Thursday, August 11, 2022

Cyber Security Today: A crafty cyber attack is diffused, phishing is still hot and protect your brand

Two zero-day exploits found fused into one, the latest report from the Anit-Phishing Working Group and hackers are increasingly going after your brand.

We’re bringing you the latest cyber security news. Welcome to Cyber Security Today. It’s Friday May 18th. To hear the podcast, click on the arrow below:

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts

 

Despite regular headlines about successful cyber attacks, sometimes we get a break. According to a report on Bleeping Computer, it happened in March when researchers at security vendor ESET detected something odd in a PDF file that had been uploaded to a public antivirus scanning engine. The file had been loaded with two new pieces of malware that worked together to exploit holes in Adobe Acrobat Reader and Windows. Presumably, the creator of this piece of mischief was trying to see if their work was good enough to evade detection by the scanning engine. ESET reported the bugs, which were fixed last week by Microsoft and this week by Adobe. We hope for more good news like this.

Unfortunately, it’s still bad news on the phishing front. The Anti-Phishing Working Group, an industry association, said this week it has seen notable increases in campaigns going after webmail providers, banking targets and cloud storage and file-sharing sites.

Phishers also continue to fool Internet users into complacency by using HTTPS on phony web site address. This lulls users into thinking that the sites are run by legitimate businesses and are safe to transact with. Remember, the green lock in the URL section of the browser doesn’t mean a Web site is legitimate and/or safe, only that it uses encryption. But nothing helps if you enter your password on a phony site.

Finally, the data in your organization is the prime target of attackers, but not far behind is something more intangible: Your brand. According to a report this week by solutions integrator Optiv, brand security threats were the second most common source of alerts the company answered from customers in 2017. These alerts related to phony, misleading or malicious Web sites. Phishing attacks were number one, but threats to brands were ahead of typical security concerns such as data leakage and web vulnerabilities. This finding should raise the importance of brand risk among the ranking enterprise security concerns.

You can get the Optiv report here. Registration required.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast