Two Firefox Zero-Day Attacks target a cryptocurrency firm, a Florida city falls victim to ransomware, new security features in Chrome 75, and more in This Week in Cyber Security: where we highlight select top cyber security stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cyber security and technology news.

The Week of June 21st, 2019:

  • This week we reported in our blog about a robocall scam that affected Apple users, but it seems that the medical industry is so overrun with robocalls that it could be a major hazard. An IT officer at the Tufts Medical Center reported that their location received more than 4,500 robocalls in under two hours on a single day in April, while the H. Lee Moffitt Cancer Center and Research Institute reportedly had about 65 hours of hospital response time taken up by bogus calls in one month. Blocking robocalls is nigh-impossible for medical centers because those calls are typically spoofed with local area codes that could be legitimate patients needing help. This shows that the robocall epidemic is more than the annoying “Scam Likely” that’s blowing your phone up, and it’s not about asking you to send $1 to “HappyDude.” (The Washington Post / Digital Trends)
  • Firefox users need to be aware of the most recent security update for their web browser (Firefox 67.0.3 & Firefox ESR 60.7.1) as it patches a critical bug that appears when JavaScript objects are being manipulated. This vulnerability can give a hacker the ability to infest your system with malicious code from visiting bogus websites while using an unpatched version of the web browser. (Engadget)
  • However, it was almost too late for cryptocurrency exchange vendor, Coinbase, as they had not one, but two zero-day attempts at swiping their employee information from that same critical bug. The two Firefox vulnerabilities were combined into one attack that if it was successful, could have broken in to their backend network and gained access to funds from the exchange. Familiar to this type of tactic, Coinbase’s security team blocked the attack before it could affect their employees and database, as they were on top of the Firefox bug well before the patch was deployed and built their defenses accordingly. (ZDNet Security)
  • Riviera Beach, Florida joins the rising list of cities caught under siege by a ransomware attack. After a government employee clicked on a malicious link within an email weeks ago, city officials have agreed to pay the ransom of 65 bitcoins, which equates to $600,000 from the city’s insurance budget. Not unlike the Baltimore ransomware attack last month, when a single bad click can result in an entire city’s data being held up for ransom, security measures to be re-assed. We just hope that the city gains full recovery, but there never is a guarantee of that when paying the ransom. (CNN)
  • This Tuesday, Google implemented two new security measures within the Chrome Browser that aim to go above and beyond to protect its users from fake websites. The first is a new alerting feature within Chrome called “Google Safe Browsing,” which detects and blocks websites that use character substitution to fool visitors into believing they are visiting the legitimate site. This new feature is a part of Version 75 of Chrome. Google now also has an official Chrome extension called “Suspicious Site Reporter” that users can report to Google on websites that they believe are dangerous. (CNET Security)

neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your daily duties. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.