An alert to energy companies, a warning to Linux administrators and more. Welcome to Cyber Security Today. It’s Monday, September 5th, 2022.
Today is Labour Day in Canada, the U.S. and a number of other countries. Thanks for tuning in on the holiday and I hope you’re enjoying the long weekend.
Energy companies around the world are increasingly being targeted by threat actors. The latest victims are an Italian company called Eni, and the Italian agency which oversees the country’s electricity market. The BlackCat ransomware gang says it stole 700 GB of data from that agency. Eni hasn’t said what the impact was on its attack, only that the company detected unauthorized network access.
These incidents follow the attack last month on the Greek natural gas provider DESFA. The Ragnar Locker ransomware gang has taken credit for that attack.
With energy prices around the world climbing as a result of the Russian invasion of Ukraine,. threat actors may be considering energy companies as vulnerable targets.
Ransomware attacks on Linux servers are increasing, IT administrators have been warned. The alert comes in the midyear threat analysis roundup from researchers at Trend Micro. A new ransomware variant dubbed Cheerscrypt has been detected that targets VMware ESXi servers. That’s helped the 75 per cent increase in attacks on Linux systems in the first half of the year.
The San Francisco 49ers football club has begun notifying more than 20,000 subscribers that their names and Social Security numbers were stolen in a data breach in February. According to the cyber news site The Record, the BlackByte ransomware gang has taken credit for the attack.
The parent company of the Snapchat app has agreed to a US$35 million settlement to resolve a class action lawsuit. According to CNET, users weren’t asked for written consent before collecting and storing facial recognition and other biometric information in violation of Illinois state law. This follows a US$92 million settlement with TikTok over claims it violated U.S. federal and Illinois law over the alleged collection and disclosure to third parties of biometric data without consent of users.
Just over a week ago I told you about a phishing scam targeting users of the Python-language open source repository of packages called PyPI. In a follow-up, researchers at SentinelOne and Checkmarx have dubbed the threat actor behind this scam “JuiceLedger.” Not only is this hacker trying to trick developers into giving away their usernames and passwords, they are also uploading malware-compromised packages into the repository hoping developers will include them in their projects. The malware will then spread when the applications are adopted by organizations. This, again, is a reminder to any developer who uses code and libraries from outside sources to closely scan them for vulnerabilities before releasing their software.
Finally, users of the Chrome browser should note Google is releasing an update to fix what it describes as a high-severity issue. The latest version starts with 105 and ends with .102. There’s also a security update for Microsoft’s Edge browser. The latest version starts with 104 and ends in .81.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.