Cyber Security Today: March 1, 2019: Sextortion, Facebook and Elasticsearch

The rate of sextortion is increasing, soon you’ll be able to erase your Facebook history and an Elasticsearch warning

Welcome to Cyber Security Today. It’s Friday March 1st. I’m Howard Solomon, contributing writer on cyber security and privacy for ITWorldCanda.com.

To hear the podcast, click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The rate of attempted email sextortion may be going up. Security vendor Barracuda Networks says its customers are seeing more of these scams, where attackers try to trick victims into giving them money. They claim to have a compromising video, allegedly recorded on the victim’s computer, and threaten to share it with all their contacts unless they pay up. To convince victims, the attackers may include a victim’s email password, which they got from an earlier data theft.
Some subject lines ask the victim to change their password to get their attention. Other messages have implied threats like, “You are my victim.” or “This is my last warning.” University and college students are frequent targets.

Companies have to make sure their email systems can’t be compromised and allow thieves to steal usernames and passwords. If you get one of these messages think carefully. The attacker likely has nothing on you and has obtained an old password. If you do pay a ransom, there’s no guarantee the attacker won’t come back and ask for more. If you get the message at your work address, notify the IT team. If you get it at home, forward the message to police.

Want more privacy by erasing your Facebook history so advertisers can’t use it? You will sometime later this year. Security Week says a Facebook official told a technology conference this week that the company is planning to roll out the deletion feature. The ability, first announced by the company over a year ago, will allow users to see which apps and websites send the network information, to delete the data from their account, and prevent Facebook from storing it.

You may not have heard of Elasticsearch, a search and analytics engine used by organizations to hunt through corporate data. Well, Elasticsearch databases that aren’t protected and are left open on the Internet are great opportunities for data theft. The Dow Jones financial service found that out this month when security researcher Bob Diachenko discovered the supposedly subscriber-only Dow Jones Watchlist dataset open for viewing. The Watchlist is used by organizations in researching whether it’s risky to do business with certain people or firms. Apparently, someone with legitimate access to the list made a mistake with a setting. Eliminating configuration mistakes is a big problem for IT security staff.

Also this week Cisco Systems Talos security service said it has evidence that hackers are looking for unsecured Elasticsearch clusters, particularly older versions of the software. Attackers are using old vulnerabilities to drop malware and cryptocurrency miners onto servers. Administrators should make sure they’re running the latest version of Elasticsearch.

Finally, the Coinhive cryptomining service is a legitimate way to install a Monero mining capability on your computer’s browser. However, it is notorious for also being used by criminals to plant the app on unsuspecting victims to reap the rewards for themselves. Well, thanks to the plunge in the value of Monero Coinhive will close on March 8th. It probably didn’t help that Google banned cryptomining browser extensions for the Chrome browser last year, and Apple banned cryptomining apps from their app stores.

That’s it for Cyber Security Today. Cyber Security Today can be heard Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast