Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Trend Micro’s latest report details their efforts to prevent cybercrime throughout all of 2022. The globally recognised security vendor shared that they had stopped around “146 billion cyber-threats in 2022”. This was a 55% increase on 2021’s statistics which is an incredible growth in just in one year. Trend Micro’s annual report also contained other security-related details: for example, they announced a “242% increase in the number of blocked malicious files and an 86% increase in backdoor malware detections”. It is great to see vendors investing more time and effort into threat intelligence and security, and we hope that these numbers continue to grow for 2023.
By infosecurity-magazine.com
After a long three months of inactivity, Emotet has returned with its latest malware operation. On Tuesday morning, multiple malicious spam emails were reported, and it has been confirmed that these are Emotet’s attempt to rebuild their botnet. These reports come from the “cybersecurity firm Cofense and the Emotet-tracking group Cryptolaemus.”. The clear pattern with their latest operation appears to be ZIP archives attached to their spam emails. This contains a large Word document that attempts to download the Emotet loader through macros in the document. This method is expected to be largely unsuccessful after the Microsoft update to disable macros by default. Users who have manually enabled macros are advised to be cautious when receiving suspicious emails, and to avoid opening unknown attachments.
By bleepingcomputer.com
A recent hotel phishing scam has been targeting fans of the popular Eurovision song contest. The fans’ data has been put at risk after booking rooms for May’s song contest in Liverpool, and while Booking.com have confirmed that “some accommodation partners had been targeted by phishing emails”, they have denied being breached. It is still unknown to BBC how the customer data was compromised, but all customers have been advised to report any concerns directly to their hotels.
One customer was contacted by the scammer on WhatsApp and feels “really stupid”. They said: “I don’t want to go any more because they’ll know all my details and know I’m away from home, so I cancelled it.”
By bbc.co.uk
BGI Group, the Chinese firm who was reportedly responsible for multiple cyberattacks on the NHS, was awarded a multi-million-pound Covid contract by the government. Science minister, George Freeman, has publicly commented on this, labelling BGI as “hostile actors who wish to use science and technology to undermine us”. Despite these claims, BGI Group have denied being state owned and having any involvements in the attacks.
By dailymail.co.uk
The latest Fortinet update contains fixes for 15 vulnerabilities, as well as one critical flaw that could allow an attacker to take remote control of the affected device. This flaw is known to affect FortiOS and FortiProxy, but it is worth noting that Fortinet are “not aware of any malicious exploitation attempts against this flaw.”. We recommend all users of the affected products to apply the latest updates as soon as possible.
More details on this, including a list of affected versions, can be found here.
By TheHackerNews.com
Unpatched SonicWall gateways are reportedly being targeted by suspected Chinese cybercriminals, who are deploying credential-stealing malware to the target devices. Mandiant have stated that this malware persists through firmware upgrades, and is specifically affecting the SonicWall Secure Mobile Access 100 Series. The latest firmware update, which was released last week, included “additional hardening such as file integrity monitoring and anomalous process identification.”. Th
By theregister.com
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #227 – 10th March 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.