The year starts with confirmation of more data breaches.
Welcome to Cyber Security Today. It’s Wednesday, January 5th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
The new year started with a clean calendar for many listeners. Unfortunately it also started as it ended last year by continuing a long list of confirmed data breaches. Here’s a few of them:
Broward Health, which runs a hospital and clinics in Fort Lauderdale, Florida, has begun notifying over 1.3 million patients and staff that their personal information was compromised in an October data breach. The information included names, dates of birth, address, phone numbers, financial or bank account information, Social Security numbers, insurance information and account number, medical information, driver’s license numbers and email address. In a statement the institution said it was hacked through a third-party medical provider it uses.
The city of Montreal’s tourism agency has confirmed it was recently hacked. The Kurakurt gang has taken credit for this, as well as 10 other recently victimized organizations in Canada and the U.S. You can find my news story on this here.
Unscrambled passwords of 7.3 million users of the DatPiff website for those who like to listen to and exchange free mixtapes are now available for any crook to use. The Bleeping Computer news service says the database of credentials was offered for sale at the end of November, but a crook is now giving it away. It isn’t clear when the database was stolen. Bleeping Computer believes it was an old backup held by DatPiff. Regardless, DatPiff users should change their passwords.
Just over a month ago security researchers warned IT departments to start scanning for and patching vulnerabilities if they have the Apache Log4j2 libraries in their applications. While remediation has been going on for weeks, Microsoft warned on Monday that threat actors continue hunting the internet for organizations that haven’t been patching fast enough. And as the year closed Crowdstrike said it believes a China-based threat group it dubs Aquatic Panda is using a modified version of a log4j2 exploit.
A security researcher is warning iPhone and iPad users of a vulnerability he says Apple has been slow to fix. Briefly, an attacker with access to a device could change settings and do anything, including install ransomware. Apple has promised a fix. Until it’s released, Apple device users should be careful handling email messages that purport to come from Apple services or products that use Apple’s HomeKit framework.
Finally, if your organization allows the use of the Telegram messaging app be aware that an infected version is circulating. According to researchers at Minerva Labs, the app called “Telegram desktop.exe” installs several attack tools, including the Purple Fox Rootkit. The report doesn’t say how the bad app is distributed, but usually malware gets included in links in text and email messages promising to be a legitimate application, or they get downloaded from unapproved app stores.
That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon