The Avaddon ransomware group appears to be giving up, a retailer association backfires and a warning to Samsung device owners.
Welcome to Cyber Security Today. It’s Monday, June 14th. I’m Howard Solomon, cybersecurity contributing reporter for ITWorldCanada.com.
Presented to you by Terranova Security, this podcast will help you build an effective security awareness training program and train the world’s cyber heroes from a range of cybersecurity experts. Register now for the Virtual Security Awareness Summit 2021 by clicking here.
The Avaddon ransomware gang seems to be moving away from the scheme behind all the money they have been collecting. The Bleeping Computer news site says it was sent a file last week with a bunch of decryption keys to decrypt data that had been messed up by the Avaddon ransomware. That’s a sign. These keys have been verified to be authentic. The security company Emsisoft quickly released these decryption keys online so that any company affected by this type of ransomware can recover their data. Who but this gang would have sent these keys? Another sign is that the gang’s pages are no longer accessible on the Dark Web Tor network. A third sign is that Avaddon reportedly squeezed victims for money last week and settled down quickly.
One Canadian victim listed on the Avaddon website is an Ontario construction union council.
It is not uncommon for gangs of ransomware to become closed. There is speculation behind Avaddon that law enforcement agencies, particularly in the United States, are becoming more aggressive against gangs of ransomware. After part of its infrastructure was confiscated, the Darkside group said it will be closed. However, cyber-skilled crooks know they are valuable. With ransomware so lucrative, the developers at Avaddon and Darkside can create new and hopefully safer versions of their systems. Or they can just work for other groups.
Another of those oopsy moments stumbled upon an online shop. According to a website called VPNMentor, this time around it is a giant baby clothing retailer called Carter’s. Anyone who has purchased goods from the online store must receive the order and then click on a link to confirm the order. But that link was a long string of numbers and letters, so Carter used a third-party link shortening service to send customers a short link to click. However, the people involved in the process did not pursue adequate cybersecurity, including the fact that no authentication was added to verify that only the person who made the purchase could visit the confirmation page, which contained the buyers’ personal and financial information . Skilled hackers were able to find the links, get to confirmation pages, and copy buyer names, physical and email addresses, phone numbers, and items ordered.
The lesson is that adding a simple thing to a business process can have security implications if not carefully considered by a critical development team.
In the end, Android smartphone and tablet manufacturers often add their own tweaks and utilities to the operating system. However, these bundled apps can have security flaws if they are not spelled correctly. A security company called Oversecured says this happened to a number of apps that come with Samsung devices. They could allow an attacker to access and edit a victim’s contacts, calls, and text messages, as well as install malware. Samsung was made aware of these issues and released patches in April and May. So, if you are the owner of a Samsung device, make sure that your phone or tablet has the latest updates.
That’s it for now! Remember that links to podcast story details are included in the text version on ITWorldCanada.com. You can also find other stories from me there.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.
source https://collegeeducationnewsllc.com/cyber-security-today-june-14-2021-avaddon-ransomware-group-apparently-gives-up-a-retailers-shortcut-backfires-and-a-warning-to-samsung-device-owners/
No comments:
Post a Comment