Published: November 6th, 2020
Warning for Asterisk phone system administrators, U.S. tries to get control over a $1 billion criminal bitcoin account and beware of election-related malware.
Welcome to Cyber Security Today. It’s Friday November 6th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
Network administrators in organizations that run the Asterisk VoIP phone system are being urged to install the latest patches. This is because a serious vulnerability has been found in the open-source Sangoma PBX management system. If exploited an attacker can get admin access and control over the phones, says Checkpoint Software.
Then hackers sell-off phone numbers, call plans and live access to compromised systems to the highest bidders. Those people use the access for their own purposes, including eavesdropping on phone calls, hacking into a corporate network or launching cyberattacks on other targets. One way attackers are getting is through is by brute force attacks on administrator login accounts. That means IT managers have to make sure these login passwords are complex and if possible protected by two-factor authentication. So far about 1,000 systems have been hacked in 20 countries, including the United States, the Netherlands and the U.K.
Five years ago the founder of the Silk Road dark web marketplace was sent to an American prison for life for facilitating drug deals and other crime. But what happened to the millions of dollars the operation allegedly made? Well, it may end up in the hands of U.S. prosecutors. The Justice Department this week got a court order to seize an account with about $1 billion dollars in bitcoin. It alleges that an unnamed person had hacked and stolen money from Silk Road before it was closed down. Earlier this year authorities were able to track down that person, and track down that bitcoin account. Prosecutors still have to prove that the bitcoin has to be forfeited as a proceed of crime.
If you have an Apple device look for a new security update. Version 14.2 has been released to patch several vulnerabilities.
More ransomware attacks. The latest victim is the Italian beverage maker Campari Group. According to a press release the company is trying to restore its systems, although five days after the attack its website was still offline. And Japanese game developer Capcom, maker of the Street Fighter and Resident Evil games, has suffered a cyberattack that is reportedly ransomware.
I’ll be talking about ransomware with Terry Cutler of Cyology Labs on the Week In Review edition of this podcast later this afternoon.
And finally, with the final result of the U.S. presidential election still to be decided hackers will likely try to take advantage of people’s interest by sending out election-themed email, texts and social media posts with malicious attachments. According to security firm Malwarebytes, one campaign has a catchy theme of ‘election interference.’ Usually after clicking on the attachment victims are asked to enable editing so the document or spreadsheet can be seen. Don’t be fooled by messages with attachments, particularly those that have a news events theme and come from strangers.
That’s it for this edition of Cyber Security Today. Links to details about these stories are in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Later today the Week In Review podcast will be available to listen to on your way home or on the weekend.
Subscribe to this podcast on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.