Friday, October 22, 2021

Cyber Security Today, Oct. 6, 2021 – Misconfigurations, link shortening, ransomware operators arrested and more

Misconfigurations, link shortening, ransomware operators arrested and more

Welcome to Cyber Security Today. It’s Wednesday October 6th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Misconfiguration of applications and servers is in the news this week because of the hours-long outage at Facebook, Instagram and WhatsApp. As of the recording of this podcast it’s still not known exactly why there was an ‘oopsy’ moment.

But it won’t be the last. Here’s another: Researchers at security firm Intezer said this week that some IT staff or developers running the Apache Airflow platform are guilty of misconfiguring it, leaving firms open to being hacked. Airflow is an open-source workflow management platform used by application developers. What Intezer researchers found were misconfigured instances of Airflow that exposed passwords of users on Amazon Web Services, Pay Pal, Slack and other cloud services. In these cases the problem was bad application coding that could reveal passwords. But researchers also found sensitive data of companies in a wide range of industries through their misconfigured Airflow instances. Organizations using Airflow should upgrade to the latest version, which is more secure. Only authorized staff should be allowed to use it. IT departments should investigate software that can spot misconfigurations and issue alerts.

Separately, Apache has released a security patch for its HTTP Web Sever. It closes a hole in version 2.4.49 in the application. The new version ends in .50.

One more ‘oopsy’ moment. This one was committed by the British newspaper The Telegraph. Security researcher Bob Diachenko discovered a misconfigured and unprotected database of information with subscribers’ names, email addresses and other things. The Bleeping Computer news service says the number of victims could be between 600 and 1,200 people.

Many of you know that hackers hide malicious links to bad websites by using URL shortening services. So rather than include a link in an email with a long — and obviously fake – internet address, the crook uses a shortening service like bitly. Smart people know to be wary of short links. Crooks have caught on to this and are now using short links created by LinkedIn. That’s because LinkedIn automatically shortens long links. Researchers at Avanan figured this out. So be careful before clicking on links that include ‘lnkd.in.’ – particularly if you expect the link to go to a company or document.

News emerged this week that two prolific ransomware operators were arrested in September in Ukraine. The announcement came from the Europol police co-operative, which said police in Ukraine, France and the FBI were involved. The group is suspected of having committed a string of attacks against large industrial companies in Europe and North America in the past 18 months. In addition to seizing cash and two luxury vehicles, police also froze $1.3 million in cryptocurrencies.

The operators of the White House Market, a dark web underground marketplace for trading illegal goods, say they’ve shut the site down. According to the news site The Record, the operators posted a note saying they reached their goals and are retiring. On the other hand, the note also says the gang may come back with a different project.

That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Follow this Podcast

More Cyber Security Today