Data of hacked Nissan stolen, a GitHub vulnerability alert, holes in GitLab found and more.
Welcome to Cyber Security Today. It’s Wednesday, January 18th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
The North American division of carmaker Nissan is blaming a data breach at an outside application developer for the theft of the personal data of almost 18,000 vehicle owners. The carmaker said it gave the developer customer data for application testing. That data was unintentionally and temporarily put in a cloud storage website, which apparently was hacked. While the information didn’t include customers’ Social Security or credit card numbers, it did include names and dates of birth. That could be used for creating fake ID. The hack happened sometime before June 21st last year. In September Nissan verified data was copied. Victims are only now being notified.
This isn’t the first data problem Nissan has suffered. In December, 2017 Nissan Canada admitted information of over 1 million Canadian vehicle buyers who used its financing divisions had their personal information stolen.
Application developers using GitHub’s Codespaces feature are being urged to lock down their projects after the discovery of a serious vulnerability. Codespaces allow developers to create, edit, and run code directly from their web browser within a virtual machine. Developers can work on the same project from any device without worrying about differences in local setups. To make it work Codespaces allows developers to share forwarded ports from the virtual machine. However, researchers at Trend Micro found that if application ports are shared without authentication attackers can get inside and host malicious content. Codespaces users need to follow GitHub’s protection rules and create strong access passwords protected with two-factor authentication.
More warnings for developers: GitLab is urging users of its Community and Enterprise editions to upgrade to the latest versions. This comes after the discovery of vulnerabilities by a team of researchers. Git is a distributed application version control system that allows developers to collaborate on software development. The most severe issue discovered allows an attacker to trigger a heap-based memory corruption during clone or pull operations, which might result in a hacker running code.
A ransomware attack on a Norwegian ship management software company has stopped the suite’s online connectivity to 1,000 vessels. This is because the firm, called DNV, had to shut its servers earlier this month as a result of the attack. Vessels using DNV ShipManager suite can still use the application offline. As of the recording of this podcast there was no indication from the company when its servers will be back online.
Finally, database administrators who oversee GE Proficy Historian servers are being warned to upgrade to version 2023. This follows the discovery by researchers at Claroty of five vulnerabilities in the data management suite. Historian software collects and analyzes data from industrial control systems. That data can be of interest to hackers, or an attacker that wants to sabotage the company. But if the servers link to the IT network they can also be a pivot point for hackers into the business side of the firm. The discovery of the holes in the GE product is a reminder IT and security administrators must make sure historian servers are locked down and can’t be used to get into the IT network.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. U.S. listeners can also find me on TechNewsDay.com.