Welcome to the Ironshare Cyber Round-up where we look back atthe events of that last week and cover some of the news, posts, views, and highlightsfrom the world of Security.
In this week’s round-up:
Action Fraud, a division of the UK Police Force and thereporting centre for fraud and cyber crime, has reported that holiday fraud sawa significant increase in 2018 in comparison to 2017. Take a look at their postto understand the risk and get tips on how to stay safe online. With over 5,000 people losing more the £7million last year, can you afford to be the next victim.
By Action Fraud.
Data recovery experts have discovered that an alarming number of second-hand hard disk drives, that are believed to have been securely wiped, still contain sensitive data. The drives were purchased on eBay and were found to include personally identifiable information, corporate data and a large number of emails.
By Bitdefender.
At least 390 Github Code Repos have been targeted by a hacker,who is removing the source code and demanding a ransom to recover it. A ransom note is left behind stating that 0.1Bitcoin should be sent to the attacker to get access to their code. Weakpasswords and Git config files containing access credentials are thought to thebe cause.
By ZDNet
A new variant of the Dharma ransomware is masquerading as anESET AV Remover, to distract its victims while it encrypts their files in thebackground. A phishing email is used for initial infection, which convinces theuser there is an issue with their PC and recommends the download and executionof a Defender.exe malicious attachment, resulting in the user’s data becoming unusable.
By Bleeping Computer.
During March, Barracuda Networks identified an increase inOffice 365 account takeovers, seeing thousands of accounts compromised. Thesecompromised accounts were then used by the bad actors to send more than 1.5million malicious spam emails, in an effort to acquire more victims. Office 365accounts continue to be a prime target for hackers, so ensure that your organisationis protected.
By Trend Micro
ESET Researchers have identified a backdoor in Microsoft’sExchange server they have called LightNeuron. This malicious Mail TransportAgent can read, modify and block email as well as creating new emails. Thisbackdoor is actively being exploited by Russian actors that are likely to benation state sponsored.
By HelpNetSecurity.
Google has released its Android Security updates for Maythis week. Patches seem to be a little light this month, including fixes for 4critical vulnerabilities, 10 high and 1 moderate. Pixel users can get hold ofthese updates immediately while Android smartphones from other vendors may haveto wait a while before they are available.
By Sophos – Naked Security
And that’s it for this week round-up, please don’t forget totune in for our next instalment.
Why not follow us on social media using the links providedon the right.
Edition #40 – 10th May 2019
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
