Erich’s “What in the (cyber) world is going on?” 10-10-16 edition

Samsung

Samsung continues its full frontal attack on the masses. First it was Note 7’s spontaneously catching fire, then it was washing machines exploding. Now it’s the replacement Note 7’s continuing their reign of flaming terror across airports and homes across the country.

The Samsung “Smart Home” is turning in to more of a Halloween Home of Horror. Keep an eye on those fridges ya’ll!

Ransomware

We saw some new ransomware activity last week. This stuff doesn’t necessarily encrypt the files, but renames them and demands a ransom to restore them. In addition, it spreads like a worm by infecting executable files. Not cool man, not cool. While it does seem to have a bit of an identity crisis (am I worm? Am I ransomware? I have no idea!) it’s something to keep an eye on either way. More info: https://blog.knowbe4.com/cyberheistnews-vol-6-40-this-weird-ransomware-strain-spreads-like-a-virus-in-the-cloud

Yahoo!

Let’s just face it, if you have ever had a Yahoo! account, used a Yahoo! search engine, uttered the word Yahoo! or even heard of Yahoo!, you can assume you have been pwned. Just change all of your passwords, rename your pet and have your mom change her maiden name because nothing is safe anymore. 1 billion accounts… sheesh.

Imagine for a moment how this would impact us all if these sorts of things happened with authentication methods such as biometrics that you can’t change. Something to consider as we start going down that path. Who would you trust with that data?

Scams

There is a scam going around claiming to be from the IRS (shocking, right?) using a phony Form CP 2000 in emails, text messages, live calls and perhaps even snail mail, associating itself with the Affordable Care Act. Warn your folks and tell them they can call the IRS at 1-800-366-4484 to confirm if it’s legit.

Hot Topic Phishing

Remember that when something major happens in the news (debates, attacks, deaths, product launches, exploding “smart” devices, etc.) there is an inevitable phishing campaign soon to follow. Keep an eye open for these and warn your family and users. Don’t be a victim lest you be the subject of the next campaign.


Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army 2nd Regional Cyber Center-Western Hemisphere.