Cyber Security Today, Jan. 20, 2023 – Ransomware payments plunged in 2022, malware hidden in blank images and more

Share post:

Ransomware payments plunged in 2022, malware hidden in blank images and more.

Welcome to Cyber Security Today. It’s Friday, January 20th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsDay.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The amount of money collected by ransomware gangs last year dropped significantly compared to 2021. That suggests victim companies and governments are refusing to pay attackers — or are refusing to pay as much as they did in previous years. According to researchers at Chainalysis, data they can get hold of says ransomware gangs collected at least US$457 million in 2022. That compares to about US$765 million in each of the previous two years. That’s a 40 per cent drop. The real payout numbers, researchers admit, are much higher. However, the data suggests crackdowns by police and tough cyber insurance requirements may be having an effect.

Meanwhile, ransomware attacks continue. Yum! Brands, which operates Kentucky Fried Chicken, Pizza Hut, Taco Bell and other food outlets said this week it had to close around 300 restaurants in the U.K. for a day after a ransomware attack. Data was taken, but the company doesn’t think any customer information was copied.

Have you heard of Kudu? Few IT people have, but it’s a source control management console for deploying applications on Microsoft’s Azure cloud service. A few months ago researchers at Ermatic discovered a serious vulnerability in Kudu that could have allowed an attacker to deploy malware. Thanks to their warning, Microsoft fixed the bug in December. But it’s also a warning to IT administrators to understand all of the on-premise and cloud tools in their environment. Access to those with management capabilities — like Kudu — must be restricted to only those who need it and by strong login protection like hardware-based multifactor authentication.

Imaginative hackers have found a new technique for evading defences. They’re placing blank malicious images on web pages they want victims to go to. According to researchers at Avanan, the victim gets an email with a link to a document they are asked to read and sign through the DocuSign service. There’s an attachment that displays an image of the document. If the victim follows good security and hovers over the link it shows a legitimate DocuSign page. However if the victim clicks on the attachment to read it, they don’t realize there’s an empty image underneath that hides JavaScript that automatically pulls in a malicious web page. Then the victim’s computer gets infected. IT administrators should consider blocking HTML attachments in emails. Employees have to be reminded to be suspicious of email and text messages with attachments.

Ireland’s Data Protection Commission — which acts for the entire European Union — has levied its third fine against a service of Meta. This time it’s WhatsApp, which has been fined the equivalent of $8 million for not being clear to users how their personal data is being used. This comes after the commission fined Facebook and Instagram earlier this month the equivalent of $568 million for requiring users to accept its new privacy notice. That notice says their personal data will be used for targeted advertising. Meta is appealing all three rulings.

Finally, attackers this week managed to disrupt an online version of the Le Mans 24 hours race where famous racing drivers were participating for prize money. Two-time Formula 1 champion Max Verstappen was knocked offline and out of contention. According to security reporter Graham Cluley, several other drivers had connectivity problems. Organizers said the servers running the race suffered a suspected security breach.

Later today the Week in Review edition will be out. This week guest commentator David Shipley and I will discuss hacks at Mailchimp, CircleCI, the theft of a Nissan customer database from an outside application developer and why we put up with application vulnerabilities.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing.

The post Cyber Security Today, Jan. 20, 2023 – Ransomware payments plunged in 2022, malware hidden in blank images and more first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Leverage best research and psychology to increase cyber security training results: Cyber Security Today, the Weekend for October 5, 2024

Unveiling the Truth: Insights into Cyber Security Awareness and Phishing In a special crossover episode of Cyber Security Today...

OpenAI raises big money. But can it ever make money? Hashtag Trending for Friday, October 4, 2024

Hi, it’s Jim.  One more reminder about CDW Canada Tech Talks. If you’re passionate about technology and innovation,...

National Vulnerabiity Database facing a huge backlog, update on CIRA study and more: Cyber Security Today for Friday, October 4, 2024

Hi, it’s Jim. Before we get into today’s episode, I want to tell you about another fantastic podcast:...

Is Linux the future of AI? Hashtag Trending for Thursday, October 3, 2024

Hi, it’s Jim. Did you get a chance to check out CDW Canada Tech Talks. If you’re passionate...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways