Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
A critical vulnerability in F5’s BIG-IP, a collection of hardware and software designed around application availability, access control, and security solutions has been at the mercy of hackers after a critical vulnerability has been exploited in the wild. The critical vulnerability allows hackers to execute commands on BIG-IP network devices as an administrator without authentication. This attack has been used to initiate webshells, steal SSH keys, enumerate system information and attempts have been made to wipe the network devices. F5 has recommended all users update to the newest version immediately.
By BleepingComputer.com
After six months of inactivity, it appears that the REvil ransomware gang has returned, with analysts finding multiple new samples associated with the group. While it has not been confirmed that the group is back, we do know that the developer of these samples has access to REvil source code. REvil were one of the pioneers of double extortion attacks, so their return may cause trouble for a lot of people. We will keep an eye out for any signs of their return and provide updates when we learn more.
By TheHackerNews.com
Hundreds of thousands of credit cards were stolen by criminals across the UK, which could have potentially led to a loss of tens of millions of pounds. Fortunately, UK government hackers were quick to act on this and were able to avoid any fraudulent use by destroying the stolen credit card details. Not much has been revealed about this operation, however we do know that the UK government has been actively tackling criminals online; this strategy is proof that their strategies have been hugely successful in the prevention of cybercrime.
By News-sky-com
AGCO, a producer of agricultural machinery, has been hit by ransomware. AGCO has reported that it was the victim of a ransomware attack affecting some of its production facilities causing workers to be sent home. An investigation is underway to identify and remediate the ransomware. AGCO has not said whether it is prepared to pay the ransom or how much it is. The manufacturer said that business operations will be “adversely affected for several days” and may take longer to fully recover.
By GrahamCluley.com
DeFi platforms MM.Finance and Fortress have both reported cyberattacks that drained millions of dollars’ worth of cryptocurrency. MM.Finance has reported losses of more than $2 Million, while Fortress claims to have lost about $3 Million. These companies have requested that no assets are supplied while they investigate the incidents; as soon as more information is available we will provide updates here.
More details on the Fortress attack can be found here.
For information on the MM.Finance attack click here.
By TheRecord.media
All Android users are advised to update their devices as soon as possible, as the latest security update contains fixes for 36 vulnerabilities. 11 of these flaws are unique to the Google Pixel, with two critical vulnerabilities allowing a remote attacker to execute arbitrary code on the target device.
More details on these vulnerabilities can be found here and as always, we recommend upgrading to the latest version immediately.
By Forbes.com
Microsoft’s Patch Tuesday for May 2022 dropped this week, featuring fixes for a number of key vulnerabilities. One of the most important things to mention about this months batch of security updates is the issues it has caused in Windows 11. The KB5013943 update for Windows 11 has reportedly been breaking .NET applications, causing users to be unable to open them. Guidance on how to fix this issue can be found here.
As well as this, you can find Microsoft’s official security update guide for May 2022 Patch Tuesday here.
By BleepingComputer.com
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #189 – 13th May 2022
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
