-
Key Ransomware Variants In Canada
Under the new Technology and Cyber-Security Reporting Advisory, financial institutions must report incidents within 24 hours in writing. Here is a list of examples of reportable incidents: Scenario Name Scenario Description Impact Cyber Attack Account takeover botnet campaign is targeting online services using new techniques, current defenses are failing to prevent customer account compromise High volume and velocity of attemptsCurrent controls are failing to block attackCustomers are locked outIndication that customer account(s) or information has been compromised Service Availability & Recovery Technology failure at data center Critical online service is down and alternate recovery option failedExtended disruption to critical business systems and operations Third-Party Breach A material third party is…
-
Bielarus CyberPartisans Mega Attack
-
Indica Records Cyber-Phishing Upgraded
I don’t know why the Indica label is so popular among incompetent cyber-criminals. Even Desjardins impersonators are not that persistent, but here we go again. It is important to keep in mind that this can happen to any business. Every website out there can be used as a front to commit phishing and other attacks, with or without cyber-squatting, most of the time without the knowledge and consent of site admins. The less tech-savvy a business, the more vulnerable it is to have its identity used in this way. While dissecting my latest Indica Records incident, I noticed a new approach of fake ID layering to bypass spam filters (not…
-
Mobile Verification Toolkit To Detect Pegasus Spyware In Personal Devices
The human rights organization Amnesty International has developed a utility called MVT (Mobile Verification Toolkit) that allows you to identify the Pegasus malware in your device and its source code is available on GitHub.The MVT utility is compatible with Android and iOS, but there are no ready-made solutions for the quick installation of the application. They need to be compiled for a specific device, which can be done only on a computer with Linux or macOS. The utility saves a backup copy of the data from the smartphone on the computer, scans all data and checks if the device is infected with the Pegasus spyware, and informs the user if…
-
Spyware Tracks Journalists And Activists Via Microsoft
This just in. At least 100 activists, journalists and government dissidents across 10 countries were targeted with spyware produced by Candiru, according to cybersecurity researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance. https://montrealgazette.com/news/world/activists-journalists-targeted-by-israeli-firms-spyware-researchers-say Using a pair of vulnerabilities in Microsoft Corp.’s Windows, cyber operatives operating in Saudi Arabia, Israel, Hungary, Indonesia and elsewhere purchased and installed Candiru’s remote spying software. According to Cristin Goodwin, general manager of Microsoft’s Digital Security Unit, the tool was used in “precision attacks” against targets’ computers, phones, network infrastructure and internet-connected devices,” —————– Being a frequent target of cyber-attacks (like any person in the world who needs to get…
-
France: Vente de vrais certificats vaccinaux sur Snapchat via Amazon
Nous avons déjà rapporté des incidents de vente de QR codes vaccinaux sur le dark net dès le mois d’avril 2021, mais ces incidents comme tout ce qui est “dark web” ne forment qu’une infime partie du traffic mondial d’usurpation de tests de dépistage et de certificats vaccinaux. Depuis ses débuts, l’internet de surface (grace à notamment des protections comme l’article 230, Communication Decency Act ) héberge 95% de la cybercriminalité, et notamment vol d’identité de tout genre, demandes de rançon et traffic humain. Évidemment, l’internet de surface est aussi un terrain propice pour la commercialisation de passeports vaccinaux. Grace à la collaboration indispensable de soignants et autres travailleurs de…
-
Owsianik v. Equifax Canada, 2021 ONSC 4112
One in 6 Ontario class actions allege privacy violations. This dynamic may change following the Divisional Court’s determination in Ohsianik v. Equifax that collectors and guardians of personal data (“Database Defendants”) cannot be liable for intrusion upon seclusion when third parties steal or access that data. Liability is suppressed even where database defendants are alleged to have acted recklessly in the storage of that information such that the information was improperly accessed by a third party. https://www.canlii.org/en/on/onscdc/doc/2021/2021onsc4112/2021onsc4112.pdf
-
New Type Of Ransomware Attack Hits 200 US Companies
A successful ransomware attack on Kesaya, a company that remotely controls programs for businesses, has spread to at least 200 organizations. According to cybersecurity firms this is one of the single largest criminal ransomware sprees in history. The attack, first revealed Friday afternoon, is believed to be affiliated with the prolific ransomware gang REvil and perpetuated through Kaseya. Kaseya has issued a statement urging all its customers to immediately stop using its service. The number of infected companies is expected to rise over the weekend. Many are still awaiting a decryption key from Kaseya. The U.S. Cybersecurity and Infrastructure Security Agency announced Friday evening that it is taking action to understand and…
You May Also Like
Ransomware Decryption Tools For Windows
-
Teksavvy Solutions and Bell Media, 2021FCA10
The Federal Court of Appeal confirmed a site blocking order that was touted as the “first ever” in Canada back in 2019. The Federal Court of Appeal is right. I sincerely hope to see such orders much more often and on an interlocutory basis. Too many defendants are using the morbid slowness inherent in our justice system to allege some bogus “rights” to be resolved at trial and commit unfettered infringement in the meantime. The order can be accessed here. IMHO, ISP-blocking must be available at an interim stage and even before. There should be a presumption in favor of blocking, to protect consumers, improve access to justice, block the…
-
Indica Records Zip File Phishing Spam Of The Day
Over the last couple of years, I have received several spammy emails appearing to be sent from a record label employee asking me to open a zip file with my name on it, or a Word doc where I need to activate macros. Today the cyber-fraudster has replaced their name with a bogus email address to hide the actual email address. When isolating the contact, you can see that the domain of the originating email has nothing to do with Indica Records. The ljcvelmonte.cl is likely a domain from South America set up for the purpose of stealing data or attempting ransom.
