Cyber Security Today, July 29, 2022 – Hackers change tactics to fight Microsoft, a new phishing service aimed at banks and more

Share post:

Hackers change tactics to fight Microsoft, a new phishing service aimed at banks and more.

Welcome to Cyber Security Today. It’s Friday, July 29th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

On Wednesday’s podcast I told you that Microsoft has resumed default blocking of VBA macros buried in email attachments as a safety precaution. For years hackers have been abusing the macro capability in Office applications to automatically download and run malware. The blocking of downloadable macros is intended to shut that door. But a report from Proofpoint reminds IT pros that threat actors have been switching tactics for months, moving away from macros to new tactics. These include using container files such as ISO and RAR, as well as Windows Shortcut files which are known by the LNK extension. The lesson: Be aware of the latest techniques and tactics used by threat actors through threat intelligence from your vendors and your colleagues.

Hackers are quietly installing bandwidth-stealing malware on victims’ computers. According to researchers at the South Korean firm ASEC, this type of malware, called proxyware, allows the hacker to not re-sell the bandwidth to other people but also access the victim’s email account. Another strain can be installed on a vulnerable Microsoft SQL server, where it can be used for stealing corporate data. IT departments should find ways to verify all their bandwidth is being used legitimately. Individuals who are tempted to earn money from installing proxyware on their systems should know they are risking it being abused by crooks.

Crooks are running a new phishing-as-a-service platform targeting financial institutions in Canada, the U.S., the U.K. and Australia. Appropriately, it’s called Robin Banks. Researchers at IronNet say the site not only has email and text phishing kits aimed at Bank of America, CapitalOne, Citibank, Lloyds Bank and Wells Fargo, it also has templates customers can use to phish and steal Google, Microsoft, T-Mobile and Netflix users passwords. One example of a scam is a text message sent to people purporting to be from a bank alleging unusual activity on their debit card. Victims are asked to click on a link to very their identity. Hackers can sign up for the service for around $200 a month.

Cybersecurity experts regularly caution people to be very careful before downloading anything to their PCs or smartphones, even if it supposedly offers productivity help. Here’s another reason why: Researchers at Volexity have identified malicious extensions for the Google Chrome and Microsoft Edge browsers. These extensions steal data from victims’ Gmail and AOL email accounts. The report doesn’t explain how the extensions are installed — whether users think the extension is useful, or if users are victimized by clicking on a phishing link. At the very least IT security teams should regularly check on extensions on computers used by high-risk employees. Individuals need to the same by clicking on the Extensions icon in their browsers. In Chrome its a funny black icon in the top right. In Edge it’s a gear-shaped icon on the address bar.

Finally, later today the Week in Review podcast will be available. Guest David Shipley and I will discuss reports on the continuing increase in cyber attacks, the major ways attackers compromise firms and the cybersecurity talent shortage.

Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, July 29, 2022 – Hackers change tactics to fight Microsoft, a new phishing service aimed at banks and more first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

40 thousand routers compromised: Hashtag Trending for Wednesday, March 27th, 2024

A new cyberthreat is taking down home routers. Germany passes a law insisting on end to end encryption. Reports expose the craziness of tech hiring practices, the US government has had it with SQL injection attacks and Elon Musk gets a smackdown from a federal judge as we see more from the X files –

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Apple gets hammered by the EU again: Hashtag Trending for Tuesday, March 26, 2024

Apple gets hammered by the EU once again while there’s a threat in the US of breaking up the big tech giants. Google appears to have another problem AI implementation, Steve Wozniak is back as an unlikely critic of the TikTok ban, a new open source AI that runs on your computer an an Amazon

CIOs complain of “application sprawl” – Hashtag Trending, Monday March 25th, 2024

Apple may get an unexpected penalty from the US Governments new lawsuit, survey of CIOs complains of application sprawl but proposes that the way to get out of it is “more applications”, 1% of employees cause 89% of data loss events and information surfaces about some potentially enormous developments in AI in the coming months.

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways