Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Royal Mail has advised people to temporarily stop sending mail overseas, due to a recent cyber incident that has caused “severe disruption”. The Royal Mail team are currently focused on restoring operations and have stated that domestic deliveries within the UK are completely unaffected.
“We are aware of an incident affecting Royal Mail Group Ltd and are working with the company, alongside the National Crime Agency, to fully understand the impact.”
Some news reports suggest that the firm were hit by a ransomware attack, but details are currently unknown.
By BBC.co.uk
A report into the use of GTP-3 language models can be abused to produce malicious content was released by WithSecure. The report detailed how the language model can be abused to produce “phishing and spear-phishing, harassment, social validation for scams, the appropriation of a written style, the creation of deliberately divisive opinions, using the models to create prompts for malicious text, and fake news.” This information is concerning as it shows GTP-3 language models can provide cyber criminals with a tool to help scale their current operations or create targeted communications easier and more convincing. Consequently, service providers and individuals will continue to have greater difficulty in identifying fake or malicious content written by AI in the future.
By TheRegister.com
Between July 2021 and June 2022, 45% of all data stolen by hackers was that of customers and employees while source code stands at 6.7% while proprietary information is at 6.5%. surprisingly, across the same period credit card information and password details dropped by 64% compared to the previous year. This is thought to be due to an increase in basic security measures being more widely adopted by both organisations and individuals, especially in multi-factor authentication, making account compromise more difficult. “in the long term, PII data is the most valuable to cyber-criminals. With enough stolen PII, they can engage in full-on identity theft which is hugely profitable and very difficult to prevent. Credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponized by hackers” Terry Ray, SVP and field CTO at Imperva.
By InfoSecurity-Magazine.com
Some schools have been hit by cyber-attacks. Highly confidential documents have been leaked from 14 schools. One of the schools called Pates Grammar School was targeted by a hacking group called Vice Society. The documents include children’s SEN information, child passport scans, staff pay scales and contract details, taken in 2021 and 2022. The hackers responsible have been behind a high-profile string of attacks on schools across the UK and USA. Vice Society have allegedly stole 500 gigabytes of data from the entire Los Angeles Unified School District. Vice Society will ask for money before leaking the documents if the payment is not made.
By BBC.co.uk
Hackers are actively exploiting a critical Control Web Panel (aka CentOS Web Panel) RCE vulnerability. This vulnerability enables elevated privileges and unauthenticated remote code execution on susceptible servers. Tracked as CVE-2022-44877. The bug impacts all versions of the software before 0.9.8.1147 and was patched on October 25, 2022. CentOS Web Panel is a popular server administration tool for enterprise-based Linux systems. CentOS Web Panel allows remote attackers to execute arbitrary OS commands.
By TheHackerNews.com
Welcome to our round-up of the Microsoft Patch Tuesday for January 2023!
Starting the year off with January’s Patch Tuesday, it appears this is a much bigger batch of updates compared to December. A total of 98 vulnerabilities have been fixed in the latest instalment, with 11 critical, 1 publicly disclosed and 1 exploited in the wild. While 98 vulnerabilities is higher than we are used to seeing from Microsoft's monthly rollout, it has been a quiet month for public disclosures and active exploitation.
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #218 – 13th January 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.