Cyber Security Today, Week in Review for Friday, Nov. 26, 2021
Welcome to Cyber Security Today. It’s the Week in Review edition for the week ending Friday November 26th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
In a few minutes Dinah Davis, the Canadian-based vice-president of research and development at managed service provider Arctic Wolf will be with me for a discussion. But first a look back at some of the news from the past seven days:
GoDaddy, one of the biggest internet hosting providers, has admitted that a compromised password led to the hack of its managed WordPress service. The email addresses of up to 1.2 million active and inactive WordPress customers were copied. Worse is that usernames and passwords for a number of subscribers to the hosted service were exposed, forcing GoDaddy to make those users reset their passwords. Dinah and I will discuss this incident.
Windows administrators were warned to watch for suspicious changes in users’ access privileges. This comes after a researcher released proof of concept code for a new Windows zero-day vulnerability. If a person has access to a computer they may be able to easily upgrade their privileges to administrator using the exploit. Cisco Systems says hackers are already trying to take advantage of the vulnerability.
How fast can a hacker find an improperly protected server or database open to the internet? Sometimes, within hours. This is according to a report released this week on a test by Palo Alto Networks. It set up a number of honeypots on the internet to discover what happens. Dinah and I will discuss what the company calls shocking results that are a lesson for IT managers.
The Conti ransomware gang has suffered a temporary blow. Researchers at the Swiss cybersecurity firm called Prodaft published a report this week saying they managed to get into the group’s payment portal. They came away with valuable information for law enforcement agencies and IT security teams. According to one news service Conti briefly had to take down the portal, which is where ransomware victims make payments. It’s back online.
Organizations running network protection devices from FatPipe have been warned to install the latest software updates. They…