Brampton, Ontario First "Cyber Talent" City; Ransomware Hits Maryland Health and Argentine ISP; WordPress XSS Flaw

Five hundred Brampton, Ontario, students are getting a head start on preparing for computer science and cybersecurity careers during COVID-19 through the Catalyst Cyber Camp, a public-private partnership of Rogers Communications, the City of Brampton, Ryerson, and Cybersecure Catalyst. This first-of-its-kind camp provides free, online programming to youth ages 13-18 in Brampton, Ontario, through the city and its community partners. Campers engage in up to 400 hours of cutting-edge games, activities, and puzzles of increasing complexity while learning how to solve security challenges, write computer programs, and find flaws in web sites. The students compete to collect points along the way and win prizes. Top performers will be recognized by city and business leaders for their success in the camp and learning new skills.

Read more in

Computer systems/network at Lorien Health Services, an eldercare and nursing services organization in Maryland, was hit with Netwalker ransomware in June. The attackers stole and encrypted data. Lorien did not pay the ransom, and the malware's operators began posting the stolen data online. The compromised information includes names, Social Security numbers, and medical diagnoses and treatments. The incident affects close to 50,000 people.

Read more in

Internet service provider Telecom Argentina's internal network was hit with Sodinokibi (REvil) ransomware on Saturday, July 18. The operators are demanding a payment of $7.5 million. The ransomware affected more than 18,000 workstations. The attack did not affect Internet connectivity, telephony, or cable, but some company websites have been unavailable since Saturday. Telecom Argentina has not issued a statement; employees have been sharing information about the incident on social media.

Read more in

A cross-site scripting vulnerability in the All in One SEO Pack WordPress plug-in could be exploited to hijack websites. The plugin has been installed more than two million times. The developers have fixed the problem in All in One SEO Pack version 3.6.2.

Read more in

Twitter has released more information about a hack that took over high profile accounts to use in a cryptocurrency scam. After the hackers managed to gain access to Twitter's internal system, they used Twitter's tech support tools to target 130 accounts. They changed passwords of 45 accounts and downloaded data from eight accounts.

Read more in

The Emotet botnet, which has been dormant since early February 2020, has re-emerged. On Friday, the botnet became active again, sending spam in an attempt to infect new users with the malware using malicious Word and Excel documents.

Read more in

Thousands of F5 BIG-IP network devices remain unpatched against a critical vulnerability that is being actively exploited. F5 released fixes late last month. In a July 3 tweet, US Cyber Command urged users to apply the fixes as soon as possible. Proof of concept exploits started appearing on July 5. Researchers say that as of July 15, there were roughly 8,000 installations that had not been updated.

Read more in

The Magento ecommerce platform has begun offering two-factor authentication. Adobe says that it is "supporting (and in some cases requiring) two-factor authentication (2FA) across multiple areas of the Magento ecosystem:" Magento.com accounts, Cloud Admin, and Magento Admin. 2FA is now an option for Magento.com accounts and will be an option for Cloud Admin with the release of Magento 2.4. In both instances, users must enable the feature as it will not be enabled by default. 2FA will be enabled by default in Magento Admin starting in version 2.4; it cannot be disabled.

Read more in

The UK's Department of Health has admitted that it launched its COVID-19 test and tracing effort without conducting a Data Protection Impact Assessment (DPIA) as required by the general data protection regulation (GDPR). The Open Rights Group, a digital rights organization, says that the acknowledgment means the program "has been operating unlawfully since its launch on 28th May 2020." The organization that runs the test and trace program says it is working to complete the DPAI.

Read more in

Cloudflare says that a network outage on Friday, July 17 was caused by an error in a router configuration update. When the problematic update was applied, "a router on [Cloudflare's] global backbone announced bad routes and caused some portions of the network to not be available." The outage lasted less than half an hour and affected only certain geographic areas.

Read more in

Israel's Water Authority said that two more of its water management facilities were targeted by cyberattacks in June. Another attack targeting Israeli water treatment systems was reported in April. The Israel National Cyber-Directorate have issued an alert, urging water treatment facilities to change passwords for Internet-connected equipment, and recommending that they take systems offline if they cannot change passwords.

Read more in

A 21-year-old individual from Cyprus has been extradited to the US to face charges of conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud and identity theft, and extortion related to a protected computer. Joshua Polloso Epifaniou allegedly hacked into websites, stole data, and threatened to leak the data if he did not receive payment. He arraignment was scheduled for Monday, July 20, 2020.

Read more in

Microsoft will no longer support Transport Layer Security (TLS) 1.0 and 1.1 in Office 365 after October 15, 2020. Microsoft initially intended to make the change sooner but pushed back the cutoff date due to COVID-19.

Read more in