Canadian cybersecurity agency and FBI issue advisory over rising 'Truebot' cyber attacks
CTV
The Canadian Centre for Cyber Security has issued a joint advisory with the FBI and other U.S. agencies about increasing attacks from 'Truebot' malware.
The Canadian Centre for Cyber Security has issued a joint advisory with the FBI and other U.S. agencies about increasing attacks from "Truebot" malware.
According to the July 6 alert, hackers are using a vulnerability in security software to access computer networks at organizations in Canada and the U.S. in order to steal sensitive data for financial gain. The company behind the compromised software says more than 7,000 organizations rely on what's known as Netwrix Auditor, including clients from the insurance, financial, healthcare and legal sectors.
"A security program, in order for it to work, requires high levels of access, so if it gets compromised… the attackers won," Anil Somayaji, an associate professor of computer science at Carleton University in Ottawa, told CTVNews.ca over the phone on Thursday. "It's the worst kind of vulnerability in very sensitive software that's deployed in precisely those places where they care about security."
Texas-based Netwrix is urging customers to upgrade the software and ensure that systems running it are disconnected from the internet.
"This vulnerability may permit an attacker to execute arbitrary code on a Netwrix Auditor system that is exposed to the internet, contrary to deployment best practices," Netwrix chief security officer Gerrit Lansing said in a statement to CTVNews.ca. "In turn, an attacker will be able to run enumeration attacks and conduct privilege escalation attempts in an infiltrated network. Both activities – enumeration and privilege escalation – are at the core of any cyber-attack."
The Netwrix Auditor is marketed as a digital tool that organizations can use to "detect security threats, prove compliance and increase IT team efficiency."
"Minimize IT risks and proactively spot threats," the Netwrix Auditor website advertises. "Reduce the risk to your critical assets by identifying your top data and infrastructure security gaps and exposing loose permissions."
Northvolt AB has filed for bankruptcy protection in the United States, but said the move will not jeopardize the manufacturer's planned electric vehicle battery plant in Quebec — though hundreds of millions of taxpayer dollars invested in the parent company could be lost.
A popular series of Murphy beds that had been sold online is under a recall in Canada and the U.S. after several reported instances of the furniture detaching from walls.
Even though sales of electric vehicles aren't growing as fast as in past years and President-elect Donald Trump may ditch tax credits for EV buyers, automakers are moving ahead with new models that should appeal to mainstream buyers.
Countries of the world took turns rejecting a new but vague draft text released early Thursday which attempts to form the spine of any deal reached at United Nations climate talks on money for developing countries to transition to clean energy and adapt to climate change.
The Canadian Space Agency (CSA) is inviting Canadians to choose the name of the first Canadian Lunar Rover.
A Dallas anesthesiologist was sentenced Wednesday to 190 years in prison for injecting a nerve-blocking agent and other drugs into bags of intravenous fluid at a surgical center where he worked, leading to the death of a coworker and causing cardiac emergencies for several patients.
CTVNews.ca wants to hear from digital nomads who have taken up location-independent jobs and can work from anywhere with an internet connection.
In Canada a car is stolen every six minutes, though some vehicles are more sought after than others.
A major storm swept across the northwest U.S., battering the region with strong winds and rain, causing widespread power outages and downing trees that killed at least one person.
SpaceX on Tuesday launched another Starship rocket, but passed up catching the booster with giant mechanical arms.
Caring for a senior pet is no walk in the park, especially when the pet can't walk at all. A Colorado woman was shocked to find her dog's wheelchair missing from the porch Tuesday morning