Cyber Security Today — Guide for Canadian small business, new Android bank malware, tool helps track trouble

Guide for Canadian small business, new Android bank malware and a new tool to help track trouble
Welcome to Cyber Security Today. It’s Friday March 29th. I’m Howard Solomon, contributing reporter on cyber security and privacy for ITWorldCanda.com


 

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Big companies have big resources for tackling cyber security. So what can small and medium-sized businesses do? For starters, read the Canadian Centre for Cyber Security’s guide to baseline security controls. These are things your firm should be looking at to improve security. Released this week, it’s not a comprehensive list of what should be done — maybe your firm is too small to do them all. However, it’s worth reading to get an idea of what companies with fewer than 500 employees can do to lower the odds of being hit. Briefly, that includes making an inventory of all the hardware, software and data the company has, establishing the value of the data, developing a plan for detecting, monitoring and responding to incidents, and ensuring staff are trained on security. Good cyber security needs to be done in a methodical way. This guide will get you going.

You can find it here. The Canadian Centre for Cyber Security is the government’s one-stop place for cyber information.

Think that text message on your Android phone is from your bank? Think again. A Russian-based security vendor called Group-IB says it has discovered new malware that tries to convince users of Android phones they’re being sent messages from their bank or a cypto system like Bitcoin Wallet. Whoever is behind this is not only going after money in your account, they’re also looking for cryptocurrency. Perhaps as many as 27 American banks are being targeted, including Bank of America, JP Morgan, Wells Fargo, Capital One and TD Bank. When victims click on a link in the text message the malware is downloaded. Ultimately it tries to trick you into thinking you’ve connected with your bank. The malware can automatically fill in the password fields from data already stored on your phone. It also has techniques to bypass security. This is one dangerous piece of code. So not only do banks have to improve their apps, you have to be careful on what you’re clicking on when you get a text or an email.

Shodan is a search engine you might not have heard of. It indexes any device that’s connected to the Internet, from surveillance cameras to servers. It can tell smart users which devices aren’t secured, which can be handy for hackers. This week the company announced an extension of its paid service for businesses called Monitor. IT staff can use it to watch what’s being connected to the Internet from their company they might not know about. It could be handy for detecting unsecured databases and servers.

Attention network administrators: Cisco Systems this week released 24 security updates for products running its IOS XE operating system. Make sure your devices are patched. However, Cisco also warned of different vulnerabilities with two small business VPN routers, the RV320 and RV325. The company is still working on fixes.

Do you buy and manage video games through the GOG Galaxy Games platform? If so you need to update to the latest version as soon as possible. There are serious vulnerabilities that an attacker can use against your computer.

Finally, businesses should note vulnerabilities have also been found in Pydio 8, an open source file sharing and synchronization platform. Users need to update to the latest version.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast