Cyber Security Today: Dec. 14, 2018 – A new phishing lure, another bad Mac app and interesting reading

A new phishing scam tries to capture passwords, another bad Mac app discovered and interesting reading from government committees in Canada and the U.S.

Welcome to Cyber Security Today. It’s Friday December 14th. To play the podcast, click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Phishing attacks take many forms. Usually, they’re email messages that ask you to open an attachment, which then tricks you into entering your password and user name. A security researcher who blogs for the SANS Institute, which offers security training, has found a new trick: Someone is sending out email that pretends to be a message from Microsoft or Office 365 saying your email couldn’t be delivered. If you click on the supplied link to fix the problem, you get asked to fill in your password. Don’t fall for this.

On Wednesday I warned about pirated Mac software that carries cryptomining malware. Well, here’s another alert: There’s a bogus version of the Discord app, which Mac gamers use to communicate with each other. The bad app takes a screenshot of your computer and also opens a backdoor that an attacker can use to upload malware. A tip-off is this app uses the common Animator icon, which looks like a little figure holding a pen. Even though underneath the icon it says Discord App, it’s a phony.

Finally, a couple of government reports issued this week make interesting reading. The Canadian House of Commons’ privacy and ethics committee’s report is on social media. It summarizes several months of testimony from experts and makes recommendations, one of which is that social media companies, like Facebook, should be regulated with a law obliging them to promptly remove hate speech harassment and disinformation. Regulation of social media has become a hot political issue, so read the report for background. Here’s a link to my story, which includes a link to the full report.

And for those of you who want gritty detail about how a company’s cyber security failed, the U.S. House of Representatives’ report on the huge Equifax breach makes fascinating reading. There’s a lot of lessons there for IT staff on what you should and shouldn’t do. Here’s a link to my story, which includes a link to the full report.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast