Warner Music hack, a school board hit by ransomware and beware of these attachments.
Welcome to Cyber Security Today. It’s Tuesday September 8th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Warner Music, one of the biggest music recording companies, has admitted several of its online websites have been hacked. The discovery came on August 5th. An investigation showed personal information people entered when buying music as far back as April 25th may have been copied. That includes names, addresses and payment card information. Anyone who paid through PayPal wouldn’t have been affected. Warner is urging customers to watch their credit and debit card statements for suspicious activity. It’s also offering U.S. customers who bought during the three-month period free credit monitoring for one year.
A North Carolina county school board has confirmed that hackers stole personal information from its IT system as part of a ransomware attack in August. Stealing and threatening to publicly release some stolen data while encrypting the bulk of an organization’s information has become a common tactic among ransomware groups. According to the Bleeping Computer news service, the school board apparently refused to pay because the ransomware gang has published 5 GB of copied data. It includes personal information on students and teachers.
Organizations can take many precautions to prevent being victimized by ransomware. Among those are forcing employees to use two-factor authentication in addition to strong passwords for all logins, segmenting data and increasing staff training to recognize email threats.
Many of you know to look for suspicious phishing messages with email attachments. Usually they are Microsoft Word or PDF files. But they can also be Microsoft Excel spreadsheets. A Belgian-based security company called NVISO Labs warns of finding malware hidden in Excel documents made without using Microsoft Office. That could make them less easy to detect by antivirus products, which look for certain code. Victims get infected after clicking on the attachment by agreeing to enable macros or enabling editing so the document can be seen. Users should have their office suites configured so macros don’t run automatically. So treat requests to enable ending as suspicious. Recent attacks using this technique have been seen in 27 countries including the U.S., China, France and Germany. Email messages may ask for a quote from your company or be about a purchase order.
One way companies can protect themselves is by having an email filter that flags messages with attachments that come from outside the organization.
IT departments in firms using the Cisco Jabber videoconferencing and messaging app for Windows should install the latest update. It fixes a critical vulnerability.
Finally, today is the monthly Patch Tuesday for Microsoft products, when the company issues the latest security fixes. Usually they are installed automatically, but you can check later today by going into Windows Update on your computer.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts