愛污传媒

Sci-Tech

    • Canadian cybersecurity agency and FBI issue advisory over rising 'Truebot' cyberattacks

    Networking cables and circuit boards are shown in Toronto on Wednesday, November 8, 2017. (THE CANADIAN PRESS/Nathan Denette) Networking cables and circuit boards are shown in Toronto on Wednesday, November 8, 2017. (THE CANADIAN PRESS/Nathan Denette)
    Share

    The Canadian Centre for Cyber Security has issued a joint advisory with the FBI and other U.S. agencies about increasing attacks from "Truebot" malware.

    According to the , hackers are using a vulnerability in security software to access computer networks at organizations in Canada and the U.S. in order to steal sensitive data for financial gain. The company behind the compromised software says more than 7,000 organizations rely on what's known as Netwrix Auditor, including clients from the insurance, financial, healthcare and legal sectors.

    "A security program, in order for it to work, requires high levels of access, so if it gets compromised鈥 the attackers won," Anil Somayaji, an associate professor of computer science at Carleton University in Ottawa, told CTVNews.ca over the phone on Thursday. "It's the worst kind of vulnerability in very sensitive software that's deployed in precisely those places where they care about security."

    Texas-based Netwrix is to upgrade the software and ensure that systems running it are disconnected from the internet.

    "This vulnerability may permit an attacker to execute arbitrary code on a Netwrix Auditor system that is exposed to the internet, contrary to deployment best practices," Netwrix chief security officer Gerrit Lansing said in a statement to CTVNews.ca. "In turn, an attacker will be able to run enumeration attacks and conduct privilege escalation attempts in an infiltrated network. Both activities 鈥 enumeration and privilege escalation 鈥 are at the core of any cyber-attack."

    The is marketed as a digital tool that organizations can use to "detect security threats, prove compliance and increase IT team efficiency."

    "Minimize IT risks and proactively spot threats," the Netwrix Auditor website advertises. "Reduce the risk to your critical assets by identifying your top data and infrastructure security gaps and exposing loose permissions."

    Somayaji says that the very nature of the software and attack, known as a remote code execution, could give hackers access to entire computer systems and the type of sensitive data Netrix Auditor is designed to protect.

    "Once they're infected, they basically have control of these systems and then they can鈥 encrypt all your data so that now it can only be decrypted by the attacker," said Somayaji, whose research interests include computer security and intrusion detection. "That's the idea of ransomware: I've encrypted your data, if you want it back, you have to pay me for the key, otherwise you'll never be able to recover it."

    The Canadian Centre for Cyber Security is part of the Communications Security Establishment (CSE), which is Canada's cybersecurity and digital intelligence agency. It issued the joint alert about the new cyber threat alongside the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) in the U.S.

    "Whenever you see these things pop up, it's like the tip of a iceberg," Somayaji said. "The fact that the Canadian Centre for Cyber Security, CISA, FBI, they're all putting out this press release, this makes me think some big players are using this stuff."

    First , private security researchers say they have traced Truebot malware to hackers in the purportedly , which has allegedly targeted financial institutions in former Soviet countries and others worldwide. A spokesperson from the CSE said they are "not in a position to validate those findings."

    "Previous versions of the Truebot malware relied on malicious phishing emails to infiltrate systems by tricking recipients into clicking a hyperlink to execute the malware," the CSE spokesperson explained. "More recently, cyber threat actors have added a new tactic and are exploiting a remote code execution vulnerability 鈥 known as CVE-2022-31199 鈥 within the Netwrix Auditor software to launch the malware, essentially eliminating the need for human error that is required for a phishing attack to be successful."

    The CSE in Canada is urging impacted IT operators to read its and for more information and solutions.

    Somayaji says Netwrix isn鈥檛 the first security software company to face a breach like this.

    "If you look in the past, many security products have turned out to have major vulnerabilities," Somayaji said. "Some of this could be just people trying to make money, some of it could be intelligence organizations, some of it could be just random individuals who have an axe to grind."

    CTVNews.ca Top Stories

    Canadian Ryan James Wedding finished in 24th place in the parallel giant slalom at the 2002 Winter Games in Salt Lake City, but the snowboarder wouldn鈥檛 go on to improve his results in Torino four years later.

    Angela Salvatore had been away from her father's hospital bedside for just over an hour when she says she got a frantic call from a nurse, pleading with her to calm him down.

    Canada

    • Canadian Ryan James Wedding finished in 24th place in the parallel giant slalom at the 2002 Winter Games in Salt Lake City, but the snowboarder wouldn鈥檛 go on to improve his results in Torino four years later.

    • The Provincial Archives of New Brunswick (PANB) has uploaded dozens of dashboard camera videos from the 1970s to their YouTube channel.

