Cyber Security Today – No bargain on these Nikes, Facebook fires corrupt worker, ransomware called a crisis

No bargain on these Nikes, Facebook fires corrupt worker, ransomware called a crisis, and more

Welcome to Cyber Security Today. It’s Friday December 13th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

To hear the podcast, click on the arrow below:

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The Internet is a great global marketplace for buying things. It’s also a great place where criminals fleece people of their money by offering non-existent or counterfeit brand-name goods. According to a report this week from security vendor Malwarebytes, you may get booted in two ways if you think you got a terrific deal on valuable sneakers from hundreds of online sites. First, those Nikes or Adidas you ordered may not show up on your doorstep, or if they do they’ll be cheap knockoffs. Second, the credit card number and billing address you used to pay for them will be stolen. That’s because criminals are hacking or using the websites of those selling bogus goods to steal credit card data. It’s an old story — if the price is too good to be true it probably is. When buying online stick to companies you are certain are legit. You will pay more, but the cost of someone stealing your credit card makes the real price sky-high.

Hackers are a threat to companies. So are corrupt employees and part-time workers. Here’s a recent example: BuzzFeed News reported this week that Facebook fired a contractor after learning the person was paid thousands of dollars by a marketing company to reactivate ad accounts Facebook had banned. The marketing company was allegedly running a scam that involved placing more than $50 million in ads, many of which made false claims about celebrities. The ads offered an expensive monthly subscription for a product that was initially marketed as a free trial. The marketing company shut in October after a BuzzFeed investigation of how it worked. But the news site says it recently found chat messages alleging the former CEO and the Facebook contractor worked to reactivate banned ad accounts. Companies shouldn’t view employees with suspicion as a result of incidents like this. But they do need policies and controls to detect suspicious behavior.

Retail websites aren’t the only ones that get hacked for stealing credit card information. A company called Click2Gov, which provides a bill payment portal for municipalities, has been victimized several times. According to news reports the latest customers hit were the Texas cities of Waco and College Station. In September security consulting firm Gemini Advisory noted Click2Gov had been struck with a second wave of attacks. It’s common for criminals once they’ve discovered a target system with a hole to go back and try again, the firm noted. So, e-commerce sites and providers, you’ve been warned.

Ransomware has hit crisis proportions in the United States, says security vendor Emsisoft in a report this week. So far this year 948 government agencies, schools and healthcare providers have been hit. That doesn’t count retailers and manufacturers. The thing is, Emsisoft argues, many of these attacks could have been prevented through improved security, including — forgive me for repeating — making employees use two-factor authentication in addition to a username and password to protect corporate data.

Finally, a bunch of updates were released this week:

— iPad, iPhone and Mac users should note that Apple released security updates for their operating systems;

–There’s also an update for the Safari browser. Speaking of browsers, Google put out version 79 of the Chrome browser which adds real-time phishing alerts and password breach warnings.

–Amazon released updates to its Blink XT2 home security cameras, which should patch automatically;

–And this one’s tricky: Intel makes several types of computer processors. The more powerful of them are called Core processors and have the numbers i3, i5 and i7. If your computer has one of these and was bought in the last five years, be on the lookout for an update from the manufacturer. It fixes a vulnerability in the processor’s firmware. For you IT professionals, there’s also a fix for Xeon processors.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast