A new version of Android ransomware, ransomware hits international law firm and cruise line gives more detail about a cyberattack.
Welcome to Cyber Security Today. It’s Wednesday October 14th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
Attention Android users: There’s a new form of ransomware being spread through fraudulent mobile apps and cracked games. Most ransomware encrypts the data on a computer so you can’t get access until you pay a ransom for the decryption key. Microsoft says it has found a new variant that blocks users from accessing data on infected Android devices. A ransom note appears on top of any other window, preventing the user from doing anything else. Pay up or the screen stays. This isn’t a new tactic. Google blocked the others. So a scammer found a new way: Using Android’s capability to show notifications for incoming phone calls. The lesson is the safest apps are in the Google Store. Don’t download apps from anywhere else. Never trust apps that promise to let you play games without paying.
Speaking of Microsoft, yesterday was the monthly Patch Tuesday, when the company releases security updates for Windows and other company products. Check Windows Update to make sure these patches have been installed.
An international law firm called Seyfarth Shaw, with offices in the U.S., Europe and the Asia Pacific has acknowledged it was the victim of a ransomware attack over the weekend. As of yesterday it said there was no evidence that any client or firm data was accessed or removed.
In August I reported that cruise operator Carnival Corp. acknowledged one of its brands suffered a ransomware attack. On Tuesday it offered a small update: It confirmed a hacker had accessed personal data of some guests, employees and crew for Carnival Cruise Line, Holland America Line and Seabourn cruises, as well as casino operations. Working with its cybersecurity consultants, the company says it has recovered its files and “has evidence indicating a low likelihood of the data being misused.” The company is still trying to identify all of the people whose personal information may have been exposed. That work will take at least another 30 days. After that people will be notified.
Finally, on Friday afternoon I’m starting a new podcast: The Week In Review. It’ll have highlights of the previous seven days of news, I’ll chat with a guest analyst to go a little deeper into what’s going on. Hope you’ll tune in at some point on the weekend.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.