Cyber Security Today, Week in Review for Friday, July 1, 2022

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, July 1st, 2022.

Today is Canada Day, so if you’re listening on this national holiday weekend, thanks for tuning in.



In a few minutes David Shipley of Beauceron Security will join me to discuss recent cybersecurity news. But first a review of some of the highlights from the last seven days:

Fed up with malicious botnets spreading malware, this country’s telecommunications regulator says mandatory botnet blocking will be part of the responsibilities of internet carriers here. But first the regulator will work out a framework carriers can use. David and I will discuss the implications.

We’ll also look at an advisory from the U.S. that government departments and companies subscribing to Microsoft Exchange Online should immediately switch from what’s called Basic Authentication for logging in users to the safer Modern Authentication.

A Hamilton teen who stole $48-million in cryptocurrency from an American entrepreneur by hacking his cellphone has been sentenced by a Canadian judge to one year on probation and banned from handling digital currency for a year. David will have some thoughts on the ease with which some cellphone carriers fall for SIM card swapping.

And we’ll examine what could have been a catastrophe for a Japanese city when an IT contractor lost a USB stick with personal data on all of the municipality’s 460,000 residents.

Elsewhere, the newly-formed Black Basta ransomware gang is claiming to have successfully hit 50 victims, while those behind the retiring Conti-branded gang claim to have successfully hit 46 organizations in April before dismantling their infrastructure.

The problem with claims by crooks is they are hard to confirm. For example Walmart this week denied claims by a gang saying it successfully hit the retailer. And at the time of this recording microprocessor manufacturer AMD was investigating a claim by a data theft and extortion group called RansomHouse that it stole 450 gigabytes of data from the company last year.

Security researcher Brett Callow of Emsisoft reported the Lockbit ransomware gang is finding new ways to squeeze victims to pay up. One…