Ransomware hits another Ontario town, how the British Airways hack might have been done and Trend Micro cleans up its apps
Welcome to Cyber Security Today. It’s Wednesday, September 12th. To hear the podcast click on the arrow below:
A number of Canadian municipalities still aren’t completely prepared to deal with a ransomware attack. The latest one hit is the town of Midland, Ontario, some of whose systems were victimized Sept. 1st. According to CTV News, the town may have to pay a ransom to unlock the machines. Earlier this year the Ontario town of Wasaga Beach had to pay out after a ransomware attack. Apparently Midland’s email access and payment processing were out for 48 hours. A backup and recovery system that can’t be infected is the best way any organization and individual can protect against a ransomware attack. It can be expensive to have live or almost live backup, but as these municipalities have shown, without it your organization may be in trouble.
Security vendor Trend Micro has apologized and removed the ability of several consumer macOS security apps to collect browser history data after complaints the apps were violating users’ privacy. The company confirmed that Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder collected and uploaded a small snapshot of the browser history covering the 24 hours prior to installation. This was a one-time data collection, Trend Micro said, done to analyze whether a user had recently encountered adware or other threats. The data collection and use of browser history data was disclosed in the user agreements customers approved when downloading and installing the software, the company said. Meanwhile, in addition to ending the browser data collection it has also permanently dumped all legacy logs of data collected, which were stored on U.S.-based servers. The company also denied allegations data was sent to China. Trend Micro apologized to users for concern they might have had, and promise all their data is safe and at no point was compromised.
Finally, attention users of Adobe Flash Player and ColdFusion: There are new security updates available for you.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.