Cyber Security Today, April 16, 2021 – Russians are coming for these devices, how a games company was hacked and be careful with internet searches

The Russians are coming for these devices, how a games company was hacked and be careful with internet searches.

Welcome to Cyber Security Today. It’s Friday April 16th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

IT leaders can have a hard time deciding which hardware and software to patch first. The U.S. government has made it easier. Yesterday it issued a list of the corporate devices Russia’s foreign intelligence service commonly tries to exploit because of unpatched vulnerabilities. The list has well-known devices made by Fortinet, Citrix, Pulse Secure and VMware, as well as the Zimbra Collaboration Suite. Security updates for some of these were issued as far back as 2018. The most recent was last year. It’s hard to understand why organizations haven’t patched these by now.

The alert also includes this advice to IT leaders: Continuously hunt for signs of compromise and abuse of passwords, particularly in cloud environments.

The results of an investigation into the cause of a ransomware attack last year on Japanese game-maker Capcom are in, and it’s not pretty. The attackers got in by compromising an older virtual private network device in Capcom’s California office. It was being used as a backup while newer and different models for remote access were being installed. The attack spread to some computers at headquarters in Japan. Capcom was in the middle of installing improved defensive services and software that might have caught the attack. But the pandemic slowed down implementation. Personal data on about 15,000 individuals was stolen by the attackers. Because Capcom refused to pay a ransom that data was publicly leaked. One lesson from this: If your IT department has decided some hardware or software is risky, get it updated fast.

No one uses the internet without searching for something. But Canadian managed service provider eSentire says cyber crooks are tricking employees into going to hacker-controlled websites. They do it by manipulating internet searches for certain business words. These include “invoice,” “receipt,” “template,” “questionnaire” and “resume.” Victims apparently are looking for business templates, perhaps so they can fill out their own invoices or resumes. The report says the gang behind this scheme has created hundreds of web pages with popular business terms in hopes that those pages will be among the top results of searches for those and similar words. But when people click on a button to download what are supposed to be templates or business documents their computer gets infected with malware. One of the best defences to this is having good anti-malware software on your devices. Also, be sure the site you download from is trustworthy.

ParkMobile, an app that allows drivers in Canada and the U.S. to pay for parking through their smartphones, has admitted information about users has fallen into the hands of crooks. This comes after security reporter Brian Krebs was told this week by a security company called Gemini Advisory that someone is selling data on a criminal cyber forum on 21 million ParkMobile customers. On March 26th ParkMobile put out a statement saying there had been a cybersecurity incident. At the time it said “no sensitive data or payment card information … was affected.” But after the Krebs story was published it issued a new statement saying basic user information including licence plate numbers and, if provided to the company, email addresses and phone numbers, were accessed by a hacker.

Finally, new versions of the Chrome and Edge browsers have been released. Make sure your browser is updated.

That’s it for now. Remember later today the Week In Review edition of the podcast will be out. This week’s guest commentator is Dinah Davis of managed security provider Arctic Wolf, and we’ll be talking about best digital identity management practices.

Links to details about podcast stories are in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Follow this Cyber Security Today

More Cyber Security Today