Cybersecurity Alerts
Last updated on April 18, 2024Cybersecurity alerts provide timely information about current security issues, vulnerabilities, and threats. If you are a B.C. Public Service employee and believe your system may be compromised or at risk, please contact the 7-7000 Service Desk via email or phone 1-866-660-0811, option 3.
NOTICE:
USB DRIVES ON GOVERNMENT DEVICES
We have recently seen increasing numbers of staff using personal USB drives on government workstations. Please note that personal USB devices are prohibited from being used on government issued devices due to security concerns.
If you would like to request a government issued encrypted USB drive, please contact your office administrator or the person responsible for iStore orders within your branch.
Security Alerts
THERE ARE CURRENTLY NO SECURITY ALERTS
Vulnerability Reports
April 2024
14th - 20th
N24-156 Google Chrome Security Advisory - update
N24-157 Cisco security advisory
AL24-005 - Vulnerability impacting PAN-OS GlobalProtect Gateway - Update 2
N24-156 Google Chrome Security Advisory
N24-155 Atlassian security advisory
N24-154 Mozilla Security Advisory
N24-153 Juniper security advisory
AL24-005 - Vulnerability impacting PAN-OS GlobalProtect Gateway
7th - 13th
N24-152 Apache HTTP Server Security Advisory
N24-151 Palo Alto Networks Security Advisory
N24-150 Mitel security advisory
N24-149 Citrix security advisory
N24-148 Google Chrome Security Advisory
N24-147 Palo Alto Networks security advisory
N24-146 Microsoft Security Advisory
N24-145 Adobe Security Advisory
N24-144 Fortinet Security Advisory
N24-142 Schneider Electric Security Advisory
N24-141 Red Hat Security Advisory
1st - 6th
N24-140 VMware Security Advisory
N24-139 Microsoft Edge Security Advisory
N24-137 Cisco security advisory
N24-136 Ivanti security advisory
N24-135 Arch Security Advisory
N24-134 Google Chrome Security Advisory
N24-133 Android Security Advisory
N24-132 Kali Security Advisory
N24-131 OpenSUSE Security Advisory
N24-130 Debian Security Advisory
N24-129 Fedora Security Advisory
N24-127 Red Hat security advisory
March 2024
24th - 30th
N24-124 JetBrains security advisory
N24-123 GitLab security advisory
N24-122 Cisco security advisory
N24-121 Microsoft Edge security advisory
N24-120 Google security advisory
N24-119 Red Hat security advisory
N24-118 Apple security advisory
N24-117 IBM Chrome security advisory
N24-116 Ubuntu Security Advisory
17th - 23rd
N24-115 Lenovo Security Advisory
N24-114 Mozilla Security Advisory
N24-113 Ivanti Security Advisory
N24-112 Google Chrome security advisory
N24-111 Atlassian Security Advisory
N24-110 Mozilla Security Advisory
N24-109 Red Hat Security Advisory
N24-108 Ubuntu Security Advisory
10th - 16th
N24-107 Microsoft Edge security advisory
N24-105 Cisco Security Advisory
N24-104 Mitel Security Advisory
N24-103 Google Chrome security advisory
N24-102 Microsoft security advisory - March 2024
N24-101 Adobe Security Advisory
N24-100 Fortinet Security Advisory
N24-098 Schneider Electric Security Advisory
N24-097 Microsoft Edge Security Advisory
1st - 9th
N24-096 Mozilla Security Advisory
N24-095 Apple Security Advisory
N24-094 GitLab security advisory
N24-093 Apple Security Advisory
N24-092 Drupal Security Advisory
N24-091 Cisco security advisory
N24-090 Google Chrome Security Advisory
N24-089 VMware Security Advisory
N24-088 JetBrains Security Advisory
N24-087 SolarWinds Security Advisory
N24-086 Android Security Advisory
N24-085 Red Hat Security Advisory
February 2024
25th - 29th
N24-081 Cisco security advisory
N24-080 Google Chrome security advisory
N24-079 Zoom Security Advisory
N24-078 Ubuntu Security Advisory
18th - 24th
N24-077 Cisco Unified Intelligence Center Security Advisory
N24-076 ClamAV OLE2 Security Advisory
N24-075 GitLab security advisory
AL24-004 Vulnerabilities impacting ConnectWise ScreenConnect
N24-074 Atlassian security advisory
N24-073 Juniper Security Advisory
N24-072 Google Chrome security advisory
N24-071 VMware Security Advisory
N24-070 ScreenConnect Security Advisory
N24-069 Mozila security advisory
N24-068 Ubuntu Security Advisory
11th - 17th
N24-067 Solarwinds Security Advisory
N24-066 BIND Security Advisory
N24-062 Adobe security advisory
N24-061 Schneider Electric security advisory
N24-060 Microsoft security advisory - February 2024
N24-059 Red Hat security advisory
N24-058 Ubuntu Security Advisory
4th - 10th
AL24-003 Vulnerabilities impacting Fortinet FortiOS
N24-057 FortiOS SSL VPN Security Advisory
N24-056 Ivanti Securityt Advisory
N24-055 FortiOS Security Bulletin
N24-054 OpenSSL Security Bulletin
N24-053 JSA Applications Security Bulletin
N24-052 Citrix Hypervisor Security Bulletin
N24-051 Sonic security advisory1
N24-050 Linux security advisory
N24-049 Cisco security advisory
N24-048 Google Chrome security advisory
N24-047 VMware security advisory
N24-046 Android security advisory
1st - 3rd
January 2024
28th - 31st
N24-044 Ivanti security advisory
N24-043 Google security advisory
N24-042 Jenkins Security Advisory
N24-041 Ubuntu Security Advisory
21st - 27th
N24-040 Microsoft Edge Security Updates
N24-039 Junos Security Advisory
N24-038 GitLab security advisory
N24-037 WordPress security advisory
N24-036 Cisco security advisory
N24-035 Google Chrome security advisory
N24-034 Ivanti security advisory
N24-033 Fortra security advisory
N24-032 Mozilla security advisory
N24-030 Apple security advisory
N24-029 Apple security advisory
N24-028 Red Hat security advisory
14th - 20th
N24-026 Oracle security advisory – January 2024 quarterly rollup
AL24-001 Ivanti Connect Secure and Ivanti Policy Secure gateways zero-day vulnerabilities - Update 1
N24-025 SonicWall security advisory
N24-024 Atlassian security advisory
N24-023 Google security advisory
N24-022 VMWare security advisory
N24-021 Citrix security advisory
N24-020 Juniper Networks Security Advisory
AL24-002 Vulnerability impacting Gitlab
7th - 13th
N24-019 AMI MegaRAC Vulnerabilities
N24-018 Rapid Software Security Advisory
N24-017 GitLab Critical Security Release
N24-016 Apple security advisory
N24-015 Cisco security advisory
N24-014 Ivanti security advisory
N24-013 Microsoft security advisory - January 2024
N24-012 Fortinet security advisory
N24-011 Google Chrome security advisory
N24-009 Schneider Electric security advisory
N24-008 Microsoft Edge security advisory
N24-007 Ubuntu security advisory
1st - 6th
N24-006 Update Apple security advisory
N24-005 Ivanti security advisory
N24-004 Perl security advisory
N24-002 Google Chrome Security Advisory
December 2023
17th - 23rd
N23-547 Sensitive Data Disclosure Vulnerability (CVE-2023-40058)
N23-546 VMware Workspace ONE Launch
N23-544 Apache Struts Vulnerability Affecting Cisco Products
N23-542 FXC LAN router security advisory
N23-541 Google security advisory
N23-540 Ivanti security advisory
N23-539 Apple security advisory
N23-538 EFACEC security advisory
N23-536 Mozilla security advisory
N23-535 Wordpress security advisory
N23-533 Ubuntu Security Advisory
N23-532 Adobe Security Advisory
10th - 16th
AL23-019 CVE-2023-50164 - Vulnerability impacting Apache Struts 2
N23-531 Unitronics PLCs Security Advisory
N23-529 Palo Alto Networks security advisory
N23-528 GitLab security advisory
N23-527 Atlassian security advisory
N23-526 Ivanti security advisory
N23-525 Microsoft security advisory
N23-524 Fortinet security advisory
N23-521 Schneider Electric security advisory
N23-520 Apple security advisory
N23-519 Microsoft Edge security advisory
3rd - 9th
