A New Mexico county hit by ransomware, online pharmacy hacked, alleged book thief charged and controversy over Norton 360.
Welcome to Cyber Security Today. It’s Friday, January 7th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Bernalillo County, which includes Albuquerque, New Mexico, has acknowledged being hit by ransomware. The county said it was likely struck in the early hours on Wednesday. As a result most county buildings were shut Wednesday and Thursday. Many county employees were forced to work from home. But emergency and public safety services are fully operational.
A Florida-based online pharmacy called Ravkoo has acknowledged a breach of security controls that may have led to the exposure of data on 105,000 customers. The breach was discovered last September. According to a notice filed with the state of New Hampshire, the attacker went after its prescription portal, which was hosting on Amazon Web Services.
Cybercrime isn’t always about stealing passwords, credit card numbers and government secrets. It can be about stealing … wait for it … soon-to-be-published books. U.S. authorities this week charged a man with wire fraud and aggravated identity theft for allegedly impersonating people in the publishing industry in emails to obtain pre-publication manuscripts of upcoming books. The man has worked in the publishing industry and allegedly knows how it works. But, it is alleged, in 2016 he started impersonating literary agents, editors and others in the publishing industry to get manuscripts. One tool was creating look-alike email addresses of real people or companies. For example, it is alleged, he’d create an email address with company name that replaced the letter “m” with the letters “rn”. Try typing it yourself: Combined the two letters look like an “m”. The indictment notes that pre-publication manuscripts are valuable. Stolen manuscripts can harm an author’s reputation.
If you use Norton 360 to defend your small business or home office there may be an unwanted feature running. It’s called Norton Crypto. It’s a cryptomining application. It mines for cryptocurrency when your computer is idle. Users get the benefit of any coin mined, but they have to pay Norton a 15 per cent mining charge, plus transaction fees to the blockchain network for any cryptocurrency transfers. This capability has been offered since last July. The company says users have to opt-in and give permission for this to run. But according to security reporter Brian Krebs, a lot of Norton 360 users don’t know about this so-called feature. As one consumer wrote, an anti-virus solution should be detecting and killing a crypto mining app, not installing it.
Finally, if you’re a Google Chrome user make sure the browser has the latest updates. New patches were released this week.
That’s it for now. But remember later today the Week in Review podcast will be out.
Links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.