Patching, data breaches and a spoiled racing car announcement.
Welcome to Cyber Security Today. It’s Monday, March 8th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com
Users of D-Link and Citrix network devices as well as those using the Liferay Portal for managing that company’s applications are being urged to patch their products immediately. This follows the discovery of a new botnet exploiting their vulnerabilities. This is particularly important because the D-Link and Citrix bugs date back to 2019 and patches have been issued. A security company called 360Netlab says the botnet is using a variant of the Gafgyt family of malware. It’s not only exploiting the three vulnerabilities, it also taking advantage of weak remote login passwords using the Telnet protocol. Network administrators who use Telnet need to make sure their employees’ passwords are strong. Botnets are chains of hacked devices used to spread malware.
Network administrators who use certain types of Cisco Systems’ ISR routers and Edge Platforms are being urged to install the latest software updates. This comes after the discovery of a vulnerability in the Snort detection engine that could allow a denial of service attack.
I’ve reported on a number of data breaches through vulnerabilities in an enterprise file transfer application made by Accellion. Accellion also operates a secure email service. CBC News has discovered that last month one of its customers, the Nova Scotia Health Employees’ Pension Plan, began notifying plan members its email system was compromised. Someone got into the system between November and January and may have copied data including current and former health employees’ names, addresses, dates of birth, social insurance numbers, salaries and other information. Unfortunately, the breach took place as the plan was preparing to update its systems, including more rigorous security and the use of two-factor authentication to protect logins.
On Friday I told you that personal information of members of Malaysia Airlines’ frequent flier program was copied after a data breach at a third-party IT provider. This breach is bigger than that. The data breach was at a company called SITA, which processes passenger data for a number of airlines. Finland’s Finnair, Air New Zealand, Japan’s All Nippon and Japan Airlines, South Korea’s Jeju Air and Singapore Airlines have all notified passengers they may be affected. It isn’t clear how much personal data is involved. Some airlines are saying it’s only data from their frequent flyer programs, and limited to passenger names and program status. They say credit card or passport numbers are not involved.
A U.S. non-profit that provides insurance and benefits to members of the military, has been hacked. The American Armed Force Mutual Aid Association has started notifying over 161,000 members that someone got into its systems in January, according to the news services Databreaches.net. Information that could have been copied includes members names, addresses, Social Security numbers and bank account information.
Finally, mischief-makers with time on their hands ruined a planned augmented reality announcement of the Williams Formula 1 racing team on Friday. Traditionally F1 teams make a big deal around this time of the year publicizing the new designs of their cars for the season. Williams wanted to unveil their car online with a snappy 3D presentation. It distributed an app for fans to use before the announcement. However, someone was able to get the car image from the app and leaked it. So the team had to do more traditional publicity. It isn’t clear if the app was hacked or the image wasn’t properly protected. Either way, it’s a lesson for software developers.
That’s it for today. Links to details about these stories are in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.