Cyber Security Today: Ransomware attacks hit a record in September, and more

Share post:

Ransomware attacks hit a record in September, and more.

Welcome to Cyber Security Today. It’s Wednesday, October 25th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The number of successful ransomware attacks keeps climbing. NCC Group says criminal data leak sites listed 514 victims last month. It breaks the record set in July, when gangs listed 502 victim organizations. The claims of these sites are usually reliable. The U.S. continued to be the most attacked country.

And if that’s not bad enough there’s a new ransomware gang. Rhysida. It runs as a ransomware-as-a-service operation, say researchers at Kaspersky. It has a unique self-deletion mechanism. It also works on Windows 7 and 8.

On Monday I told listeners about the compromise of files sent to Okta’s support system. Since then several technology companies have acknowledged being victims. They include Cloudflare and 1Password, which makes a password manager. 1Password’s CTO says no user data was compromised.

A former IT member of the U.S. National Security Agency has pleaded guilty to six counts of attempting to transmit classified defence information last year to what he believed to be was a Russian agent. He was actually sending the stuff to an undercover FBI agent. He’ll be sentenced next April.

VMware has updated its warning to administrators running Aria Operations for Logs. Last week it urged the software be patched to fix multiple vulnerabilities. This week that notice was updated to that warn threat actors now have exploit code to take advantage of an unpatched server.

Worried about how much data the apps you like are collecting? Here’s something to think about: According to researchers at The Money Mongers, Threads is the most invasive of the 100 apps it studied. They include Instagram, Facebook, Messenger, LinkedIn, Uber Eats and more. Threads, you may recall, is trying to challenge the platform called X and its tweets. By the researchers’ standard, Threats collects 86 per cent of its users’ personal data. That may be OK if the users realize this. But also note that 51 per cent of the apps studied share their user data with third parties. Again, that may be OK, but only if user know about it.

Finally, I know organizations have to respect their lawyers, but do lengthy, confusing privacy statements help your business? Consider this. By the calculation of researchers at NordVPN, it would take an entire work week — 42 hours — to read the privacy policies of the 96 websites most Canadian users go to. Even if it was restricted to the top 20 websites most Canadians go to, it would take almost nine hours to read their privacy policies.

Canadian companies should note that the proposed private sector privacy law now before Parliament would require them to describe in plain language how personal information of customers is handled. That’s the only way customers can give meaningful consent to their data being collected and used.

That’s it for now. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today: Ransomware attacks hit a record in September, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Hashtag Trending Feb.28- OpenAI says New York Times hacked ChatGPT; Apple cancels plans to release electric car; Your Voice is Power teaches indigenous youth...

Sponsor: Hashtag Trending is sponsored by Dalikoo.com (Spell). The founder is a big supporter of our podcast and is not only a sponsor but he has offered to provide $20,000 in Azure credits for two to three of our listeners who have a unique idea for an Azure based project. The credits can be applied

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways