News from OJCO
Latest news in the IT world
“Latest news in the IT world” collects all important news. Here we list some of the most interesting news in IT and IT security, which is good for everyone to know about.
Six out of ten companies exposed to ransomware attacks in 2020
Since the pandemic took off last year, many companies have faced major changes and challenges. A new report from Mimecast shows that six out of ten companies have been exposed to ransomware attacks in 2020. The consequences of teleworking and more accessible networks have affected companies. Of these companies, 63 percent chose to pay the ransom to the hackers. The study also shows a significant increase in cyber attacks, which requires companies to be serious and train their staff and establish a strong IT infrastructure.
Read the full article here: DagensPS
Large security gap in Stockholm’s IT system
On March 30, it was established that there is an extensive security gap in Stockholm’s IT system. This gap has been known since December and is declared “permanent and huge”, without actually doing anything about it. The security hatch includes all logins made on stockholm.se. When a user logs in, a cookie is saved which only disappears if you log out properly. If the tab is only closed, the cookie is stored for a long time. This makes the system vulnerable to an IT attack called Cross Site Request Forgery (CSRF). This attack means that the hacker uses a user’s authorization to do things on the site without his knowledge.
Read the whole article here: NyTeknik
Several Swedes suffered a Facebook leak
During the Easter weekend, over a million Swedes were hit by a Facebook leak. A total of 533 million personal data from Facebook accounts have been leaked, but no passwords. The information that was leaked is telephone number, place of work, date of birth, gender and in some cases email addresses. This information can usually be found on search services such as Eniro and Hitta, but on Facebook this is information that is not intended to be public. The information has also been compiled in lists and therefore it is possible to download the information country by country. People who work in government agencies are now easier to find because of the leak. The information is shared on darknet and other dubious hacker circles.
Phishing attack attracts with salary bonus
A researcher at Fortinet is now warning of a new phishing campaign that is trying to trick the victim into downloading a new version of the Bazar Trojan. The campaign uses fake emails that entice with salary bonuses, customer complaints or bills. The email wants the victim to click on a link that will direct them to a pdf which in turn will contain even more information. But this link instead leads to a malicious external website where the victim is then asked to download a file, which is actually the Trojan Bazar.
Read the whole article here: IDG
See what the email can look like: Fortinet
Hackers exploits the corona virus
Cybercriminals use the pandemic and Covid-19 to spread false information and exploit human concerns. Several players use fake websites to collect user data. According to ProofPoint, more than half of all phishing attacks targeting Covid-19 are focused on stealing user data. Various forms of e-mail have been flourishing lately, these may include phishing in the form of fraud that promises cure for the coronavirus or fraud in the form of counterfeits by the WHO.
Read the whole article here: ITsäkerhet