    • Canada Post driver Rick Harper recounts how he and others helped save a woman from a Tesla that caught fire after crashing into a guardrail on Lake Shore Boulevard.

    World

    Politics

    Health

    • Angela Salvatore had been away from her father's hospital bedside for just over an hour when she says she got a frantic call from a nurse, pleading with her to calm him down.

    • Ontario Premier Doug Ford said he doesn't "think it's fair" nurses and doctors have to pay for parking at the hospitals and health-care facilities that they work at, after 愛污传媒 Toronto highlighted the issue earlier this week

    Sci-Tech

    Entertainment

    Business

    Lifestyle

    Sports

    Autos

    Local Spotlight

    A new resident at a Manitoba animal rescue has waddled her way into people's hearts.

    Hundreds of people ran to the music of German composer and pianist Beethoven Wednesday night in a unique race in Halifax.

    He is a familiar face to residents of a neighbourhood just west of Roncesvalles Avenue.

    A meteor lit up our region's sky last night 鈥 with a large fireball shooting across the horizon over Lake Erie at around 7:00 p.m.

    Residents of Ottawa's Rideauview neighbourhood say an aggressive wild turkey has become a problem.

    A man who lost his life while trying to rescue people from floodwaters, and a 13-year-old boy who saved his family from a dog attack, are among the Nova Scotians who received a medal for bravery Tuesday.

    A newly minted Winnipegger is hoping a world record attempt will help bring awareness for the need for more pump track facilities in the city.

    A Springfield, Ont. man is being hailed a 'hero' after running into his burning home to save his two infant children.

    Hortense Anglin was the oldest graduate to make her way across the platform at York University's Fall Convocation ceremony this week. At the age of 87, she graduated with an Honours degree in Religious Studies.

    • The final count of ballots in the 2024 B.C. election begins Saturday, with more than 66,000 mail-in and absentee votes potentially yet to be counted across the province's 93 electoral districts.

    • There were tense moments at a ferry terminal outside Victoria, B.C., on Friday after the lion鈥檚 share of standby spots on an early sailing were claimed by 鈥渁ssured loading鈥 passengers 鈥 leaving regular customers who had been waiting for hours out of luck.

    • The countdown to the arrival of Taylor Swift鈥檚 Eras Tour is on, with three dates planned in Vancouver this December - and some condo owners are looking to cash in on the fan frenzy.

    • Canadian Ryan James Wedding finished in 24th place in the parallel giant slalom at the 2002 Winter Games in Salt Lake City, but the snowboarder wouldn鈥檛 go on to improve his results in Torino four years later.

    • Angela Salvatore had been away from her father's hospital bedside for just over an hour when she says she got a frantic call from a nurse, pleading with her to calm him down.

    • Ontario Premier Doug Ford said he doesn't "think it's fair" nurses and doctors have to pay for parking at the hospitals and health-care facilities that they work at, after 愛污传媒 Toronto highlighted the issue earlier this week

    • The Alberta legislature is set to reconvene on Monday and the Danielle Smith government will be providing more details about its plans for the session.

    • A person is dead in the aftermath of a traffic incident in Calgary's northeast on Friday evening.

    • An investigation into the death of a man in Calgary police custody earlier this month has concluded that officers did not contribute to his death and that he was cared for properly.

    • An Ottawa dietitian says the health trends on social media might not be the best option for you, citing some risks.

    • A former CTV Ottawa broadcaster is headlining an art gallery with landscape paintings this weekend.

    • It's going to be cold this Saturday in the capital, as colder than average temperatures are in the forecast.

    • In the wake of the Bedford school controversy, opposition parties called on the government to defund private religious schools, a proposal that Quebec鈥檚 main private school association says would end up costing the government and parents more.

    • Quebec's social services minister says he's outraged by reports that educators at a detention centre for youth in Montreal had sexual relations with minor detainees 鈥 and that one of the employees allegedly had a baby with a teenage resident.

    • Two minors were in court Friday to face charges after four teenagers were stabbed outside a Montreal high school.

    • A former Alberta teacher has been sentenced to four years for sexually abusing a student.

    • A second person has been charged in connection with the death of a man in the Kingsway area earlier this year.

    • The Alberta legislature is set to reconvene on Monday and the Danielle Smith government will be providing more details about its plans for the session.

    • The GoFundMe page for the family of an employee found dead at a Halifax Walmart last weekend has paused donations after almost $200,000 was raised in roughly 24 hours.

    • New Brunswicker Jillea Godin鈥檚 elaborate cosplay pieces attract thousands to her online accounts, as well as celebrities requesting their own pieces.

    • The mystery of a 100-year-old letter sent from Manitoba to Ireland is slowly unraveling thanks to the work of one amateur sleuth.

