Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Cisco has released their semiannual bundle of security advisories for their IOS and IOS XE software. 10 total vulnerabilities have been addressed in this bundled publication, with the top three being exploitable by remote, unauthenticated attackers. Exploitation of these high-severity flaws could potentially lead to denial-of-service, command injection, and privilege escalation on the affected device.
All official advisories for the addressed vulnerabilities can be found here. We strongly recommend any users of Cisco IOS and IOS XE software to apply the latest updates as soon as possible, to ensure they are protected against these known vulnerabilities.
By sec.cloudapps.cisco.com
The Wordfence Team has released fixes for several Reflected Cross-Site Scripting vulnerabilities, which were found to be affecting three major plugins. All Wordfence customers are protected against any exploits targeting these vulnerabilities by the Wordfence firewalls, this includes Wordfence Premium, Wordfence Care and Wordfence Response customers.
More details on the nature of these flaws can be found here.
By wordfence.com
CISA have issued advisories for a total of 49 vulnerabilities in eight industrial control systems. With Siemans, Hitachi, Rockwell Automation, Delta Electronics, Keysights and VISAM products all being affected, we urge all ICS users to update their systems immediately.
Unpatched Industrial Control Systems are not only a security risk, but also a huge health and safety concern, which is why many are pushing for critical infrastructure sectors to consider cybersecurity more carefully.
Many ICS and OT environments lack segmentation on company networks. There is also a concerning amount of OT interfaces accessible from the internet, leaving them exposed to public exploitation. We urge all companies that use Industrial Control Systems to apply the latest updates as soon as possible.
By darkreading.com
Nationwide Building Society has began migrating all of their payments to a new cloud-based solution. They have opted to make this change, which has been called a “generational transformation”, to offer resilience to their customers; Nationwide’s current on-premises system is old and unreliable, so it is great to see them taking this step towards modernising their services. The current plan for this project is to move all inbound payments to the new platform in the summer of 2023, while outbound payments will be migrated some time next year.
By computerweekly.com
Last week we covered the UK Government's ban on TikTok for all Government devices; the US have also implemented similar changes, with some states taking things a step further by blocking access on government networks as well (schools, universities, public libraries etc.). Many TikTok users have come forward to give their opinions on the current security concerns surrounding the popular social media app, and the general consensus appears to be a lack of interest in personal data security. One student believes they are “not important enough” for their data to be stolen or manipulated in any meaningful way, and it appears that this attitude is shared by a lot of the app’s userbase.
Is this general lack of security awareness a big concern? Do you think people need to be taking this TikTok situation more seriously?
By bbc.co.uk
The Department of Justice recently announced that they have seized the RaidForums website. RaidForums is a popular marketplace for cybercriminals to buy and sell hacked data and has become one of the biggest hacker forums in the world over recent years. Three domains were captured as part of this seizure, raidforums[.]com, Rf[.]ws, and Raid[.]lol.
“The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profits from the large-scale theft of sensitive personal and financial information,”
Said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division.
By justice.gov
Ferrari announced earlier this week that they had fell victim to a ransomware attack and have confirmed that customer information has been compromised. The company has distributed emails to all affected customers alerting them of their involvement in the breach; a notice was also published to the Ferrari website confirming some details of the attack. Ferrari’s transparency throughout this incident has been admirable, and we commend them for quickly announcing the involvement of customer data. Ferrari’s operations do not appear to have been impacted by this incident, however investigations are still underway.
There is currently no evidence of payment card information being compromised, and it is believed that this will remain safe. Regardless, we advise all Ferrari customers to proceed with caution, and follow any guidance provided by the firm during this time.
By bleepingcomputer.com
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #229 – 24th March 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.