SoatDev IT Consulting
SoatDev IT Consulting
  • About us
  • Expertise
  • Services
  • How it works
  • Contact Us
  • News
  • June 23, 2023
  • Rss Fetcher

New ransomware data, a salary transfer scam that victimizes employees and more.
Welcome to Cyber Security Today. It’s Friday, July 23rd, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Ransomware attacks keep increasing. According to the NCC Group, ransomware gangs claimed 436 corporate and government victims around the world in May. That compares to 352 in April. The spike was in-part driven by the emergence of 8base, a new ransomware player that has a double extortion strategy. This operator has published the data it says was stolen from 67 victims so far. Other new ransomware groups recently detected are Aikra, BlackSuit, MalasLocker and RAGroup.
More ransomware data this week came from researchers at Trellix, who looked at cybercrime trends for the first quarter of this year. The most common group of victims listed on ransomware gang data leak sites were mid-sized American firms with up to 200 employees. By the way, almost half of American companies hit by ransomware apparently paid the crooks to get access to their data back.
The researchers also found that many critical vulnerabilities used by attackers are made up of bypasses to patches for older security updates, supply chain bugs using outdated software libraries or long-patched vulnerabilities that were never properly installed on corporate networks.
Corporate HR and finance departments are being warned to watch for an old phishing scam. According to researchers at Avanan, crooks still hack the email of an individual, figure out where they work and then use the compromised email to ask the employer to change the bank where the staffer’s direct deposit salaries go. The funds go into an account controlled by the hacker. Only when the employee realizes the organization hasn’t deposited their salary do they discover the scam. So first, make sure your personal or company email can’t be hacked by using strong passwords plus multifactor authentication for added protection. Organizations should tighten their policies around requested changes to employee payments, such as extra verification in person or a listed phone number that’s not in a suspicious email.
One of the ways crooks get away with their cyber attacks is by disguising their malware so it can’t be detected. This is called crypting. According to cybersecurity reporter Brian Krebs, crypting services are something police ought to look into. He has a great article this week on one service, called Cryptor(dot)biz and who might be behind it. There’s a link to it here.
Finally, Apple released security updates for iPhones and iPads. Your devices should be on version 16.5.1. If your device can’t be updated because of its age think about replacing it.
That’s it for now. But later today the Week in Review podcast will be out. Guest commentator David Shipley of Beauceron Security will be here to talk about some of the recent news, including a warning from UPS Canada on a text scam.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.The post Cyber Security Today, June 23, 2023 – New ransomware data, a salary transfer scam that victimizes employees and more. first appeared on IT World Canada.

Previous Post
Next Post

Recent Posts

  • Y Combinator startup Firecrawl is ready to pay $1M to hire three AI agents as employees
  • Build, don’t bind: Accel’s Sonali De Rycker on Europe’s AI crossroads
  • OpenAI’s planned data center in Abu Dhabi would be bigger than Monaco
  • Google I/O 2025: What to expect, including updates to Gemini and Android 16
  • Thousands of people have embarked on a virtual road trip via Google Street View

Categories

  • Industry News
  • Programming
  • RSS Fetched Articles
  • Uncategorized

Archives

  • May 2025
  • April 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023

Tap into the power of Microservices, MVC Architecture, Cloud, Containers, UML, and Scrum methodologies to bolster your project planning, execution, and application development processes.

Solutions

  • IT Consultation
  • Agile Transformation
  • Software Development
  • DevOps & CI/CD

Regions Covered

  • Montreal
  • New York
  • Paris
  • Mauritius
  • Abidjan
  • Dakar

Subscribe to Newsletter

Join our monthly newsletter subscribers to get the latest news and insights.

© Copyright 2023. All Rights Reserved by Soatdev IT Consulting Inc.