N23-518 Lenovo Security Advisory
N23-517 Sierra Wireless AirLink Security Advisory
N23-516 Schweitzer Engineering Laboratories Security Advisory
N23-515 Apache Struts Security Advisory
N23-514 CISA security advisory
N23-513 Atlassian security advisory
N23-512 Google Chrome security advisory
N23-511 Qualcomm security advisory
N23-510 Android security advisory
N23-509 Ubuntu security advisory
N23-507 Dell security advisory
N23-506 Adobe Security Advisory
N23-505 Cisco AppDynamics PHP Agent
N23-504 Cisco Identity Services Engine Security Advisory
N23-503 Cisco Secure Endpoint for Windows Security Advisory
N23-502 Cisco IP Phone Security Advisory
N23-501 Cisco Secure Client Software Security Advisory
N23-500 Atlassian Security Bulletin
N23-499 Ubuntu Security Advisory
N23-498 Becton, Dickinson and Company Security Advisory
November 2023
26th - 30th
N23-495 GitLab security advisory
N23-494 Apple security advisory
N23-493 Trellix security advisory
N23-492 Red Hat security advisory
N23-491 Google Chrome security advisory
N23-490 ownCloud security advisory
19th - 25th
N23-488 Mozilla security advisory
12th - 18th
N23-486 Juniper Secure Analytics Security Advisory
N23-485 Fortinet FortiSIEM Security Advisory
N23-484 Citrix security advisory
N23-483 VMware security advisory
N23-481 Fortinet security advisory
N23-479 Ivanti security advisory
N23-478 Google Chrome security advisory
N23-477 Android security advisory
N23-476 Microsoft security advisory
N23-475 Dell security advisory
5th - 11th
N23-474 Microsoft Wdge security advisory
N23-473 Google Chrome security advisory
N23-472 Red Hat security advisory
N23-471 SolarWinds security advisory
N23-470 Ubuntu security advisory
N23-469 Dell security advisory
1st - 4th
N23-467 Microsoft Edge Security Updates
N23-466 OpenSSL Security Advisory
N23-465 Cisco security advisory
N23-464 Apache security advisory
N23-463 VMware security advisory
CF23-010 Netscaler ADC and Netscaler Gateway zero-day vulnerability
October 2023
29th - 31st
N23-462 VMare security advisory
N23-461 Ubuntu security advisory
N23-460 Mozilla security advisory
N23-459 VMare security advisory
22nd - 28th
N23-457 Apple security advisory
N23-456 VMware security advisory
N23-455 Google Chrome security advisory
N23-454 Mozilla security advisory
N23-453 Ivanti security advisory
N23-452 VMware security advisory
15th - 21st
N23-451 Apache HTTP Server Security Advisory
N23-450 HTTP-2 Rapid Reset Attack Affecting Cisco Products October 2023
N23-449 Oracle Critical Patch Update Advisory - October 2023
N23-448 Atlassian Security Bulletin - October 2023
N23-446 SonicWall security advisory
N23-445 Cisco security advisory
N23-443 Ubuntu security advisory
N23-442 Fortinet security advisory
8th - 14th
N23-440 Juniper Networks security advisory
N23-439 Curl security advisory
N23-438 Google Chrome security advisory
N23-437 Apple security advisory
N23-436 Fortinet security advisory
N23-435 Microsoft security advisory
N23-434 Citrix Security Advisory
N23-433 Schneider Electric Security Advisory
N23-432 Ubuntu Security Advisory
1st - 7th
N23-431 Hitachi Energy Security Advisory
N23-430 Microsoft Edge Security Update
N23-429 Exim Security Advisory
N23-428 SonicWall security advisory
N23-427 Apple security advisory
N23-426 Red Hat security advisory
N23-425 Atlassian Confluence Data Center and Server Security Advisory
N23-424 Cisco security advisory
N23-423 Google Chrome security advisory
N23-422 Ubuntu security advisory
September 2023
25th - 30th
N23-419 Hitachi Energy Asset Suite
N23-418 Rockwell Automation PanelView 800 Security Advisory
N23-417 Google security advisory (AV23-588)
N23-416 Progress Security Advisory
N23-415 Mozilla security advisory (AV23-587)
N23-414 Cisco security advisory
N23-413 Google Security Advisory
N23-412 Apple Security Advisory
N23-410 Mozilla Security Advisory
N23-409 Apache Avro .NET SDK Vulnerability
N23-408 Linux kernel netfilter subsystem Vulnerability
N23-407 D-LINK Wireless Router Vulnerability
N23-406 OpenSSH before 9.3p2 Vulnerability
N23-404 Apache Tomcat Connectors mod_jk component Vulnerability
17th - 23rd
N23-403 Red Hat Openstack Undercloud Vulnerability
N23-402 Kubernetes service for notebooks in RHODS
N23-401 Red Hat Single Sign-On for OpenShift Vulnerability
N23-400 Trend Micro Apex One (on-prem and SaaS) Vulnerability
N23-399 Linux Kernel Below or Equal to 54 Vulnerability
N23-398 Apple Security Advisory
N23-397 MongoDB Server running on Windows or macOS Vulnerability
N23-396 Atlassian September Security Bulletin
N23-395 ISC Releases Security Advisories for BIND 9
N23-394 Drupal Core Cache Poisoning Vulnerability
N23-393 Python through 3.9.1 multiple Vulnerabilities
N23-392 Apache Calcite Vulnerability
N23-391 Microsoft Edge Elevation of Privilege Vulnerability
N23-390 OpenStack Vulnerability
N23-389 Red Hat Security Advisory
N23-388 Apple Security Advisory
N23-387 Apache Airflow prior to 1.10.11 Vulnerability
N23-386 Apache Airflow HDFS Provider prior to 4.1.1 Vulnerability
N23-385 Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 Vulnerability
N23-384 Linux kernel before 6.3.4. Vulnerability
N23-383 Ubuntu security advisory (AV23-558)
10th - 16th
N23-381 Palo Alto Networks security advisory (AV22-553)
N23-380 Red Hat security advisory (AV23-552)
N23-379 Fortinet security advisory (AV23-551)
N23-378 Mozilla security advisory (AV23-550)
N23-377 Google Chrome security advisory (AV23-549)
N23-376 Microsoft Edge security advisory
N23-375 Microsoft security advisory – September 2023
N23-374 Adobe security advisory (AV23-546)
N23-372 Google Chrome Security Advisory
N23-371 Ubuntu Security Advisory
1st - 9th
N23-370 Apple Security Advisory
N23-368 Cisco Security Advisory
N23-367 Google Security Advisory
N23-366 Android Security Advisory
August 2023
27th - 31st
N23-363 FortiOS Security Advisory
N23-362 VMware Security Advisory
N23-361 Mozilla Foundation Thunderbird Security Advisory
N23-360 Cisco Unified Communications Products Security Advisory
N23-359 Apache Tomcat 9.x Security Advisory
N23-358 HPE B-Series SANnav Management Portal and Global View Security Bulletin
N23-357 Lenovo Multi-vendor BIOS Security Vulnerabilities
N23-356 Lenovo Third-party Bootloader Vulnerabilities
N23-355 Cisco Application Policy Infrastructure Controller Security Advisory
N23-354 Cisco FXOS Software Security Advisory
N23-352 Cisco Nexus 3000 and 9000 Series Switches Security Advisory
N23-350 Dell Security Advisory
N23-349 Google Stable Channel Update for Desktop
N23-348 VMWare Security Advisory
N23-347 Mozilla Security Advisory
N23-346 Microsoft Edge elevation of privilege vulnerability.pdf
N23-345 IBM security advisory vulnerability.pdf
20th - 26th
N23-344 Linux kernel memory management subsystem Vulnerability
N23-343 binutils libbfd.c 2.36 Vulnerability
N23-342 curl 7.65.2 Vulnerability
N23-341 MarkText on Windows, Linux and macOS Vulnerability
N23-340 Cisco IPV Appliance Multiple Vulnerabilities
N23-339 Cisco FXOS Software SNMP Vulnerability
N23-338 MIT Kerberos 5 Vulnerability
N23-337 Google Stable Channel Update for Desktop
N23-336 Linux Kernel Vulnerability
N23-335 xterm before 380 Vulnerability
N23-334 Python cpython v.3.7 Vulnerability
N23-332 Microsoft Edge Elevation of Privilege Vulnerability
N23-331 PHP loading PHAR files Vulnerability
N23-330 Ivanti Security Advisory
N23-329 Dell Security Advisory
N23-328 Apache Airflow Drill Provider Vulnerability
N23-327 .NET and Visual Studio Denial of Service Vulnerability
13th - 19th
N23-324 Linux Kernel Vulnerability
N23-323 Cisco Security Advisory
N23-322 Ivanti Avalanche below version 6.4.1. Vulnerabilities
N23-321 Atlassian Security Advisory
N23-320 Google Stable Channel Update for Desktop
N23-319 Adobe Security Bulletin
N23-318 Apache Traffic Server Vulnerability
N23-317 Python before 3.11.4 Vulnerability
N23-316 Zoom Desktop Client for Windows Vulnerability
6th - 12th
N23-315 Leaking VPN Client Traffic Vulnerability
N23-314 Zoom SDKs before 5.14.7 Vulnerability
N23-313 Apache Airflow Vulnerability
N23-312 Red Hat Security Advisory
N23-311 Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
N23-310 Juniper Networks Junos OS Vulnerability
N23-309 Microsoft Security Advisory - August 2023
N23-308 Android Security Advisory – August 2023 Monthly Rollup
N23-307 PHP Information Disclosure Vulnerability
N23-306 Linux kernel Out Of Bounds memory access flaw
1st - 5th
AL23-013 Midnight Blizzard conducts targeted social engineering over Microsoft Teams
AL23-012 2022 Top routinely exploited vulnerabilities
N23-304 Aruba AP Multiple Vulnerabilities
N23-303 Apache Helix through 1.2.0
N23-302 Apache Jackrabbit RMI access can lead to RCE
N23-301 Google Stable Channel Update for Desktop
N23-299 Apache InLong Vulnerability
N23-297 Linux Kernel multiple Vulnerabilities
July 2023
23rd - 29th
N23-294 Linux kernel's Netfilter Subsystem Vulnerability
N23-293 Kentico CMS Vulnerabilities
N23-292 GitHub Repository Absolute Path Traversal Vulnerability
N23-291 Linux kernel through 6.3.1 Vulnerability
N23-290 Veritas InfoScale Operations Manager Vulnerability
N23-289 Linux Kernel multiple Vulnerabilities
N23-288 DedeCMS v5.7.109 Vulnerability
N23-287 Apache EventMesh Vulnerability
N23-286 Citrix Hypervisor Security Advisory
AL23-011 Threat Actors Exploiting Ivanti Endpoint Manager Mobile CVE-2023-35078
N23-285 Red Hat OpenShift Container Platform 4.13.5 Security Update
N23-284 Apple Security Advisory
16th - 22nd
N23-283 Atlassian Security Advisory
N23-282 Adobe Security Advisory
N23-281 Apache RocketMQ Vulnerability
N23-280 Oracle Security Advisory – July 2023 Quarterly Rollup
N23-279 Google Chrome Security Advisory
N23-278 Red Hat Security Advisory
N23-277 Citrix ADC and Citrix Gateway Security Bulletin
9th - 15th
N23-276 Microsoft Edge Security Advisory
N23-275 Zoom Client Vulnerabilities
N23-274 VMware SD-WAN (Edge) Authentication bypass Vulnerability
N23-273 Apple Security Advisory
N23-272 SonicWall Security Advisory
N23-271 Junos OS J-Web Multiple Vulnerabilities in PHP software
N23-270 Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability
N23-269 Node v20.2.0 Vulnerability
N23-268 Citrix Security Advisory
N23-267 Microsoft Security Advisory July 2023
N23-266 SAP Security Patch Day – July 2023
N23-265 Mozilla Security Advisory
N23-264 IBM July Security Advisory
N23-263 Apple Security Advisory
N23-262 Ubuntu Security Advisory
1st - 8th
N23-261 Cisco Security Advisory
N23-260 Cisco ACI Multi-Site CloudSec Security Advisory
N23-259 Progress MOVEit Security Advisory
N23-258 Vulnerability Android Security Bulletin
N23-257 Linux kernel’s XFS File System Vulnerability
June 2023
25th - 30th
N23-244 ISC BIND Security Advisory
N23-245 Google Chrome Security Advisory
N23-246 Fortinet Security Advisory
N23-247 Linux Kernel Vulnerability
N23-248 Red Hat Security Advisory
N23-249 Apache Accumulo Vulnerability
N23-250 Linux kernel's versions 5.6 - 5.11 Vulnerability
N23-251 Linux Kernel Local Code Execution Vulnerability
N23-252 Microsoft Edge Chromium Vulnerabilities
N23-253 Trellix Security Advisory
N23-254 Apache Traffic Server multiple Vulnerabilities
18th - 24th
N23-234 KeePassXC through 2.7.5 Vulnerability
N23-235 Linux Kernel Multiple Vulnerabilities
N23-236 Red Hat Multiple OpenShift Products RCI Vulnerability
