Cyber Security Today, July 25, 2022 – Public hearings on the Rogers outage begin in the present day, a knowledge breach at Entrust and patches issued for SonicWall and Confluence merchandise | IT World Canada News


Public hearings on the Rogers outage begin in the present day, a knowledge breach at Entrust and patches issued for SonicWall and Confluence merchandise.

Welcome to Cyber Security Today. It’s Monday July twenty fifth, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

 

A televised parliamentary listening to begins this morning into the reason for this month’s big Rogers web and wi-fi outage. First up might be Industry minister François-Philippe Champagne and officers from his division. They could also be questioned concerning the effectiveness of the federal government’s work with Rogers and different telcos on emergency preparedness. The authorities established the Canadian Telecom Resiliency Working Group years in the past to assist telcos work on community resiliency.

Next up might be Rogers officers, who might be requested concerning the root reason behind the July eighth collapse of service. I’ve a narrative summarizing a prolonged Rogers clarification to the telecom regulator, the CRTC. In that doc Rogers blamed the outage on a upkeep replace that deleted a routing filter, which brought on its web site visitors distribution routers to be overloaded. But Rogers additionally insists the whole lot finished earlier than the code was put in was well-tested, validated and adopted established procedures. In the general public model of the Rogers submission there may be a proof of the basis trigger. But the CRTC, which launched the doc, blanked that part out. It additionally blanked out the part the place Rogers explains what it’s doing to forestall a repeat of the crash. Those blanks could also be stuffed in in the course of the listening to.

Rogers might also be requested why there was an obvious single level of failure in its community design, and why solely now’s it working to segregate its wi-fi and web networks.

Also scheduled to testify are CRTC officers, who could also be requested if its oversight failed as a result of Rogers wi-fi subscribers couldn’t name 911 when its community went down.

Finally, different specialists will testify about their view of how the dearth of competitors amongst Canadian telecom suppliers may need contributed to the outage.

The listening to begins at 11 a.m Eastern time and might be carried on the parliamentary channel, CPAC (which is the cable public affairs channel), and different retailers.

Entrust, one of many greatest suppliers of digital id safety and safe cost options, has been hit by a knowledge breach. According to the Bleeping Computer news service, the assault occurred final month. Entrust prospects, which embrace governments and companies, have been advised earlier this month. It isn’t recognized if solely Entrust company knowledge was stolen or if buyer knowledge was additionally concerned. The news service quotes a safety trade govt saying a ransomware gang received into Entrust’s system by shopping for and utilizing compromised login credentials of Entrust workers.

On Friday morning’s podcast I advised you a couple of new model of the Qakbot malware that seems to be a Microsoft Write file. Researchers at Cyble have found the gang additionally has one other trick for distributing and putting in its malware. Victims who’re fooled into clicking on an contaminated attachment will obtain a password-protected zip file. When the sufferer tries opening the file it seems to be an Acrobat PDF doc. There’s a equipped password the sufferer has to make use of to view the file. If they try this malware will get put in. Employees need to continuously be reminded of the hazards of clicking on hyperlinks in emails and be educated to identify suspicious hyperlinks. IT safety groups have to ensure their antivirus and antimalware options can spot this type of assaults.

SonicWall has issued an pressing patch for a flaw in its Global Management System software program for managing the corporate’s firewalls, electronic mail safety and distant entry gadgets. This fixes an SQL injection vulnerability. SonicWall recommends administrators install the patch immediately.

Microsoft has resumed default blocking of Visual Basic for Applications workplace macros obtained over the web. It had quickly stopped the safety precaution, aimed a stopping contaminated macros from routinely working. Now it has updated its advice for IT directors about choices they’ve for blocking macros by way of a Group Policy. End customers will see a clearer message {that a} probably harmful macro has been blocked.

Finally, Atlassian, which makes the Confluence crew collaboration suite, has warned firms there’s a significant vulnerability within the Questions for Confluence app. Not all corporations use this functionality. But in the event that they do and they’re migrating knowledge to the Confluence Cloud there’s an account that will get created that features a hardcoded password to the customers group. That will enable anybody understanding the place to seek out the password to view and edit non-restricted messages. Now that this vulnerability is understood directors have to put in a patch. Note that if the Questions for Confluence app has been uninstalled the vulnerability should still be there. Check the Confluence advisory for particulars on techniques.

That’s it for now Remember hyperlinks to particulars about podcast tales are within the textual content model at ITWorldCanada.com. That’s the place you’ll additionally discover different tales of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing in your sensible speaker.





Source link

Comments are closed.