Welcome to the latest edition of the Ironshare CyberRound-up where we look back at the events of that last week and cover some ofthe news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Cybercriminals have been exploiting the spread of COVID-19 and are actively targeting healthcare services with their attacks. Due to how overwhelmed the healthcare industry is, cybersecurity is not a priority at the moment, because of this hackers are finding easy ways into their systems, which not only has an effect on patient data, but can also cost lives due to compromised equipment and incorrect logs. The critical threat that is being created by these criminals has sparked an uprising of volunteer cyber-protectors who are determined to defend vulnerable healthcare organisations. Cyber Volunteers (CV19) has been established by some veteran cyber pro’s, Lisa Forte, Daniel Card and Radslaw Gnat to provide cyber support in this time of global crisis. With several thousand volunteers offering assistance, the group is doing admirable work and we suggest following their efforts on social media.
By Forbes.com
A recent Netflix scam has been fooling its victims intobelieving they’re getting a free subscription due to the coronavirus isolation.It is unclear whether these scammers plan to download malicious code or stealcredentials, but a number of people have followed the bait and shared the siteon social media. If you come across this scam, be sure to not enter any detailsand definitely do not share it with your friends; much like the virus itself,you can prevent it from spreading by keeping it away from others.
By HotForSecurity.com
US food container product company, Tupperware, has become avictim of payment card skimming; the malicious code was discovered by securityfirm, Malwarebytes, last week. Despite their warnings, Tupperware have notacknowledged the attack. The code reportedly works by impersonating the website’spayment form, collecting user data such as payment card credentials, usernames,emails and phone numbers. The fake payment form steals the data and shows atime-out error; however, by this time you’re already compromised. Attacks ononline stores are expected to rapidly increase due to most people beingconfined to their homes; this means more people than ever will rely on onlineshopping. We suggest avoiding any sites that are known to be affected whenshopping online to minimise the risk of an attack.
By ZDNet.com
A database of more than 5 billion customer records from thelast 8 years has been left publicly accessible without a password on theinternet. The exposed data includes hashed and plaintext passwords, emailaddresses and source of the leak; what makes this so much worse is that it wasleaked by a security firm. However, all data included in this breach arerecords from previous data breaches, so the victims were already at some risk;despite this, there is no excuse for a security company to put so many users atrisk and these kind of incidents should not be happening as frequently as theyare. Many admins ignore security features that are disabled by default, whichmeans systems are left completely unprotected; securing databases of this sizeis essential.
By GrahamCluley.com
Microsoft have recently warned the public of a new targeted attackcampaign affecting Windows 10 users. The attack involves the exploitation of acurrently unpatched critical vulnerability. This flaw exists in all supportedversions of Windows and allows an attacker to remotely execute arbitrary codeon the target system. Microsoft have issued a serious warning due to therebeing no fix for this exploit; it has been a tough few weeks for them, with anumber of serious vulnerabilities popping up, and they are doing their best to patchthe flaws as soon as possible. As of now, there are some preventative measuresyou can take to mitigate the risk; we suggest looking into these, which can befound in the security advisory.
By Forbes.com
Cisco Talos’ most recent vulnerability spotlight hashighlighted two denial-of-service flaws in Intel RAID Web Console 3. The flaw exitsin the application’s web API functionality and can be exploited by sendingmalicious POST requests to the API. Talos worked closely with Intel to patchthe bug as soon as possible, and an update is now available to those affected.We advise applying the necessary patch as soon as you get the chance, and ifyou want to read more about these vulnerabilities, details are included in Talos’vulnerability spotlight blog.
By TalosIntelligence.com
And that’s it for this week’s round-up, please don’t forget totune in for new instalments every week.
We hope this makes for light reading during these times ofuncertainty.
Stay Safe, Secure and Healthy!
Why not follow us on social media using the links providedon the right.
Edition #84 – 27th March 2020
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
