{"id":26169,"date":"2022-07-29T07:51:26","date_gmt":"2022-07-29T11:51:26","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=495050"},"modified":"2022-07-29T11:33:10","modified_gmt":"2022-07-29T15:33:10","slug":"cyber-security-today-july-29-2022-hackers-change-tactics-to-fight-microsoft-a-new-phishing-service-aimed-at-banks-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-july-29-2022-hackers-change-tactics-to-fight-microsoft-a-new-phishing-service-aimed-at-banks-and-more\/","title":{"rendered":"Cyber Security Today, July 29, 2022 \u2013 Hackers change tactics to fight Microsoft, a new phishing service aimed at banks and more"},"content":{"rendered":"<p data-ar-index=\"0\">Hackers change tactics to fight Microsoft, a new phishing service aimed at banks and more.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Friday, July 29th, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/23892201\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"3\">\n<p data-ar-index=\"4\"><strong>On Wednesday\u2019s podcast<\/strong> I told you that Microsoft has resumed default blocking of VBA macros buried in email attachments as a safety precaution. For years hackers have been abusing the macro capability in Office applications to automatically download and run malware. The blocking of downloadable macros is intended to shut that door. <a href=\"https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/how-threat-actors-are-adapting-post-macro-world\" rel=\"noopener\">But a report from Proofpoint<\/a> reminds IT pros that threat actors have been switching tactics for months, moving away from macros to new tactics. These include using container files such as ISO and RAR, as well as Windows Shortcut files which are known by the LNK extension. The lesson: Be aware of the latest techniques and tactics used by threat actors through threat intelligence from your vendors and your colleagues.<\/p>\n<p data-ar-index=\"5\"><strong>Hackers are quietly installing<\/strong> bandwidth-stealing malware on victims\u2019 computers. According to <a href=\"https:\/\/asec.ahnlab.com\/en\/37276\/\" rel=\"noopener\">researchers at the South Korean firm ASEC<\/a>, this type of malware, called proxyware, allows the hacker to not re-sell the bandwidth to other people but also access the victim\u2019s email account. Another strain can be installed on a vulnerable Microsoft SQL server, where it can be used for stealing corporate data. IT departments should find ways to verify all their bandwidth is being used legitimately. Individuals who are tempted to earn money from installing proxyware on their systems should know they are risking it being abused by crooks.<\/p>\n<p data-ar-index=\"6\"><strong>Crooks are running<\/strong> a new phishing-as-a-service platform targeting financial institutions in Canada, the U.S., the U.K. and Australia. Appropriately, it\u2019s called Robin Banks. <a href=\"https:\/\/www.ironnet.com\/blog\/robin-banks-a-new-phishing-as-a-service-platform\" rel=\"noopener\">Researchers at IronNet<\/a> say the site not only has email and text phishing kits aimed at Bank of America, CapitalOne, Citibank, Lloyds Bank and Wells Fargo, it also has templates customers can use to phish and steal Google, Microsoft, T-Mobile and Netflix users passwords. One example of a scam is a text message sent to people purporting to be from a bank alleging unusual activity on their debit card. Victims are asked to click on a link to very their identity. Hackers can sign up for the service for around $200 a month.<\/p>\n<p data-ar-index=\"7\"><strong>Cybersecurity experts<\/strong> regularly caution people to be very careful before downloading anything to their PCs or smartphones, even if it supposedly offers productivity help. Here\u2019s another reason why: <a href=\"https:\/\/www.volexity.com\/blog\/2022\/07\/28\/sharptongue-deploys-clever-mail-stealing-browser-extension-sharpext\/\" rel=\"noopener\">Researchers at Volexity<\/a> have identified malicious extensions for the Google Chrome and Microsoft Edge browsers. These extensions steal data from victims\u2019 Gmail and AOL email accounts. The report doesn\u2019t explain how the extensions are installed \u2014 whether users think the extension is useful, or if users are victimized by clicking on a phishing link. At the very least IT security teams should regularly check on extensions on computers used by high-risk employees. Individuals need to the same by clicking on the Extensions icon in their browsers. In Chrome its a funny black icon in the top right. In Edge it\u2019s a gear-shaped icon on the address bar.<\/p>\n<p data-ar-index=\"8\"><strong>Finally,<\/strong> later today the Week in Review podcast will be available. Guest David Shipley and I will discuss reports on the continuing increase in cyber attacks, the major ways attackers compromise firms and the cybersecurity talent shortage.<\/p>\n<p data-ar-index=\"9\">Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That\u2019s where you\u2019ll also find other stories of mine.<\/p>\n<p data-ar-index=\"10\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"11\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-july-29-2022-hackers-change-tactics-to-fight-microsoft-a-new-phishing-service-aimed-at-banks-and-more\/495050\">Cyber Security Today, July 29, 2022 \u2013 Hackers change tactics to fight Microsoft, a new phishing service aimed at banks and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on hackers dropping macros for RAR, LNK files, Robin Banks service offered for hackers, and warnings on malicious proxyware and browser<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-26169","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/26169","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=26169"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/26169\/revisions"}],"predecessor-version":[{"id":26193,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/26169\/revisions\/26193"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=26169"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=26169"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=26169"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}