News

Being nominated for a Grammy doesn’t not raise your Q-rating; it also, apparently, increases the likelihood that cybercriminals will appropriate your name or song tracks to trick targets into opening malicious files. Researchers at Kaspersky looked at 14 musical artists who were nominated this year for a major Grammy award and determined that in 2019 there was a 39 percent year-over-year jump in attempts to download or execute malicious files disguised as content related to these 14...

Cornerstone Payment Systems, which processes payments for pro-life groups, churches, ministries and other organizations with a similar Christian bent, left a database unprotected, exposing 6.7 million records from 2013 until the present. Source: SC Magazine

A different phone scam is doing the rounds and is now targeting a cache of information, rather than just cash. Dilshad Burman with a Canadian newcomer who was conned into parting with her Social Insurance Number. Source: City News

Bulletproof has released its Annual Cybersecurity Industry Report that shows that half of the most pervasive of critical flaws - which offer hackers an easy route into an organisation – are down to outdated components, such as unpatched or unsupported software. However, this number has jumped significantly from 22%  over the previous year, indicating a widespread negligence when it comes to organisations’ cybersecurity practices. One of the most shocking findings was that cyber criminals continue to...

CheckPoint last year found a now patched flaw in Zoom Meeting that allowed researchers to predict meeting ID numbers enabling them to enter private conversations. The vulnerability was found last year and patched by Zoon Video Communications in July 2019, but the company has only just now reported on the issue. Source: SC Magazine

FireEye has announced the acquisition of Texas-based Cloudvisory, hoping its new addition will boost the cloud security capabilities of FireEye Helix. The company said it would give customers with a single operations platform to monitor multi-cloud environments, hybrid-cloud firewalls, and integrate container security. Source: ZD Net

Ransomware attackers claimed to stolen 60GB of data from Canadian defence contractor after ransomware attack in December 2018. The threat presented by ransomware continues to be evidenced in 2020 after an attack on a major Canadian defence contractor Bird Construction. The Canadian construction firm that provides service for the Canadian military was apparently attacked by cyberattackers MAZE in December 2019, according to Infosecurity magazine. Source: Silicon

Hardware wallet creator Ledger has issued a warning to clients to be vigilant of Youtube accounts designed as phishing scams.  According to a tweet published Jan. 27, Ledger claimed to be facing phishing attacks by way of hacked YouTube accounts. The company reiterated that they are not affiliated with the series of video streams and have reported the malicious accounts to YouTube. Source: Crypto Globe

Phishing scams pop up everywhere, even from your friendly neighbourhood post office. Canada Post is aware of several ongoing scams, including fake emails and text messages from parties which use the Canada Post logo and branding, as well as convincing website URLs. In one recent scam, “Canada Post” sends out a text message about a delivery being shipped, with a tracking link attached. Clicking the link lets the viewer know that outstanding shipping fees are...

The campaign, which the researchers dubbed "Fractured Statue," was active between July and October 2019, the analysis found. It targeted five employees at a U.S. government agency - which the report did not identify - as well as two foreign nationals who had professional ties to North Korea, according to the Unit 42 report. Source: Banking Info Security