Movie scams, and make sure you update Windows, WhatsApp and Cisco products
Welcome to Cyber Security Today. It’s Friday February 7th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.
To hear the podcast click on the arrow below:
On Monday’s podcast I warned that hackers are taking advantage of worries about the coronavirus to spread malware through email attachments that pretend to be health advice. Attackers often take advantage of the latest news to do that. With the Academy Awards ceremony coming this Sunday they’re at it again. Security vendor Kaspersky says there’s lots of online scams going on trying to lure people into watching a nominated film for free just by taking a survey or answering a few questions. The real goal is to capture personal and credit card information. The most popular scams are around the films 1917, Joker and The Irishman. You can bet there will be an increase in movie scams after the awards are announced.
Security experts remind people of the importance of getting and installing software patches as soon as possible. That’s because when companies announce a fix for a bug, hackers quickly get to work trying to exploit the vulnerability. Here’s another example: Last month Microsoft announced the discovery of a very serious problem with Windows. This week an antivirus company in India said it’s seen a new version of ransomware that takes advantage of that vulnerability. How the attackers are trying to spread that malware isn’t clear. Usually the way is through an infected email attachment. It doesn’t matter. The point is to fight this new threat make sure you’re running the latest version of Windows. Find Windows Update and check.
Speaking of updates, if you use WhatsApp, make sure it’s up to date. A couple of serious security holes are plugged with the latest version.
By the way, the security researcher who discovered those WhatsApp holes passes on a warning to application developers: Make sure the components you use in your app but don’t write yourself, like the app’s engine, are on the latest version.
Attention IT network administrators: If you have equipment from Cisco Systems they may need to be patched. There’s a serious problem that could allow attackers to take over and eavesdrop on Cisco IP phones and video cameras. A security company called Armis discovered the problem and worked with Cisco on resolutions. Cisco notified customers and issued patches on Wednesday.
There’s a new version of the Google Chrome browser now out. Usually it will update automatically, but you can check by going into the control settings — the three dots at the top right — and clicking on Help.
More update news: Consumers and businesses using the Phillips Hue Internet-connected light bulb system need to patch the firmware. Otherwise an attacker could get into the system and send malware that would infect the attached network. Yes, you can be attacked through a light bulb, or any toy, camera or refrigerator connected directly or indirectly to the Internet. That’s why you have to keep an eye open for updates to all your products.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA