Ransomware could hit Microsoft 365 files, a warning to web developers and more.
Welcome to Cyber Security Today. It’s Friday June 17th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Ransomware can encrypt and render unrecoverable files saved by Microsoft’s cloud-based Office 365 suite if the files are in SharePoint or OneDrive storage. That’s according to security researchers at Proofpoint. It’s another way ransomware gangs can attack data held in the cloud, their report says. It warns IT administrators that only if they have separate backups of 365 data can they be safe from ransomware. A successful attack would start with a threat actor accessing a user’s SharePoint Online or OneDrive accounts by compromising or hijacking their login credentials. 365 allows users to save several versions of files. But if the attacker reduces the number of versions stored to a low number, such as 1, the stored files over that limit can be encrypted. Proofpoint quotes Microsoft saying it might be able to recover older versions of files before they were encrypted. There are defences against this kind of attack. They include using multifactor authentication to lower the odds of accounts being compromised by stolen passwords, backing up cloud files outside of the Microsoft 365 environment and increasing the number of restorable versions of stored data held inside 365.
Developers using the Telerik UI web application framework should be aware that a three-old year vulnerability continues to be exploited by hackers. The flaw allows the takeover of web servers built with the platform. Researchers at Sophos said the latest attempt was seen in May. While Telerik issued a patch a while ago, some systems are still at risk. One problem is the framework is embedded into custom web applications so its hard for IT managers to know if their application is vulnerable. Here’s where a software bill of goods that details what’s in an application would be useful. Sophos says applying security patches and application updates to sensitive web-facing applications will help, as well as having robust ransomware and malware protection.
Finally, in news only emerging now, police in a number of countries recently arrested 2,000 people accused of being part of call centre and email scams. The Interpol police co-operative said this week the two-month operation also froze 4,000 bank accounts and intercepted some US$50 million in illicit funds. One of those arrested was a Chinese national allegedly involved in a Ponzi scam estimated to have defrauded nearly 24,000 people of about US$34 million.
That’s it for now. But remember later today the Week in Review edition will be out. Guest commentator David Shipley and I will scrutinize Canada’s proposed new cybersecurity and data privacy laws.
Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.