    • Winnipeg police are looking for a suspect after a woman's dorm room was broken into at the U of M and she was assaulted.

    • Repairs to the historic 110-year-old rail bridge at The Forks could come with a multi-million dollar price tag.

    • Saturday will mark the end of the CFL regular season, and the Saskatchewan Roughriders will have their eyes on Winnipeg鈥檚 matchup versus Montreal to know if they have a chance of clinching the West Division.

    • With an attempt to address the shortage of housing available in the community, the City of Yorkton has started a housing incentive program where new builders will receive a 50 per cent rebate on residential lots, and a full tax exemption for five years.

    • As the final day of voting for the Saskatchewan election inches closer, voters may be wondering when official winners will be declared.

    • Geovanny Villalba-Aleman, the man who stabbed three people in a gender studies class at the University of Waterloo, says he 鈥榓cted dumb鈥.

    • All the evidence has now been called at the trial of Erick Buhr, who has pleaded not guilty to second degree murder in the death of his grandmother, Viola Erb.

    • Residents spotted smoke coming from a waste management site in Waterloo on Friday afternoon.

    • A Saskatchewan woman is worried her child might die before receiving life-saving surgery and tests as he sits on the province's surgical waitlist.

    • The Saskatchewan RCMP is releasing the names of two suspects arrested on Thursday for a violent vehicle theft that triggered a widespread police search.

    • Police have still not confirmed the identity of a body discovered in Prince Albert last week.

    • The Town of Cochrane plans to roll out its $10-lot program in a month or two.

    • Two people 鈥 one from Timmins, the other from Kapuskasing -- have been fined more than $7,000 for camping violations, including empty septic tanks directly onto the ground.

    • The federal government is spending a significant amount of money to improve Indigenous student learning across Ontario.

    • At around 11:00 p.m. a witness saw them break a window at a building in the area of Chiddington Avenue and Compton Crescent.

    • In case you missed it, 愛污传媒 London has gathered all of the top local stories from this week into one video for your convenience.

    • A new staff report calls for homeless encampments to be allowed even closer to residential neighbourhoods, reducing the buffer zone from 100 metres to 25 metres.

    • Provincial police say there is an active investigation going on in the Town of Huntsville.

    • Several students have been banned from being spectators at school sporting events, and others suspended from school, after verbal and physical exchanges at a high school soccer game.

    • A 15-year veteran officer with the South Simcoe Police Service has been charged with discreditable conduct following an allegation of sexual assault.

    • In case you missed it, 愛污传媒 Windsor has compiled all of the top local stories from this week into one video.

    • The Windsor Police Service is investigating a suspicious death in south-central Windsor.

    • A Harrow school is memorializing two students and their mother, who were tragically killed in June.

    • The final count of ballots in the 2024 B.C. election begins Saturday, with more than 66,000 mail-in and absentee votes potentially yet to be counted across the province's 93 electoral districts.

    • There were tense moments at a ferry terminal outside Victoria, B.C., on Friday after the lion鈥檚 share of standby spots on an early sailing were claimed by 鈥渁ssured loading鈥 passengers 鈥 leaving regular customers who had been waiting for hours out of luck.

    • Hulitan Early Years Centre is a brand new, 48-seat childhood learning centre in Colwood. It was built to support Indigenous children throughout the capital region.

    • More than two years after Alannah Brown and Douglas Barker were found dead north of Penticton, police are asking for help identifying a vehicle they believe was associated with the crime.

    • Dave Lindsey began growing giant pumpkins to bring a bit of magic to his grandkids' Halloween.

    • A U.S. District Court judge in Montana has sentenced a 27-year-old man from Kelowna, B.C., to 18 months in prison for using fake names to buy guns with the aim of selling them in Canada.

    • About 15,000 students are enrolled at Lethbridge鈥檚 post-secondary schools, and now the city is working with those schools to try to find ways to get them s to stick around a while.

    • With Halloween less than a week away, organizations in Lethbridge are preparing to get in on the trick-or-treating fun.

    • The City of Lethbridge is bringing forward a water conservation policy, the first of its kind for the city.

    • The union that represents hospital workers across the province is used a symbol from Greek mythology Friday in Espanola to drive home its campaign about the perils of privatization in health care.

    • CTV's Coats for Kids is nearing the end of its donation window, with the need as strong as it鈥檚 ever been.

    • The Anishinabek Police Service and the Ontario Provincial Police are investigating the circumstances around a death in Fort William First Nation.

    N.L.

    Shopping Trends

    The Shopping Trends team is independent of the journalists at 愛污传媒. We may earn a commission when you use our links to shop.聽Read about us.

    Stay Connected
    Follow 愛污传媒