Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Operation Endgame, coordinated by Europol, is the largest-ever international operation against botnets, targeting the dropper malware ecosystem. This extensive effort involved law enforcement from multiple countries and resulted in the dismantling of significant infrastructures used by criminals to deploy malware, including banking Trojans and ransomware. The operation, which included arrests and the seizure of servers, disrupted the activities of cybercriminals who used droppers to spread malware across millions of computers worldwide. This collaboration highlights the effectiveness of joint actions in combating large-scale cyber threats.
For more details, you can read the full article here.
By europol.europa.eu
The BBC experienced a data breach on May 21, affecting around 25,000 current and former employees enrolled to the BBC Pension Scheme. The breach compromised personal information such as names, National Insurance numbers, birth dates, sex, and home addresses but pension portal credentials remain safe. The BBC has notified the affected individuals and assured that there is no evidence of data misuse. The incident has been reported to the UK's Information Commissioner’s Office and the Pensions Regulator. The BBC has advised vigilance against unsolicited communications.
By bleepingcomputer.com
Cooler Master recently disclosed a data breach that exposed sensitive customer information. The breach was discovered during routine security monitoring that revealed unauthorized access to their systems. The compromised data includes personal details such as names, email addresses, phone numbers, and physical addresses of customers. Cooler Master has urged affected individuals to be vigilant against targeted phishing attacks and to monitor their accounts for any suspicious activity.
In response to the breach, Cooler Master is enhancing its security measures to prevent future incidents and is offering identity protection services to those impacted. The company has not provided specific details on the number of customers affected but has communicated its commitment to safeguarding user data and improving its cybersecurity infrastructure.
By cybernews.com
Okta has issued a warning about credential stuffing attacks targeting its Customer Identity Cloud's cross-origin authentication feature. These attacks use stolen username and password combinations from previous breaches, phishing, or malware. Okta advises customers to inspect their logs for suspicious activity and suggests resetting passwords if compromised. To mitigate risks, Okta recommends adopting passwordless authentication methods, enforcing strong password policies, using multi-factor authentication (MFA), disabling unused cross-origin authentication, restricting permitted origins, and enabling breached password detection.
By securityweek.com
Cybersecurity researchers have identified active exploitation of critical vulnerabilities in several WordPress plugins, allowing attackers to create unauthorized administrator accounts. These vulnerabilities, including CVE-2023-6961, CVE-2023-40000, and CVE-2024-2194, are linked to unauthenticated stored cross-site scripting (XSS) due to inadequate input sanitization. The attack involves injecting malicious JavaScript to set up backdoors and tracking scripts. To mitigate risks, WordPress site owners should update plugins and check for suspicious admin accounts and malware. Exploitation attempts largely originate from IPs associated with AS IP Volume Inc., particularly from the Netherlands.
By thehackernews.com
Stay Safe, Secure and Healthy!
Edition #276 – 31st May 2024
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
