{"id":23824,"date":"2022-06-10T07:54:32","date_gmt":"2022-06-10T11:54:32","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=487709"},"modified":"2022-06-10T11:23:37","modified_gmt":"2022-06-10T15:23:37","slug":"cyber-security-today-june-10-2022-the-emotet-botnet-is-spreading","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-june-10-2022-the-emotet-botnet-is-spreading\/","title":{"rendered":"Cyber Security Today, June 10, 2022 \u2013 The Emotet botnet is spreading"},"content":{"rendered":"<p>The Emotet botnet is spreading, a fake Facebook scam and more.<\/p>\n<p>Welcome to Cyber Security Today. It\u2019s Friday June 10th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23380418\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\"><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\"><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><strong>IT and security managers are being warned<\/strong> that the botnet distributing the Emotet malware is back. After its infrastructure was taken down over a year ago by a number of law enforcement agencies it was quiet for a while. But according to <a href=\"https:\/\/www.deepinstinct.com\/blog\/emotet-malware-returns-in-2022\" rel=\"noopener\">researchers at Deep Instinct<\/a> a resurrected Emotet package emerged late last year, with massive phishing campaigns targeting Japanese businesses in February and March. The researchers now report that new phishing campaigns recently began spreading Emotet to more regions. Employees should be warned to watch for email messages with supposed Microsoft Excel spreadsheets or Office documents. The attachments are infected. These messages may appear in the middle of email conversations with people whose email has been hacked. But because the sender\u2019s email is one the victim is familiar with it looks legitimate.<\/p>\n<p>Earlier this week researchers at Proofpoint noted Emotet has a new module that steals credit card details stored by users in their Google Chrome browser.<\/p>\n<p><strong>On Monday I reported<\/strong> that Atlassian is urging administrators to quickly install a security patch to close a vulnerability in its Confluence Server and Data Center applications. It hasn\u2019t taken long for threat actors to go after the flaws. <a href=\"https:\/\/www.lacework.com\/blog\/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134\/\" rel=\"noopener\">Security researchers at Lacework Labs<\/a> said this week that the Kinsing and Hezb malware have added ways to exploit this hole. So has the Dark.IoT botnet. The warning has gone out and there is no excuse for administrators to not have addressed this vulnerability by now.<\/p>\n<p><strong>An estimated 1 million Facebook users<\/strong> had their usernames and passwords stolen recently by logging into fake Facebook pages. <a href=\"https:\/\/pixmsecurity.com\/blog\/blog\/phishing-tactics-how-a-threat-actor-stole-1m-credentials-in-4-months\/\" rel=\"noopener\">According to security researchers at a firm called Pixm,<\/a> victims get messages with a video link on Facebook Messenger from the hacked accounts of people they know. As a result they trust the message and are willing to click on the link. It takes them to what looks like a Facebook verification login page. Actually, it\u2019s a scam to copy their credentials. After logging in the victims get taken to a web page with ads. In addition to stealing passwords the crook also gets paid for the number of people seeing the ads. The scam works because it gets around Facebook security controls. The best way to protect yourself from this type of scam is to enroll in Facebook\u2019s multifactor authentication protection service. But also, whenever you log into any page check the URL at the top and make sure it\u2019s the real thing. That\u2019s hard to do on a mobile device, so think carefully if you\u2019re on a smartphone, click on an email or text link and get set to a login page.<\/p>\n<p><strong>There\u2019s another warning<\/strong> about the dangers of downloading free versions of software you\u2019re supposed to pay for. It comes from <a href=\"https:\/\/blog.avast.com\/fakecrack-campaign\" rel=\"noopener\">researchers at Avast<\/a> who note these so-called free applications come with an unannounced gift \u2014 malware that infects victims\u2019 computers. Some steal data. Others steal cryptocurrency that victims have. Avast estimates in recent campaign a threat actor pulled in $50,000 in cryptocurrency in one month. Victims are tempted by offers of free versions of well-known software such as Microsoft Office, Movavi Video Editor and other games, office programs or applications for downloading multimedia content.<\/p>\n<p>That\u2019s it for this morning. But remember later today the Week in Review edition will be available. My guest will be Terry Cutler of Montreal\u2019s Cyology Labs. We\u2019ll discuss the LockBit ransomware gang\u2019s claim it has data from security provider Mandiant for sale.<\/p>\n<p>Links to details about podcast stories are in the text version at ITWorldCanada.com. That\u2019s where you\u2019ll also find other stories of mine.<\/p>\n<p>Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-june-10-2022-the-emotet-botnet-is-spreading\/487709\">Cyber Security Today, June 10, 2022 \u2013 The Emotet botnet is spreading<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on the continued rise of the Emotet botnet, more malware going after vulnerabilities in Confluence and a Facebook scam<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-june-10-2022-the-emotet-botnet-is-spreading\/487709\">Cyber Security Today, June 10, 2022 \u2013 The Emotet botnet is spreading<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"author":17,"featured_media":20709,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-23824","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23824","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=23824"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23824\/revisions"}],"predecessor-version":[{"id":23852,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/23824\/revisions\/23852"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/20709"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=23824"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=23824"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=23824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}