Risky Biz News: 68 tech companies sign up to CISA's Secure by Design project
06:24 Share

Tech companies sign up to CISA's Secure by Design project. The European Parliament discloses a data breach. Another major US healthcare chain gets hacked. And F5 patches yet more bugs. This is Risky Business News, prepared by Katalin Kimpanu and read by me, Claire Aird. Today is the 10th of May, and this podcast episode is brought to you by Thinkst, the makers of the much-loved Thinkst Canary.

In today's top story, 68 of the world's largest tech companies have signed a voluntary pledge to design and release products with better built-in security features. The pledge is part of CISA's Secure by Design initiative, a project the agency started last year to promote better cybersecurity baselines and practices.

Signatories include the likes of Amazon, Google, Microsoft and HPE. The companies have agreed to release products with better defaults, MFA support and ongoing security maintenance. They also pledged to overhaul coding practices to avoid classes of vulnerabilities and to run vulnerability disclosure programs.

In other news, a threat actor has hacked a recruitment platform used by the European Parliament. The hack earlier this year impacted around 8,000 individuals who applied for jobs through the European Parliament's People platform. The platform was primarily used to hire temporary staff.

Tech giant Dell is notifying customers of a security breach. The company says a threat actor gained access to one of its systems and stole customer data, including names, addresses and purchases. Dell is disclosing the breach 10 days after a threat actor began selling the personal details of 49 million Dell customers.

The government of Canadian province British Columbia has suffered a security breach that impacted several of its IT networks. Officials have asked all government employees to change their passwords. Premier David Eby says the government is working with Canada's Cyber Security Agency to investigate the hack and promised to provide additional details at a later date.

A cyber attack is disrupting healthcare services at hospitals and clinics across the US. The incident impacts healthcare provider Ascension, which operates 140 hospitals and 40 senior living facilities across the US. The company is diverting new patients to other hospitals as it restores IT systems. Ascension says it's working with a security firm to investigate the incident. The company is one of the nation's leading non-profit Catholic health providers.

Ukraine's military hackers claim to have carried out an attack against Russian enterprise software maker 1C company. The attack affected 1C's cloud platform and remote work services, crippling Russian companies that rely on them. This marks the fourth cyber attack claimed by Ukraine's Defense Intelligence Main Directorate in the past month.

Russian hackers hijacked Latvian TV station Balticom to broadcast a Moscow military parade. Balticom says the hack affected a content partner in Bulgaria and that its core network was not breached. This is the second time in a month that Russian hackers hijacked Latvian TV after a similar incident at TV station Tet in mid-April.

A Chinese hacking group has hijacked more than 800 solar power monitoring devices across Japan. The incident took place at the start of May and targeted devices made by Japanese company Contech. A local blogger says the hacked devices were used as proxies in a financial fraud campaign.

A Chinese criminal group named Bogus Bazaar is operating a network of more than 75,000 fake online stores designed to defraud customers. Over 850,000 customers have lost money or had their payment card details stolen. According to SR Labs, the vast majority of victims are from Western Europe and the USA. The security firm released a tool named Fake Shop Finder to help users check if an online store is part of the Bogus Bazaar network.

Networking equipment maker F5 has released a security update for 16 vulnerabilities in its products. The most critical are two bugs in Next Central Manager, a platform for centralised management of F5 equipment. The bugs allow unauthenticated attackers to take control of the platform and then use it to pivot to other systems inside the organisation's network. Both issues were discovered by security firm Eclipsium.

Israeli spyware vendor NSO Group has embarked on a campaign to discover how Citizen Lab is tracking its tools. The company has filed several requests during its WhatsApp lawsuit to force Citizen Lab to disclose its methodology. So far, NSO has filed two discovery orders, both of which have been denied by the judge.

Recorded Future says that an Iranian influence operations group named Emerald Divide has been attempting to manipulate Israeli society and diminish trust in their government. The group ramped up operations after the Hamas attack in October. Its recent campaigns have published the personal data of Israeli public officials. Emerald Divide's network consists of more than 250 accounts on seven different social media networks.

Its primary activity takes place via Telegram, Twitter and WhatsApp and often employs AI-generated content. And finally, Russian influence operations group Doppelganger has launched a wave of disinformation claiming the Havana syndrome doesn't exist. Havana syndrome is the name given to a number of unexplained medical issues reported by US and Canadian embassy staff in Cuba. The

The doppelganger operation began days after American and German journalists linked the Havana Syndrome incidents to Russia's military intelligence agency. A joint 60 Minutes and Der Spiegel investigation linked the attacks to GRU Unit 2915, a Russian military intelligence unit specialised in assassinations and sabotage.

And that is all for this podcast edition. Today's show was brought to you by our sponsor, Thinkst, the makers of the much-loved Thinkster Canary. Find them at canary.tools. Thanks for your company.