Mexican company hit by ransomware, Israeli cyber security company’s forum hacked, and update McAfee software
Welcome to Cyber Security Today. It’s Wednesday November 13th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com. To hear the podcast click on the arrow below:
Pemex, Mexico’s government-owned petroleum company, is the latest big firm to be victimized by ransomware. According to news reports, the hacker is demanding the equivalent of $5 million. Unfortunately a lot of companies around the world are still not ready to stop being infected by this stuff. One of the best ways is free: Educate staff to be suspicious of all emails. The second is make sure all staff use two-factor authentication to log into computers and applications.
A while back I mentioned that the vBulletin application used by many organizations for their customer and support discussion forums had buts that could only be fixed with the latest patches. Well, the news site The Hacker News has learned one of the support forums of Israel-based cybersecurity company Zone Alarm has been breached. The incident only affects those registered on “forums.zonealarm.com.” The Hacker News has been told by the company the attackers exploited a bug in vBulletin. Apparently Zone Alarm was running a version for which a patch had been issued. However, it isn’t clear when the forum was hacked. Forum members have been asked to change their passwords. If you have been notified by Zone Alarm about this and you use the same password on other sites, make sure to change the passwords on those sites as well.
Attention Firefox browser users: If you somehow end up on a web page asking you to call Windows support, close the browser immediately. This is a scam to get your password, and it works by seemingly freezing the browser with the message so you can’t do anything. Yes you can. As SecurityWeek notes, Windows users can force Firefox to close from the Task Manager by pressing Control-Alt-Delete buttons, or just right-click on the taskbar at the bottom of the screen. Either way, a menu will appear with Task Manager as one of the options. Click it and there’s another menu that lets you selectively close a running application. On a Mac, use the Force Quit option.
Attention users of McAfee anti-virus products including Total Protection and Internet Security: There’s an update that needs to be installed fast. A security company called SafeBreach discovered a vulnerability. Yesterday McAfee issued a fix.
Finally, yesterday was the monthly Microsoft Patch Tuesday, and with it came an important update to Windows 10. It includes bug fixes and some new but small features. Look for it coming to your computer in the next few days if you allow automatic updates, or do it yourself manually by going to the Settings menu and then to Update.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon