An alert for Google Alert users, NetGalley and Bombardier hacked and more.
Welcome to Cyber Security Today. It’s Wednesday February 24th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
Crooks often take advantage of computing convenience features. In the latest example they’re abusing Google Alerts to spread malware. The Alert feature of the search engine lets people follow topics they’re interested in. Add a word or words and Google regularly searches for matches. When if finds them the user gets an email. But according to the Bleeping Computer news service, someone is creating fake news stories containing popular keywords to promote a fake Adobe Flash Player updater. When a victim goes to the fake story they get redirected to a website that make a message pop up that Flash Player needs to be updated. Agree to the update and you get infected with malware. The thing is, Adobe Flash is no longer supported. Those who don’t realize this will be victimized. This scam also has redirected people to web pages pushing fake giveaways and browser extensions. If you intend to go to one page and get send to another and asked to install something, ignore it.
NetGalley, a site where book reviewers can read books before they are published, has admitted it was hacked this week. The company said it initially looked like it was only a defacement of the home page. But after investigating it realized a backup file of the user profile database was copied. It included login names — which may not be real — mailing addresses, birthday — if given — company name and Kindle email address. If users submitted their biographies, that too, would have been copied. Users should be on the lookout for emailed spam and possibly identification impersonation.
In 2016 there were headlines when a hacking group calling itself The Shadow Brokers said it had stolen and released malware tools from something called the Equation Group. Security researchers suspect the Equation Group was close to the U.S. National Security Agency, and that what was stolen were NSA hacking tools. Now researchers at Check Point Software say a Chinese-affiliated group may have gotten into the Equation Group as far back as 2014. In a report this week the company says a Windows exploit of several vulnerabilities that was being used by the Chinese-based group looks like it was replicated from an Equation Group exploit. That exploit dates back eight years ago. Microsoft apparently quietly patched one of these holes in 2017. The implication is this exploit could have been used against organizations for longer than has previously been known.
I’ve told you about several organizations that use the Accellion FTA file transfer software being hit by data thefts. Yesterday Canadian business jet manufacturer Bombardier acknowledged it’s the latest to be victimized. By now every organization that uses FTA should be looking for signs of a hack. At the very least the latest security updates should be installed as soon as possible. A threat group is hunting for you.
Last week I told you about vulnerabilities found in an Android file-sharing app called ShareIt. The company behind the app has issued a patch. If you use this app install the update as soon as possible.
Finally, the latest version of the Firefox browser has a privacy feature called Total Cookie Protection. It prevents web tracking software from tracking users from website to website.
That’s it for today. Links to details about these stories are in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon