Monday, June 27, 2022
Home Tech News Cyber Security Today, July 9, 2021 – Don’t be caught by Black...

Cyber Security Today, July 9, 2021 – Don’t be caught by Black Widow movie scams, another Accellion FTA hack and more

Don’t be caught by Black Widow movie scams, another Accellion FTA hack and more

Welcome to Cyber Security Today. It’s Friday July 9th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.

Action movie fans starved for entertainment are eagerly looking forward to today’s release of the Black Widow film. It stars Scarlett Johansson as a KGB-trained assassin turned member of the superhero group the Avengers. You can be a superhero too, by not falling for any of the phony websites that have been set up to sucker people eager to see the film online. These sites offer the ability to see the film, but after the first few minutes viewers have to register by filling in their credit or debit card details. Scammers have been setting up these sites for months since the first expected film release was set for early in May, says security firm Kaspersky. The film is only available online through the Disney+ streaming service.

This is another reminder to Windows administrators who haven’t heard about an emergency patch issued this week. It’s vital you install a security update to fix a serious vulnerability in the Print Spooler capability. Guest analyst Dinah Davis and I will discuss this during this afternoon’s Week in Review podcast, but don’t wait until then to install the patch.

Here’s another business application that needs patching: If your organization uses the Sage X3 enterprise resource planning suite, make sure it has the latest updates. They close four serious vulnerabilities. These were discovered by security vendor Rapid7. The company also reminds administrators that Sage X3 shouldn’t be connected directly to the internet. Instead remote users should connect through a secure VPN.

It’s been a while since we heard about a data breach involving Accellion’s FTA file transfer application, but another one has popped up. American investment bank Morgan Stanley has acknowledged that personal data of people being held by a partner company called Guidehouse was stolen in January. These people were enrolled in stock plans with a number of companies and overseen by Morgan Stanley. Guidehouse has a service for businesses for locating current addresses of people whose contact information is no longer valid. The personal data held by Guidehouse, including names, dates of birth and social security numbers, was encrypted. But due to the Accellion FTA vulnerability the attacker got the decryption keys. Accellion had issued a patch for the vulnerability, but it looks like that patch wasn’t applied quick enough.

Finally, Firefox browser users in Canada are about to gain a bit more privacy protection. Soon if you use Firefox in Canada any website you go to will be protected by a service called DNS over HTTPS. What does that mean? DNS is a domain name resolver service, which changes the “www.website.com” you type into a browser into the numbers the internet really uses to go places. DNS over HTTPS encrypts that request so it can’t be intercepted by, for example, internet providers who want information about where users go. This comes as a result of a partnership between Mozilla, which makes the Firefox browser, and the Canadian Internet Registry Authority, which oversees the .ca domain. Firefox users in the U.S. already have this available. Protection will slowly roll out starting July 20th.

That’s it for now. But remember later today the Week In Review edition will be available. Guest Dinah Davis of Arctic Wolf and I will discuss details of the Kaseya ransomware attack and more.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

- Advertisment -

Most Popular

Blackhawks finalize coaching deal with Habs’ Luke Richardson

Luke Richardson is the new coach of the Chicago Blackhawks, stepping into a tricky rebuilding process for one of the NHL’s marquee franchises. General manager Kyle Davidson...

Perfectly preserved 35,000-year-old woolly mammoth remains found in Canada

Elders named the mammoth calf Nun cho ga, meaning ‘big baby animal’ in the Hän language (Picture: Government of Yukon)A gold miner in Canada...

Roku’s capable Streambars are down to their lowest prices

Both the Roku Streambar and Streambar Pro soundbars are matching their lowest prices ever. The 14-inch Roku Streambar (perfect for smaller entertainment setups) usually...

The Supreme Court says it won’t consider rewriting defamation law… yet

The Supreme Court has turned down a request to revisit a decades-old libel ruling, despite a dissent from Justice Clarence Thomas. This morning, the...