Welcome to the latest edition of the Ironshare CyberRound-up where we look back at the events of that last week and cover some ofthe news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The UK and US are still in disagreement over the decisionthey face regarding Huawei. The Chinese company want to build a 5G telecomsinfrastructure, but the US government have said they are not willing to takethe risk following recent espionage rumours. The UK government have disclosedthat they may be open to allowing Huawei to operate in certain parts of the 5Gnetwork that are deemed ‘non-sensitive’, however the US are not in agreement.The decision is one of the biggest this government may face, and the companyare facing security assessments from the government to help them come to aconclusion.
By BBC.co.uk
After a short three-week break over the holidays, Emotet isback to its malicious ways, targeting more than eighty countries with its spamcampaigns. The campaign consists of crafted emails disguised as invoices, partyinvites and reports; the newest addition to their email templates is an inviteto Greta Thunberg’s climate change demonstration. The Emotet trojan is moreadvanced than ever and can be a massive threat to your organisation, includinga potential ransomware attack. With Emotet back active, it is vitally importantthat you and your employees understand the dangers of opening emailattachments; educating users and spreading awareness is the best way to protectagainst this kind of threat.
By BleepingComputer.com
Citrix technology, which is used by thousands of companiesworldwide, has been targeted by hackers over the last few days who areattempting to exploit a critical vulnerability. This vulnerability exists inthe Citrix Application Delivery Controller and Gateway Servers, and potentiallyallows an unauthenticated attacker to execute arbitrary code on the affectedmachine. There are currently no patches addressing this flaw, but Citrix hasreleased a number of steps that may help mitigate the risk of an exploit untila permanent fix is available. We highly recommend following these steps to bestdefend against an attack until a future update.
By GrahamCluley.com
A serious vulnerability has been discovered that affects allversions of Windows. This flaw exists in a core cryptographic component ofWindows and presents many security risks, from authentication to spoofing adigital signature and appearing to be a legitimate company. Microsoft havereportedly released a patch for their high-value customers, including the U.S.Military; sources suspect that these organisations have signed agreements tonot disclose the details of this vulnerability until Patch Tuesday hits.Despite this, Microsoft responded to the speculations saying that they refuseto discuss details of vulnerabilities before updates are available to thepublic, and do not release updates ahead of the regular schedule.
ByKrebsOnSecurity.com
Microsoft have released the first Patch Tuesday of 2020, andit’s a big one. This month’s update covers 8 critical vulnerabilities as wellas 41 Important. It is important to note that this is the last patch thatoffers updates for Windows 7 and Windows Server 2008/2008 R2, as they are nolonger supported. Among the critical vulnerabilities are 7 remote codeexecution flaws residing in the .NET and ASP.NET core software, Windows RDPClient and Gateway Server. The other is a memory corruption flaw affectingInternet Explorer, which could allow an attacker to execute arbitrary code. Werecommend looking through the details of this month’s patch and applying theupdates as soon as possible.
By Blog.TalosIntelligence.com
And that’s it for this week’s round-up, please don’t forgetto tune in for new instalments every week.
Why not follow us on social media using the links providedon the right.
Edition #74 – 17th January 2020
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