N23-237 Gradio open-source Python Library Vulnerability
N23-238 Apple Security Advisory
N23-239 Apache Traffic Server Vulnerability
N23-240 Juniper Networks Security Advisory
N23-241 Apache Tomcat Vulnerability
N23-242 VMware Security Advisory
N23-243 Ubuntu Security Advisory
11th - 17th
N23-226 FortiNet FortiOS RCE Vulnerability in SSL VPN devices
N23-228 Citrix Security Advisory
N23-229 Google Chrome Security Advisory
N23-230 Microsoft security advisory – June 2023 monthly rollup
N23-231 Adobe Security Advisory
N23-232 Microsoft Edge Security Updates
N23-233 MOVEit Transfer Critical Vulnerability
4th - 10th
N23-216 Microsoft Edge Security Advisory
N23-217 Mozilla Security Advisory
N23-218 Android Security Bulletin — June 2023
N23-219 Google Chrome Security Advisory
N23-220 Deviniti for Jira Vulnerability
N23-221 VMware Security Advisory
N23-222 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
N23-223 Cisco AnyConnect Secure Mobility Client for Windows Local Privilege Elevation Vulnerability
N23-224 curl below v8.1.0 Information disclosure Vulnerability
N23-225 Cisco ASA-Firepower Threat Defense SSL-TLS denial of service Vulnerability
1st - 3rd
N23-213 Splunk Enterprise multiple Vulnerabilities
N23-214 Progress MOVEit Transfer
N23-215 Barracuda Email Security Gateway Appliances Security Advisory
Threats:
The best protection against all forms of malicious cyberattacks is to arm yourself with the knowledge ahead of time, so when you are faced with these adverse situations you are prepared and ready to respond accordingly.
Read up on the types of malicious cyberattacks you and your colleagues are at risk of falling victim to:
Phishing
Phishing is a social engineering method most frequently used by cyber criminals to capture personal and/or financial information. It uses email with faked information and takes the user to dangerous websites. Phishing emails are able to fake the sending address and reproduce logos of legitimate senders such as a bank or a government agency.
A phishing email usually has a few common elements:
- It claims to come from a credible organization
- It claims to come from someone familiar
- A tone of urgency that asks the recipient to take immediate action
- A tone of urgency that asks the recipient to take immediate action
- A threat of negative consequences, or the promise of some kind a reward
The goal is to trick a user into divulging personal and/or financial data such as credit card numbers, account user names and passwords or other valuable information. In some situations, the phishing email may trick a user into downloading dangerous malware onto their computer.
How do you guard against Phishing?
Remember that legitimate businesses, financial institutions, and help desks should never ask you for personal or confidential information via email, voice or text message. Be ware of unexpected messages and verify them by contacting. Less sophisticated messages may set off alarm bells because there are misspelled words or faulty grammar. You can ‘hover’ your mouse over a URL to see if it is identical to what is written; if they are different, this is an indicator that the source is probably not legitimate.
In General
- Be careful if the email was unsolicited.
- Be suspicious if the unsolicited email contains spelling errors or incorrect grammar.
- The best practice is to not trust supplied links, especially if received in unsolicited emails; use a reputable search engine to look up the address and/or company names and go from there.
- Do not reply with any personal, confidential or financial information to ‘verify’ your identity.
- Monitor your credit card and bank statements. If you believe you have been a victim of phishing contact your local police to get advice and to file a complaint.
