, , ,

Ransomware campaign up around the world

, , ,

A new email ransomware campaign is spreading around the world. Researchers at Fortinet say it’s a spam effort, meaning the messages are not targeted. Instead they are addressed generally, like “Dear customer.” The subject line in the email would be something like “Document number…”, “Your order number” or “Ticket number.” With the email is a malicious attachment that leads to the installation of malware. The initial targets are corporate mail servers used to forward this email. These have been found in Canada, the U.S. the United Kingdom and other countries. 

ransomware-cbyersecurity-consulting.jpg

The best defense against ransomware – or any email-delivered malware – is to watch out for it. Be cautious about unsolicited emails, especially those with attachments. And it’s vital you always have a separate backup of your data made it a way that can’t be infected, just in case you make a mistake.

Meanwhile McAfee reports some Canadian organizations have been victimized by a separate operation. A group security that researchers call Hidden Cobra, believed to be backed by North Korea, has been putting surveillance software on the systems of companies. The suspicion is the Canadian victims have been used as listening or data relay points. The malware that this campaign has installed has not stolen financial or sensitive data but appears to be there find out what’s on a computer, and be ready to launch further attacks.

Companies have to make sure their systems have the latest security patches. In addition, because the malware appears to be distributed through email, employees have to be reminded to be careful on what they click on.

For more on this see my story today on ITWorldCanada.com.

The U.S. National Security Agency has just suffered a black eye from an international standards body. According to a blog on Bitdefender, the International Organization of Standardization – known more commonly as ISO – rejected two new encryption algorithms suggested by the NSA to secure Internet of Things devices. The algorithms would scramble information on Internet-connected devices like home surveillance cameras and toys. But the NSA’s reputation for creating tools to hack into applications apparently give it a bad name at the ISO. One ISO delegate accused the NSA of telling half-truths and lies in its presentation.

If that allegation is accurate, it isn’t good. Internet of Things devices badly need better security. People and companies around the world buy tens of thousands of them a year. Insecure devices don’t improve security.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening.

CyberSecOp assists organizations with Cyber Security and Privacy Consulting Services, providing services such as Cyber Security Program, Data Privacy Security Program, and Cyber Security Assessment services based on the following: NIST, ISO 27001, GDPR, CCPA, HIPAA, PCI, CMMC, GLBA amongst others. Don’t risk regulatory fines. Stay compliant with CyberSecOp Security Compliance and Cyber Incident Response Services. For More Information Call 866-973-2677

CyberSecOp an award winning cybersecurity consulting company, Click here to find out more.

YOUR TRUSTED SECURITY CONSULTING PARTNER             

CyberSecOp provides high-end cyber security consulting services and incident response support for organizations worldwide. Our cyber security customer service support can be contacted using the Contact Us form, or you can reach our live customer service representatives 24/7 using our Live Chat and 866-973-2677.

Use the search to find the security services, or call the number above to speak with a security professional.  

CYBER SECURITY SERVICES

Cyber Incident Response

CYBERSECURITY EXPERIENCE

Cyber Security Governance Network Security Security Risk Management Security Awareness Training Managed Security Services

CyberSecOp Your Premier Information Security Consulting Provider - Company HQ in Stamford, CT & New York, NY. CyberSecOp is a top-rated worldwide cyber security consulting firm that helps global corporations with cyber security consulting services and Cyber Incident response services.