Warning for Linux users, fake Verizon, SBA scams and Canadian vets offered cyber training.
Welcome to Cyber Security Today. It’s Friday August 14th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Most of the malware I report on runs on Windows, because most malware attacks Windows. But many governments, companies and individuals run systems with Linux. Yesterday the FBI and the U.S. National Security Agency issued an alert about a newly-discovered piece of malware which they conclude comes from Russia’s military intelligence unit. Called Drovorub, which loosely translates into “woodchopper”, it allows hackers to take control over infected machines and copy files. Unfortunately the extensive report on how the malware works doesn’t say how victim organizations were infected — whether by email scams or hacking. But the report does urge IT administrators or individuals running Linux to make sure they’re running the latest versions of the operating system, including Linux Kernel 3.7 or later. And if they haven’t done so already, they should also activate the Secure Boot capability on Linux systems. Here’s a link to the full report.
Attention Verizon subscribers: Don’t be fooled by an email pretending to be from Verizon Support saying you have to log in to your account to see a security message. This is a fake. A security company called Armorblox noticed this. The first tip off is the sender’s address. Yes it says “Verizon Support”, but if you look at the full email address it comes from some other site like “cbzhomes.com”. The second is the underlined word “Login Here” instead of the full address of that website. A hidden email link is suspicious. Those foolish enough to actually click on the link go to a fake page that looks like a Verizon web site. But the address of that site starts with “blacksuncoven.com.” That’s a real web site, but it’s been unwittingly hacked and used by criminals for this scam. The lesson for consumers is to regularly check where emails come from, especially those that ask you to click on a link or an attachment. And just to be sure, check the web address of any page you log into. The lesson for web site administrators is regularly check your sites’ code to make sure they aren’t being abused by hackers.
Meanwhile the U.S. Cybersecurity and Infrastructure Security Agency reports another email scam of the federal Small Business Administration’s COVID-19 relief program. People are getting messages with the subject line “SBA Application – Review and Proceed” asking them to click on a link and sign in to their account. The goal is to steal usernames and passwords. There are a couple of tip-offs: First, the full email address of the sender of this message is “firstname.lastname@example.org.” That’s a fake. In fact the real address for this message ends in “@gov-sba.us.” Victims who click on the link go to “leanproconsulting.com.br”, which obviously isn’t a U.S. government web site. Make sure your email shows the full email headers of senders. If you want more information about Small Business Administration email scams, there’s a link to a report from a security firm called Malwarebytes here.
A few podcasts ago I talked about hackers setting up copycat web sites with internet addresses close enough to the real ones to fool victims. A U.S. brokerage regulator called the Financial Industry Regulatory Authority has spotted one. The website for this agency is FINRA.org. But a criminal group has set up a fake website with the internet address FINNRA.org. This fake web site is aimed at tricking brokers into paying thousands of dollars for registration and capturing corporate information. FINRA has asked the domain registrar of the fake site to suspend the use of this internet address.
Finally, there’s a shortage of cybersecurity workers in most countries. To help meet the demand in Canada the federal government is turning to former members of the military. Yesterday it formally announced a partnership with a skills upgrading website called With You With Me to train veterans in technology-based roles. Consulting firm EY Canada will help the government place program graduates in the right positions. I say it was a formal announcement because the program has quietly been underway for several weeks. So far over 1,000 veterans have signed up. The U.S. offers free online cybersecurity training to American veterans under the Hire Our Heros program to help them get jobs in the public and private sector.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.