Watch those links in email, two cases of human errors embarrass major companies and make sure you update Microsoft Internet Explorer.

Welcome to Cyber Security Today. It’s Friday December 21st. To hear the podcast click on the arrow below:

Cyber Security Today on Amazon AlexaCyber Security Today on Google PodcastsSubscribe to Cyber Security Today on Apple Podcasts

I often warn listeners about possible malicious documents attached to email messages. But criminals also use malicious links. That’s one of the messages from a warning issued this week by a company called Menlo Security. It’s been following a malware campaign aimed at employees of banks and financial services mainly in the U.S. and the United Kingdom. The message in the email tries to convince staff to go to the link to fetch an invoice or a bank slip or some other excuse. The subject line may use the word “Confirmation” or “Transfer.” Click on the link and malware is downloaded that starts a process to let an attacker infiltrate the company network. So please, read email slowly, consider where it comes from before you click.

There’s been an ‘oops’ moment for a big company. This time it was Amazon’s turn to be embarrassed. According to the Reuters news agency, a man in Germany asked Amazon to let him listen to back recordings from his Alexa speaker. Instead of getting access to his own recordings he was sent a link to 1,700 audio files recorded by someone else. Human error, said Amazon, which apologized. And in Australia, Woolworths, the parent company of discount retailer Big W admitted to an oops because an employee earlier this year included some print-outs for a customer to prove their printer had been repaired. What was on the sheets was the personal information on 32 other people. This came out in a report from the privacy commissioner. Human error, said Woolworths, which has strengthened its policies, and apologized.

Finally, Are you still using Microsoft’s Internet Explorer browser? Make sure it’s updated. On Thursday Microsoft had to issue a quick security update to patch a critical bug. Affected are Internet Explorer versions 9, 10 and 11.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.



Related Download
Cybersecurity Conversations with your Board Sponsor: CanadianCIO
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now