Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
PAX Technology, a leading Point-Of-Sale provide, has their Florida offices raided by FBI. This is believed to be due to the fact that PAX’s systems have been involved in cyberattacks on US and EU organisations. In an official statement the Department of Homeland Security said that they were only executing a court authorised search at the warehouse as part of a federal investigation. The FBI has believed to have begun investigating unusual network packets originating from the company’s payment terminals after a US payment processor discovered this. A source said that the payment processor found that PAX terminals have been used as a malware dropper and a command-and-control location for staging attacks. Both the FBI and MI5 have believed to be conducting an intensive investigation into PAX Technology.
By Krebsonsecurity.com
Ofcom, the UK’s communication regulator, has told UK phone network providers to start actively campaigning to block foreign scam calls. This comes after the worst summer for scam calls where almost 45 million people had been targeted by phone scams. Ofcom is expected to make this a priority however only TalkTalk has implemented new plans to tackle foreign scam calls currently, more are expected to tackle this complex and frequent scamming method.
By bbc.co.uk
Hackers have stolen around $130 million worth of cryptocurrency assets from Cream Finance. The incident was detected by PeckShield and SlowMist. The attackers have thought to found a vulnerability in the company’s platform lending system and used to it to steal tokens and assets running on Ethereum Blockchain. Six hours after the attack Cream Finance said the vulnerability has been patched however this leaves little hope to its customers security, or the state of the stolen assets.
By TheRecord.media
The head of GCHQ, Jeremy Fleming, has said that the number of attacks associated with ransomware has doubled in the past year. This has believed to increase in popularity among criminals because it was “largely uncontested” and highly lucrative. Comments made at the Cipher Brief annual threat conference said that Russian and China are harbouring cyber criminals that are successfully targeting western organisations. The UK still seems to be an easy target for hackers as it lacks any radical cyber security developments.
By theguardian.com
A multi-country law enforcement operation to stop REvil Ransomware group has proved successful. Multiple private sector cyber experts aided the US government in the operation. The operation resulted in the infrastructure of the group being hacked by governments and taken offline for a second time this week. This is the latest action in the effort to reduce ransomware prevalence in the UK.
By thehackernews.com
WordPress plugin OptinMonster was discovered to have multiple severe vulnerabilities which could allow a site visitor to export sensitive information and add malicious JavaScript to WordPress sites. Although WordFence plugin Premium users were protected from the attack from the 28th September, a fully patched new version (2.6.5) was released on the 7th October 2021. All users of this Optinmonster plugin are advised to update to at least v2.6.5 immediately to remove this vulnerability.
By wordfence.com
Abobe has released security patches for 92 vulnerabilities found across its software with 66 rated critical. Most of the critical vulnerabilities found allow arbitrary code execution (ACE), privilege escalation, denial of service and memory leaks. The effected Adobe software is:
Adobe After Effects, Animate, Audition, Bridge, Character Animator, Illustrator, InDesign, Lightroom Classic, Media Encoder, Photoshop, Prelude, Premiere Pro, Premiere Elements and the XMP Toolkit SDK.
If you have any software listed it is highly recommended that you update to the newest patch to secure your device.
By ThreatPost.com
And that is it for this week’s round-up, please do not forget to tune in for new instalments every week.
Stay Safe, Secure and Healthy!
Edition #164 – 29th October 2021
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
