Review podcast will be available. A guest commentator and I will talk about the log4j vulnerability and lessons learned from the ransomware attack on Ireland’s healthcare system earlier this year.

Remember links to details about podcast stories are in the text version at ITWorldCanada.com.

You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Follow this Podcast

More Cyber Security Today