Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The Cisco Talos team have released a report covering all of the major security events covered during 2022. This report, titled the “Talos Year in Review”, discusses the cyber threat landscape and the top threats that have emerged during 2022, as well as some of the high-profile events such as Talos’ support for Ukraine’s critical infrastructure, and the infamous Log4j vulnerabilities.
This report can be downloaded from the Talos Intelligence blog and features a clever summary of the team’s activities over the course of 2022. We recommend reading this for some great statistics on the current threat landscape.
By blog.talosintelligence.com
On December 1st, 2022, a list of emails and referral links of CoinTracker users online were leaked. No more information was leaked and there is no additional action that any users need to take at this time. The Breach has affected one of their service providers, which is now resolved. Their own data base was not compromised. All user’s that were leaked have received a email. This attack does not give anyone access to the user accounts but does increase the likelihood of phishing emails. If you received the email, be cautious of any emails you are getting just in case, they are phishing attacks.
By Databreaches.net
The cyber-attack that hit Irish Health Service Executive has officially reached a cost of over €80 million (€83.75 is the exact number). The missive come months after the Department of Health suggested the attack could end up costing up to €100 million. The attack was conducted by Russia-based state actors, and it was reported that it was caused by a malicious Microsoft Excel file delivered via a phishing email.
By Infosecurity-Magazine.com
Intersport, a sports retail giant, is one of the latest victims of a ransomware attack. Stores located in France were forced to alert shoppers that the attack was preventing the use of cash registers, loyalty card, and gift card services. Hive ransomware group have taken responsibility for the attack which took place on 23rd November and published data related to the breach on a leak website. It is unknown at this time whether Hive have encouraged Intersport to pay, if the ransom has been paid or just left unanswered.
By Bitdefender.com
MirrorFace has been targeting Japanese politicians with its MirrorStealer malware. The campaign has seen the deployment of this information stealer and backdoor to connect back to their command-and-control server against high-profile political targets through crafted spear phishing emails. The emails impersonate a PR agent asking for the attached video to be submitted to their social media or a member of the Japanese ministry with fake documents attached. These both result in the execution of a malware dropper used to collect MirrorStealer malware and install it on the target's devices.
By BleepingComputer.com
Citrix have discovered a critical zero-day affecting multiple versions of their ADC and Gateway devices. This zero-day allows a remote unauthenticated attack to execute arbitrary code on the target system and has been actively exploited my state-sponsored attackers in an attempt to access select corporate networks.
The vulnerability is known to affect the following versions:
We recommend that all users update their devices as soon as possible to ensure they are not at risk of exploitation.
By BleepingComputer.com
Welcome to our monthly round-up of Microsoft’s December 2022 Patch Tuesday. This batch of security updates includes fixes for Microsoft Azure, Microsoft Office, PowerShell & more. 7 critical vulnerabilities were patched this month, making immediate updates very important. We advise looking into the latest fixes and applying the necessary updates as soon as possible.
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #216 – 16th December 2022
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
