News Week Ending May 15, 2022

Pro-Ukraine Protestware
by Artie Kaye

An open source contributor modified dependency files they developed.  The modifications were to cause damage to Russian computers.  The altered dependencies were only uploaded for less than a day, however, another modified file was added shortly after, with a non-malicious message added.  In recent months there has been an increased focus on open source projects and their potential for misuse.  The potential for security flaws is the same as the rest of the tech industry, but the open source community doesn’t have to follow the rules that large tech companies do.  When you’re trying to be secure, it is nice to know that your software won’t be compromised by someone on a whim.  Actions like this damage the trust in the open source community.

Trickbot Functionality Discovered
by Artie Kaye

A botnet known as Trickbot has been plaguing the internet for years, and it’s recently been learned how the botnet functions.  Trickbot uses Mikrotik routers as a gateway to other places on the internet.  A router in a business or home can be infected and serve as a portal through which commands are sent, masking the source.  Microsoft has tools available to find the exploits and check if the router has been compromised.  If you’re running Mikrotik routers, update them to firmware 6.42 or higher.  This is not an optional update.  Ideally, get the tools from Microsoft to check if there is a problem.  This will help protect your business and protect others who use the internet.