Breaking News

Canon hit by ransomware, Fake website addresses and a bank fined for a hack | Canada Cyber Security News

Canon hit by ransomware, Fake website addresses and a bank fined for a hack | Canada Cyber Security News




Successful ransomware attacks against major companies continue. The latest victim is Canon, the manufacturer of cameras and printers. News site Bleeping Computer reports that a ransomware group calling itself Maze claims to have copied 10 terabytes of company data. Typically, this group threatens to embarrass the victim company by publicly publishing stolen data unless a ransom is paid. I recently spoke with Aamir Lakhani, a Canada-based security researcher for Fortinet, who said that a growing number of strike groups are using this strategy. He also noted that many groups can move onto ransomware because many pieces of code to create the malware are available on the Internet. Some websites help criminals create packages of malware, including ransomware, for a small fee - it's called ransomware-as-a-service. One of them, Lakhani noted, is Github, a platform to help legitimate developers create software. Searching on Github you can find applications to assemble ransomware. These programs have been created and are for security researchers. But it is not difficult for a criminal to adjust the code so that it can be used in an attack. Fortinet says that good security techniques, including secure data backups, segmentation of important data, quick installation of security updates, and educating staff on how to ignore phishing email, will go a long way to helping you. reduce the risk of successful ransomware attacks.

In my last podcast, I provided tips for avoiding fake websites. Someone was watching for intentional spelling in website address. You think that after clicking on a link in an email or text message, you will be taken to a real website, but this is fake. The title is close enough to trick you. Well, while I was recording that podcast, a security company called Malwarebytes released a report on a new scheme by a hacker group that uses the same technology - changing a single letter in a web address to move victims to a bogus website. In one case, victims thought they were going to a site called "cigarpage.com". However, the hackers created a fake website with a similar name by replacing the letter "g" on "page" with the letter "q". Read it quickly and it will look right. Another hacked site is fieldupply.com. The letter "i" in the "field" has been replaced by the letter "l".

This deception works because browsers use what is called a sans serif font. Serifs are the lowercase strokes at the end of some letters, such as the upper and lower part of the lowercase "l". A sans serif font has no small strokes, so in small print - as in web page titles - it can be difficult to distinguish between characters. This is why the lowercase letter "q" can sound like "g". Crooks have a lot of tricks like that, including using a letter from the Latin or Cyrillic language as part of a fake web address.

If you type in the real name of a website, or if you bookmark the correct site, you will always go to the real site. But be wary of where you are taken to after clicking a link in an email, text message, or social media message. Then you are in the hands of the one who created this link. This is when you have to look carefully at the web address.

Finally, the US credit card issuer, Capital One, was fined $ 80 million after a hacker copied the personal information of 100 million credit card requests, 140,000 Social Security numbers, and 1 million insurance numbers. Canadian Social. The Office of the Comptroller of the Currency imposed the fine on the failure to establish effective risk mitigation processes prior to the transfer of data from the local data center to the Internet in 2015. The bank's internal audit also failed to discover several shortcomings of the planned new cloud environment. . According to a news report, a hacker took advantage of a misconfigured firewall.

This is for Cyber ​​Security Today. Links to information about these stories can be found in the text version of each podcast at ITWorldCanada.com. You will also find my news stories aimed at business and cyber security professionals. Cyber ​​Security Today can be heard on Monday, Wednesday and Friday. Subscribe to Apple Podcasts, Google Podcasts or add us to your Flash briefing on your smart speakers. Thanks for listening. I am howard solomon

No comments