A troubling employee security awareness survey, beware of so-called scanned email attachments and more
Welcome to Cyber Security Today. It’s Friday, October 28th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
With Cybersecurity Awareness Month ending on the weekend, business and IT leaders may be wondering what employees really think about cybersecurity. Consider these numbers from a recent survey of 4,000 people in France, Canada, the United States, the U.K,, and Australia: Eighteen per cent of respondents believe they can’t be targeted by cybercriminals. Twenty-six per cent said they don’t need cybersecurity training. Forty-six per cent believe few employees actually fall for scams or phishing attempts at work. Seventy-eight per cent said it is the IT department’s responsibility to ensure the company’s cybersecurity. Only 59 per cent said IT security at their company is partly their responsibility as well as the organizations.
Here’s something else to think about: Only 38 per cent of respondents said their company has a mandatory cybersecurity awareness program for all employees.
The survey was done for Canadian firm Terranova Security. Registration is required.
Researchers at the Cybernews website say they found three databases left open on the internet owned by the Thomson Reuters media company. However, the company says two of the databases are supposed to be publicly accessible, It said the third only held applications logs from a pre-production environment. However, the researchers said the logs had sensitive information including usernames and passwords to third-party servers that could lead to supply-chain attacks. There were also logs that showed what subscribers were searching for within Thomson Reuters news and information services. The company believes there was a server misconfiguration. It is notifying affected customers.
Threat actors are emailing supposed scanned documents as a way to infect computers with malware. According to researchers at Avanan, targets are getting email messages with a scanned attachment — perhaps a supposed receipt or a cheque — in the hopes that it will be opened. Attacks like this are another reminder that when you receive an email with an attachment check the sender’s address. Is this someone you know? Is their name being spoofed and the email address itself not one you’re familiar with ? Are you expecting a document from this person? If the answer is no to any of these questions report the email to your IT department.
With two weeks to go before the November 8th U.S. midterm elections researchers at Mandiant say a China group is behind an attempt to influence the vote through a variety of ways on social media. They include alleging the U.S. is responsible for the Nord Stream gas pipeline explosions in Europe and attempts to discourage Americans from voting. Voters in any country need to make sure the information they rely on for making decisions is credible.
Attention cloud security administrators: If you aren’t locking down your Docker or Kubernetes infrastructure it could be leveraged by hackers for spreading malware. This warning comes from researchers at Crowdstrike, who recently discovered a threat group using compromised cloud containers to deliver cryptocurrency mining applications to business severs.
In a related report, researchers at Sysdig have discovered an extensive cryptomining operation that takes advantage of application development sites like GibHub, Heroku, Buddy.works and others. This has been dubbed “freejacking” because it takes advantage of free trial accounts on these platforms. The platforms try to make it less easy for accounts to be opened, but the researchers say hackers are getting around the restrictions. More than 30 GitHub accounts, 2,000 Heroku accounts and 900 Buddy accounts have been used in this scheme.
That’s it for now. But later today the Week in Review edition of the podcast will be available. IT World Canada CIO Jim Love, reporter Paul Baker and I will look back at highlights from the recent MapleSec cybersecurity conference and the advice given to infosec pros.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.