- Do not click on “Unsubscribe” in a spam/ phishing email – this lets the spammers know they have hit a “live” address and you will get more emails of this type.
- If you believe the email communication to be valid, contact the company directly.
- If you are unsure what to do when a suspect email is received, best practice is to delete it.
Read up on the following external resources for a better understanding of phishing emails and how they are composed:
Ransomware
Ransomware is a form of malicious code or malware that infects a computer or network and spreads rapidly to encrypt the data. This malware makes the data inaccessible to the users and the criminals responsible will demand payment from the user in order to have their files unencrypted and returned. The payment is often requested in Bitcoin or other electronic currency. Businesses and individuals worldwide are currently under attack by ransomware. Individuals are reporting incidents in which their systems are frozen while an on-screen message demands payment to have their data returned. Individuals both at work and at home are at risk of these and similar attacks by hackers. Trend Micro researchers anticipate that ransomware will make further grounds in 2018 and that it’s not going away anytime soon.
Steps to lower the risk of infection and to help with recovery
- Make sure all software is kept up-to-date with the latest patches including Windows, web browsers, Java and Adobe.
- Perform regular backups of your data. Ideally, this data should be kept on a different device other than your computer.
- Don’t open links or attachments in emails from untrusted or unknown sources.
- Ensure your anti-virus is up to date.
- Consider using a security application from a reputable company on your mobile device.
- Don’t download or install applications from untrusted or unknown sources.
- Never click on pop-up windows that claim your computer has a virus.
How to protect against a ransomware infection
Be skeptical. Do not click on any emails or attachments you do not recognize, and avoid suspicious websites altogether, such as the ads/links that often appear at the right or the bottom of a website. Do not accept any software updates that are triggered from a website or email. This includes offers of Windows 10, and updates to Java and Adobe Flash.
What to do if your workstation or other network-connected device is infected:
If you receive a ransomware pop-up, or come across a file that prompts you to pay a ransom to regain access to your files, you need to:
- Disable Wi-Fi (if using)
- Disconnect the network cable from the device to try and halt the spread
- Leave the device powered on for investigative reasons
- Go to another workstation and change key online passwords such as online banking
- Report the problem immediately to your IT department
Spyware
Spyware, a kind of malicious software, can monitor and control your computer without your permission. It
may be used to monitor your internet surfing, record your keystrokes and could potentially lead to identity
theft.
Because spyware is mostly focused on information collection or “spying”, the clues that spyware is on a computer can be difficult to spot. Spyware-like services are also sometimes installed ‘legally’ through the
wording of EULA agreements on social media and legitimate software.
The good news is that consumers can minimize how much of their information is collected by following some simple recommendations.
Recommendations
- Keep your operating system and web browsers updated. Your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that spyware could exploit.
- Download free software only from sites you know and trust. It can be appealing to download free software like games, peer-to-peer file-sharing programs, customized toolbars, or other programs that may change or customize the functioning of your computer. Be aware, however, that some of these free software applications bundle or hide other programs in the software, including spyware.
- Don’t install any software without knowing exactly what it is. Take the time to read the end-user license agreement (EULA) before downloading any software. If the EULA is hard to find — or difficult to understand — think twice about installing the software.
- Minimize “drive-by” downloads. Make sure your browser security setting is high enough to detect unauthorized downloads, for example, at least the “Medium” setting for Internet Explorer. Keep your browser updated.
- Don’t click on any links within pop-up windows. If you do, you may install spyware on your computer. Instead, close pop-up windows by clicking on the “X” icon in the title bar.
- Don’t click on links in spam that claim to offer anti-spyware software. Some software offered in spam actually installs spyware.
- Install a personal firewall to stop uninvited users from accessing your computer. A firewall blocks unauthorized access to your computer and will alert you if spyware already on your computer is sending information out.
What to do if you suspect Spyware
If you think your computer might have spyware on it, you should take three steps:
- Get an anti-malware program from a vendor you know and trust.
- Set it to scan on a regular basis — at least once a week — and every time you start your computer, if possible.
- Uninstall unused software from your computer. Review and uninstall what you don’t use.
Social Engineering
Social Engineering is a way that people use normal social interactions to manipulate people to breach security. It isn’t limited to any technology or system, it can be conversation, texting, body language, or email.
