Welcome to the latest edition of the Ironshare CyberRound-up where we look back at the events of that last week and cover some ofthe news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Back in March 2019, the FBI announced to Citrix thatcybercriminals had gained access to their internal network via passwordspraying. The company have since released a statement saying that they believethe hackers have access and downloaded business documents, including personaland financial data. They recently announced that the hackers were present intheir network for 5 months starting October 2018 but are sure that they are nolonger present. The data stolen includes social security numbers, passportnumbers, payment card numbers and health insurance identification.
By KrebsOnSecurity.com
One of the world’s leading providers of facility services,ISS World, was a target of a malware attack this week, which has halted alloperations within the organisation. As a precaution, all systems wereimmediately disabled to isolate the incident. The company is working closelywith forensic experts to determine the source of the attack and have confirmedthat they have not found any sign of customer data being compromised. ISS havereleased a public statement warning they are still in the process of dealingwith the incident and do not yet know when their IT systems will be fullyoperational.
By TwinFM.com
A US natural gas facility had to shut down their entirepipeline asset for two days following a sever ransomware attack. The unnamedfacility said they were in no way prepared for this kind of attack and it hasmassively affected operations. It is believed that the attacker gained accessto the company’s IT network via a spear-phishing attack; this targeted a singleoffice but resulted in multiple other facilities having to shut down as well.This incident has brought the importance of cybersecurity to the forefront ofthe company’s mind, and they are now interested in implementing an offlinebackup process.
By BBC.co.uk
Researchers have developed a list of the most impersonatedbrands that are used in phishing attacks and I’m sure it will come as nosurprise to anyone that PayPal tops the list. PayPal phishing has an average of124 unique URLS every day. Another big name in this area is Microsoft, whoranks third in the list due to the overwhelming amount of file sharing phishingattempts. Others high up the list include Facebook, Netflix and manyfinancial/banking services. We advise taking a look at these rankings; keep itin mind next time you receive an email you think looks suspicious.
By HelpNetSecurity.com
The official Twitter of FC Barcelona has been taken over byhackers who have been seen posting false tweets on the account. The groupresponsible for the takeover is called OurMine and have been in the mediaspotlight over the last few months for their recent activity involving a numberof NFL teams. The intention of OurMine is to highlight the flaws in the club’ssecurity measures in an attempt to improve them; it is believed that theygained access through credential stuffing, which uses usernames and passwordsleaked in data breaches to attempt to log in. The suggested response to thisincident would be enabling two-factor authentication, which most major socialmedia platforms offer, including Twitter.
By ThreatPost.com
A critical security vulnerability has been discovered thatis affecting over 700,000 active WordPress sites. This exists in the GDPRcookie consent plugin and is a cross-site scripting flaw that could lead topotential privilege escalation. This vulnerability reportedly affects all sitesusing the plugin version 1.8.2 and below; we advise updating your plugins tothe latest version in order to stay protected against an attack of this kind.
By BlackHatEthicalHacking.com
And that’s it for this week’s round-up, please don’t forgetto tune in for new instalments every week.
Why not follow us on social media using the links providedon the right.
Edition #79 –21st February 2020
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
