Cyber Security Today, March 23, 2022 – Satellite disruption investigated, HP printers need updating, and more

Satellite disruption investigated, HP printers need updating, and more.

Welcome to Cyber Security Today. It’s Wednesday, March 23rd, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

The U.S. continues to look into the disruption of the European services of the Viasat satellite communications provider on the eve of the Russian invasion of Ukraine. At a press conference Monday deputy national security adviser for cyber Anne Neuberger told reporters intelligence agencies are still investigating what happened. Last week the Cybersecurity and Infrastructure Security Agency warned all satellite communications providers to watch for intrusions in the wake of the Viasat attack. News reports say some customer modems that connect to the satellite’s internet service stopped working. Ukraine’s military is one of the customers. On Monday Viasat’s chairman told CNBC he couldn’t say who was behind the attack. On Tuesday the internet monitoring service NetBlocks said Viasat’s KA-SAT network in Europe was still heavily impacted.

Attention printer administrators: HP has issued security advisories for three vulnerabilities in a wide range of its devices. They must be patched immediately. They include Color LaserJet Enterprise, Pro, Flow and Managed printers as well as Deskjet, OfficeJet Pro and DesignJet printers.

Earlier this month Dell warned IT departments of multiple vulnerabilities that had to be patched in the BIOS firmware of a number of products. These included Alienware, Edge Gateway, Inspirion, Vostro, Latitude, Wyse and XPS devices. This week security researchers at a code analysis called Binarly, who discovered the bugs, explained the background. It’s another example, the company said, of a variants of a particular vulnerability that was discovered in 2016 but is still found in computing devices today. The company argues device manufacturers aren’t examining their source code thoroughly enough.

Finally, I’ve warned before that crooks often are able to sneak malware-filled utilities and games into Google’s Android app store. The latest example of bad app was found by researchers at Pradeo. It had been downloaded over 100,000 times. The app is called Craftsart Cartoon Photo Tools. It purports to be a legitimate photo editing app with a similar name. But this version has an Android trojan that forces users to log in with their Facebook username and password. There’s no logical reason for that, except for stealing Facebook credentials. Which is what it does. This app has now been deleted from the Play Store, but it may still be available on third-party app sites. Google tries hard to screen apps for malware, but some slip through the checks.

Remember links to details about podcast stories are in the text version at ITWorldCanada.com.

You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Follow this Cyber Security Today

More Cyber Security Today