{"id":28781,"date":"2022-09-21T08:45:17","date_gmt":"2022-09-21T12:45:17","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=503893"},"modified":"2022-09-22T09:39:36","modified_gmt":"2022-09-22T13:39:36","slug":"cyber-security-today-sept-21-2022-browser-malware-spreading-emotet-botnet-offers-different-ransomware-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-sept-21-2022-browser-malware-spreading-emotet-botnet-offers-different-ransomware-and-more\/","title":{"rendered":"Cyber Security Today, Sept. 21, 2022 \u2013 Browser malware spreading, Emotet botnet offers different ransomware, and more"},"content":{"rendered":"<p data-ar-index=\"0\">Browser malware spreading, Emotet botnet offers different ransomware, and more.<\/p>\n<p data-ar-index=\"1\">Welcome to Cyber Security Today. It\u2019s Wednesday, September 21st, 2022. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"2\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/24434625\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"3\"><strong>More malware<\/strong> is circulating that infects browsers, according to researchers at VMware and Microsoft. <a href=\"https:\/\/blogs.vmware.com\/security\/2022\/09\/the-evolution-of-the-chromeloader-malware.html\" rel=\"noopener\">VMware says<\/a> it\u2019s seeing a new version of an infection it calls ChromeLoader. An earlier version just stole usernames and passwords from browsers. The latest version not only injects ads into browsers for click fraud it can also be used to spread different malware like ransomware. Often victims get infected by clicking on ads or files that promise pirated or cracked versions of games or software.<\/p>\n<p data-ar-index=\"4\"><strong><a href=\"https:\/\/twitter.com\/MsftSecIntel\/status\/1570911625841983489\" rel=\"noopener\">Microsoft said<\/a><\/strong> victims of the malware it\u2019s seeing get hit when they click on a malicious ad or a link in a YouTube comment. IT security teams should warn employees about the risks of clicking on and downloading files from sources promising free or cracked versions of games and software. IT departments and individuals should always make sure the latest security updates for browsers are installed. The use of a good antivirus or anti-malware solution is also vital.<\/p>\n<p data-ar-index=\"5\"><strong>American Airlines<\/strong> has acknowledged suffering a data breach in July. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/american-airlines-discloses-data-breach-after-employee-email-compromise\/\" rel=\"noopener\">The Bleeping Computer news service says<\/a> the airline has begun notifying customers that attackers may have copied the personal information of employees and passengers. That includes their names, mailing addresses, email addresses, phone numbers, driver\u2019s licence numbers, passport numbers and possibly some medical information. The airline said a \u201cvery small number\u201d of victims were involved. It said the data came from the email accounts of several staff who were compromised after being sent a phishing message.<\/p>\n<p data-ar-index=\"6\"><strong>The Emotet botnet<\/strong> is now being used to spread the Quantum and BlackCat strains of ransomware. <a href=\"https:\/\/www.advintel.io\/post\/advintel-s-state-of-emotet-aka-spmtools-displays-over-million-compromised-machines-through-2022\" rel=\"noopener\">Researchers at Advanced Intelligence said<\/a> the botnet used to specialize in the Conti strain of the malware. But after that gang dissolved in June those behind the botnet have found new ransomware to distribute. Typically threat actors will create a phishing email package to send to victims. Those who click on the attachment first get infected with a Cobalt Strike beacon, which leads to the takeover of an IT network. From there the attacker uploads ransomware.<\/p>\n<p data-ar-index=\"7\"><strong>In separate news<\/strong>, Bitdefender, Europol and the NoMoreRansom Project <a href=\"https:\/\/www.bitdefender.com\/blog\/labs\/bitdefender-releases-universal-lockergoga-decryptor-in-cooperation-with-law-enforcement\" rel=\"noopener\">announced<\/a> that a free decryptor for the LockerGoga strain of ransomware is now available. You know you\u2019ve been hit by this strain if the encrypted files have the extension \u201c.locked\u201d. The alleged operator of this strain has been detained pending a trial.<\/p>\n<p data-ar-index=\"8\"><strong>Finally,<\/strong> researchers at NordVPN have been looking into the popularity of Google searches that include the word \u201chack.\u201d Almost two million searches from 50 countries were analyzed. Fifty per cent of Canadians using that term were looking for \u201chow to hack\u201d Facebook, Instagram or WhatsApp. Other popular searches were how to hack Wi-Fi, Snapchat and Gmail. It isn\u2019t known who\u2019s doing the searching or why. Are there lots of people who want to break into the apps of other people? Are these searches from people looking for ways to protect themselves from being hacked? Are there millions more crooks out there than we suspect? Lots of unanswered questions.<\/p>\n<p data-ar-index=\"9\">Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"10\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-sept-21-2022-browser-malware-spreading-emotet-botnet-offers-different-ransomware-and-more\/503893\">Cyber Security Today, Sept. 21, 2022 \u2013 Browser malware spreading, Emotet botnet offers different ransomware, and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode reports on browser malware, ransomware and a data breach at America<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-28781","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/28781","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=28781"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/28781\/revisions"}],"predecessor-version":[{"id":28849,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/28781\/revisions\/28849"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=28781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=28781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=28781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}