Cyber ​​Security Today, June 13, 2022: Serious bugs found in a building’s access control system, ransomware news, and more

Cyber ​​Security Today, June 13, 2022: Serious bugs found in a building’s access control system, ransomware news, and more

Serious bugs found in a building access control system, ransomware news, and more.

Welcome to Cyber ​​Security Today. It’s Monday, June 13, 2022. I’m Howard Solomon, contributing cybersecurity reporter for ITWorldCanada.com.

Vulnerabilities in IT systems it can open serious holes in an organization. The same goes for web-connected door locks. The last example, discovered by Trellix researchers, has forced building access control system provider Carrier to issue a cybersecurity warning to organizations using its LenelS2 access control panels. The researchers found eight zero-day vulnerabilities that could allow an outsider full control of the system and the ability to compromise physical security. That includes the ability to unlock any door, subvert alarms, and undermine logging and notification systems. The problem is with motherboards made by a company called HID Global Mercury, which are used in Carrier panels and other systems. Carrier has issued firmware updates and mitigations.

Linux administrators be warned of a newly discovered and hard-to-detect piece of malware. BlackBerry and Intezer researchers they have named this malware Sybiote. Instead of running as a stand-alone executable on a server, it is a shared object library that infects all running processes. That gives the attacker the functionality of the rootkit, including the ability to steal passwords and install a backdoor to provide remote access. It has been seen targeting the financial sector in Latin America, but could be used more widely by the threat actor. One protection against password theft is the use of multi-factor authentication. Monitoring network telemetry for suspicious activity will also come in handy against this malware.

there is a debate on whether organizations affected by ransomware should pay to regain access to their data. Here is a nugget of information from a Cybereason survey that can help executives make up their minds: Eighty percent of organizations that paid said they were hit by ransomware a second time. And of those, 68 percent said the attack came less than a month later. Here’s another tidbit: Nearly two-thirds of affected businesses believe the ransomware gang entered their network through a vendor or partner.

Here is more information about ransomware: Palo Alto Networks has done an analysis of the HelloXD ransomware strain, which emerged last November. It appears to be based on the leaked source code of the Babuk ransomware. However, HelloXD includes an open source backdoor that allows the attacker to explore the victim’s file system, which can help monitor the progress of the ransomware. This report includes a number of indicators of compromise that could be useful to security teams.

Finally, There are two cell phone-related privacy stories to report. Researchers at the University of California have found Bluetooth signals could be fingerprinted to track smartphones and their users. In the meantime German researchers from the University of Hamburg found that some WiFi-enabled smartphones can transmit data from networks they’ve previously connected to, including passwords and email addresses. These experiments needed to meet certain conditions to work. But they are a lesson to turn on Bluetooth and WiFi only when you are using them. Otherwise, keep them away. Also, make sure your mobile devices have the latest security updates. And if your mobile device can no longer receive security updates, it’s time to buy a new one.

That’s all for now. Remember that the links to the details about the podcast stories are in the text version on ITWorldCanada.com.

Follow Cyber ​​Security Today on Apple Podcasts, Google Podcasts, or add us to your Flash Briefing on your smart speaker.

Leave a Comment