NortonLifeLock issues warning over data breach; Malicious Google search ads trigger malware downloads
Even though the bustle of the holiday season is over, that does not mean it’s time to become complacent with maintaining proper cyber hygiene, as malicious actors launch their cyberattacks throughout the course of the year.
In this installment of the BlackCloak Thursday Threat Update, we’ll take a look at a data breach affecting NortonLifeLock customers, as well as how cybercriminals create malicious Google search ads to trigger downloads of malware.
NortonLifeLock issues warning over Password Manager account breach
What we know: NortonLifeLock is alerting users to a data breach where cybercriminals were able to compromise Norton Password Manager accounts. In a sample data breach notification letter shared with the Office of the Vermont Attorney General, NortonLifeLock said while its systems were not compromised they “strongly believe that an unauthorized third party knows and has utilized your username and password for your account.” The company added cybercriminals may have accessed users’ names, phone numbers, mailing address, and possibly other details stored in their private vaults.
Recommendations: NortonLifeLock reset the passwords for all of the accounts affected by the breach, but even if you do not receive a data breach notification letter, you should still strongly consider resetting your passwords out of an abundance of caution. The company also recommends customers implement dual factor authentication for their accounts, and to monitor their accounts for any suspicious activity.
Cybercriminals use malicious Google search ads to deliver malware
What we know: Cybercriminals have been creating fake websites for popular open-source software to trick unsuspecting victims into downloading malicious malware by listing them as advertisements in Google search results. Cybercriminals create domain URLs that look similar to those belonging to the actual software vendor, a practice known as “typosquatting,” to try and lure in their targets. The FBI’s Internet Crime Complaint Center sent out a warning in December advising people to pay close attention to these impersonated websites, as cybercriminals set up these phony webpages to try and obtain login credentials, financial data and other personal information.
Recommendations: Whenever you see a website listed under the advertisement section of a search engine, the FBI recommends you check the URL to ensure the website is authentic. Pay close attention to the spelling and the domain to make sure both are accurate. You should do this for any website you visit, not just the ones that are advertisements. Additionally, the FBI recommends the use of ad blocking browser extensions to potentially limit the amount of malicious ads you will see.
Start 2023 off on a good note with knowledge
The new year may just be beginning, but nothing around cyber threats will ever stay static. New cyberattacks will be developed, and existing ones may be adjusted to include new wrinkles. It’s why you should always know what to do when you face a potential problem.