Cyber Security Today, May 26, 2023 – Hackers are using YouTube to flog pirated software, and more

Share post:

Hackers are using YouTube to flog pirated software, and more.

Welcome to Cyber Security Today. It’s Friday, May 26th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Hackers are using YouTube to publicize pirated software. According to researchers at Fortinet, videos advertising cracked software are uploaded by verified YouTube channels with a large number of subscribers. Victims who think they’re saving money are instead downloading apps that install malware to steal passwords and cryptocurrency. Infosec leaders need to remind employees to beware of anything advertised for free that usually carries a price tag. Don’t let ‘free’ be another word for ‘sucker.’

Separately, Fortinet released a report on cyber attacks on operational technology networks. These run things like pipelines and factories. Three-quarters of the 507 OT professionals surveyed said their firm had at least one intrusion in the last year. Nearly one-third of respondents said their firm was hit by ransomware.

Barracuda Networks released a survey on spear phishing trends. These are targeted emails aimed at an identifiable employee or company. Half of the organizations surveyed said they were victims of spear-phishing last year. Twenty-two per cent said their organization had at least one email account compromised. Barracuda estimates spear-phishing messages are responsible for 66 per cent of data breaches.

Apria Healthcare, an American firm that sells home medical equipment, is notifying over 1.8 million people their personal information may have been stolen. The security breaches took place in the spring of 2019 and the fall of 2021. The letter to customers says Apira believes the purpose of the hack was to fraudulently get money from the company and not to steal data. However an investigation was unable to confirm personal information was not accessed.

The Week in Review news roundup for March 31st mentioned that NCB Management Services, an account receivables firm, was notifying over a half million American residents of a data breach. That number has now been updated to over 1 million people.

A warning to infosec professionals: The Legion hacking tool for stealing usernames and passwords from misconfigured servers has been updated. According to researchers at Cado Labs, a new function extracts username and password pairs and then tries to log into a server through a secure shell, or SSH, protocol. It seems this tool is going after cloud services like AWS. The best way web servers can be protected is by making sure they’re not misconfigured.

That’s it for now. But later today the Week in Review edition will be available. Guest commentator Terry Cutler of Montreal’s Cyology Labs will join me to discuss the data breach of a U.S. company that was aided by employees sharing credentials to an email account, why companies hold data for so long and more.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, May 26, 2023 – Hackers are using YouTube to flog pirated software, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

White house official tells insurance companies to stop paying ransoms. Cyber Security Today for Wednesday, October 9, 2024

White House urges end to insurance-funded ransomware payments, Comcast reveals a major data loss, Chinese hackers use a back...

AI pioneers Geoffrey Hinton and John Hopfield awarded Nobel prize in physics. Hashtag Trending for Wednesday, October 9, 2024

AI pioneers Geoffrey Hinton and John Hopfield get a Nobel prize in physics, Google is tracking your location...

Did tech companies jump the gun reducing their staff? Hashtag Trending for Tuesday, October 8, 2024

Did companies move too quickly to reduce their development staff? Have we reached the point where it’s impossible...

Cloudflare punches back and we all benefit: Hashtag Trending for Monday, October 7, 2024

WordPress blogging software leads to lawsuits, Cloudflare defeats patent troll in court and Eric Schmidt says keep building...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways