Threat Landscape Briefing – June 2023

In this month’s briefing we explore:

• Canadian Centre for Cyber Security recommends travel devices when working abroad. (Timestamp – 00:55)
  • Perform a risk assessment for each travel scenario, taking country- and region-specific risks into account to determine if a travel device is needed.
  • See Info-Tech’s Secure Operations in High-Risk Jurisdictions blueprint for info about protecting traveling employees.
• Google expands passwordless secure sign-ins to other Google accounts. (Timestamp – 02:56)
  • Google initially introduced the usage of passkeys in October 2022 to its chrome web browser and android operating system. It is now providing support for google accounts across all services and platforms.
  • See Info-Tech’s Passwordless Authentication for info about authentication without passwords.
• Google Ads being used as a distribution for malware. (Timestamp – 05:14)
  • A new malware that has been found to be propagating through malicious Google Ads is raising the concerns of security researchers.
  • See Info-Tech’s Secure Your Hybrid Workforce.
• New malware used to create backdoors in Exchange servers. (Timestamp – 07:32)
  • Researchers have uncovered a new PowerShell-based malware used to create backdoors in on-premises Microsoft Exchange servers.
  • See Info-Tech’s Develop a Security Awareness and Training Program That Empowers End Users for information on improving your security awareness program.

  ---

  If you have a question or would like to receive these monthly briefings via email, submit a request here.