Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
President Joe Biden is in the process of approving a new cybersecurity policy, that would allow for further protection of businesses, and the capability to “retaliate against those hackers with our own cyberattacks.”. This new “National Cybersecurity Strategy” is based on two significant changes to those implemented by Biden’s predecessors. The first big change is in the mandating regulations for American industries, and the second big change authorises U.S agencies to launch offensive cyberattacks against foreign governments and criminals. A large part of the new Biden paper focuses on “purely defensive measures” and seems to be a lot more focused than policies pushed by previous presidents. It is exciting to see cybersecurity becoming increasingly important to governments and we are intrigued to see what happens next.
By Slate.com
Royal Mail are still recovering from a recent cyberattack that hindered their overseas shipping. While they have not revealed too much about the “cyber incident”, Royal Mail has confirmed that they have restarted their overseas posting operations in “limited volumes”. The slow restart means that no new parcels will be accepted, but any currently being held by Royal Mail are starting to be sent. It is unclear whether Royal Mail plan to disclose details of the incident, but many researchers speculate they may have suffered a ransomware attack; if this was the case, we expect that the affected customers will be contacted at some point in the near future.
By BBC.co.uk
Today, members of the national Computer Emergency Response Team for Ukraine, have met with their counterparts in the National Cyber Security Centre to hold talks on the current conflict and opportunities for building resilience in cyberspace. This is the first UK visit since the start of the conflict. The key figures in Ukraine’s defence against Russian hostility have held meetings in London, discussing the latest developments experienced during the conflicts. The Ukraine delegation this week have also appeared at the CyberThreat conference in front of an audience of experts, where they joined the National Cyber Security Centre’s Director of Operations, Paul Chichester, for a fireside discussion to share some of their recent insights.
By NCSC.co.uk
MailChimp have disclosed a new breach after multiple employees got hacked. MailChimp suffered the breach after hackers accessed an internal customer support and account administration tool. MailChimp have said that the hackers gained access to the employee’s credentials after conducting a social engineering attack. The attack was first detected on January 11th after MailChimp detected the unauthorized person accessing their support tools.
By BleepingComputer.com
Thousands of Sophos firewalls are still vulnerable to hijacking. More than 4,000 public-facing Sophos firewalls remain vulnerable to a critical remote code execution bug disclosed last year. The flaw, CVE-2022-3236 had already been exploited as a zero day. The vulnerability can be exploited to gain control of a device. The exploited devices can then be commandeered to probe and attack the network. Sophos did issue a hotfix for some versions of the firewall, and then released a formal update that squashed the bug in December 2022. Companies running these devices should ensure that they are updated promptly.
By TheRegister.com
Researchers at Orca Security have released information on four Azure Services that are vulnerable to Server Side Request Forgery attacks (SSRF). The services are Azure Functions, Azure Digital Twins, Azure Machine Learning and Azure API Management. Exploiting these SSRF flaws could have allowed an attacker to retrieve access tokens and execute remote code. Microsoft have confirmed that these vulnerabilities have since been fixed. The Orca Security blog contains more detail.
By Orca.security
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #219 – 19th January 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