The goals of Social Engineering are typically sensitive or personal information, but it can be used to access secure systems. Social Engineering is used for fraud, identity theft, or can be the prelude to a more serious hack.
Usually Social Engineering plays on a person’s expectations, and emotions. Sometimes it means a person is pretending to be a delivery person, or they could pretend to be frazzled and running late. They play on our gut reactions in order to bypass our reasoning.
There is no single technology or strategy that can defend against social engineering. Each person is the front line against this kind of intrusion. The critical element to protect yourself and your organization is critical thinking.
How to Avoid Being a Victim?
Keep your eyes open and ask yourself questions:
- If someone wants to enter your house, ask yourself if this is really a secure situation? Are you expecting maintenance or a delivery? Is this person from the company that you’d expect?
- Why is someone asking about details about your work? Is this information that could be used
maliciously? - How is this person making me feel? Am I feeling sorry for this person who forgot their keycard? Am I feeling intimitated by this bigshot who demands access and information? Am I feeling like I owe this friendly stranger in the café?
- Does this person really have authority? Have I actually seen any of their credentials?
- Does it make sense for me to be using my financial information in this situation? Am I dealing with a verified and trusted entity?
- Am I communicating in a secure way? Is this connection secure? Can I be overheard?
These questions might give you a sense that something is off about a situation. Be diligent and double-check information. Verify information with a trusted third party. Don’t take everything at face value.
What to do if you think you are a victim?
- If you believe your financial accounts have been compromised, contact your financial institution or credit card company immediately. Watch for any unexplainable charges to your account.
- Document the situation, report the attack to the police and file a report.
- Check your credit report with:
- Equifax Canada – www.consumer.equifax.ca/home/en_ca
- Trans Union Canada – www.transunion.ca
- If you believe you might have revealed confidential or sensitive information about your organization, report it to the appropriate Security or Privacy people within your organization.
Cyber-Propaganda
In recent years, we’ve seen Social Media networks being used to spread extremism, erode social trust, and influence elections. By changing people’s perception of the world, cyber-propaganda can manipulate the choices of people.
Read on to learn how you can resist cyber-propaganda.
Fake News
Fake news is being used to spread distrust, as well as change public opinion through manipulation. Fake news is hard to spot right away because the world changes at a rapid pace. That means we need to read everything with a critical eye.
Don’t just browse the headlines. When reading articles online, take a moment to ask some questions before sharing:
- Who wrote it?
- Is the site credible?
- Does the evidence support what the author is claiming?
- Is it supported by other articles?
- Does the article serve a different purpose?
False Accounts
Not every user account online is who they claimto be. Foreign governments and cybercriminals have been creating fake accounts to generate conflict on the internet. Many of these accounts will pretend to have an extreme version of an existing opinion in order to break trust and cause further divisions between different political leanings. By creating more conflict, this allows groups to influence public decisions.
Before responding to an online post, check these things first:
- How long has this user been in existence? Fake accounts are usually only used for short periods of time.
- Does this user have a lot of “likes” but not a lot of followers? They could be artificially boosting their popularity.
- Does this user often post links using URL shorteners like bit.ly or tinyurl?
Online Radicalization
Extremist groups use the internet to radicalize and recruit new members into violent and dangerous
movements. You might know someone who is at risk of online radicalization.
Watch for these signs:
- Is the person reposting or linking to radical content? (hate groups, extremist groups)
- Are they withdrawing from their usual social networks?
- Are they exhibiting black-and-white thinking around social topics?
- Is the person expressing extreme anger when faced with disagreement?
What you can do:
- If you feel safe doing so, talk to someone if you’re worried they’re at risk of radicalization
- Report online material promoting terrorism or extremism
https://www.canadiancrimestoppers.org/tips - If you suspect a crime has occurred, report it to your local police force
How to Protect Against Cyber-Propaganda
The propaganda in our social networks can be scary, but we aren’t alone.
Here are some general tips to help resist cyber-propaganda:
- Don’t just debunk, support media that is honest and reliable
- Practice good information security to prevent your accounts from being breached and misused
- Pay attention to those who benefit from the information that you see online
- Use social media responsibly and think critically before you share anything