Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Cybersecurity giant, Proofpoint, have released their research into the security of universities in the United States, United Kingdom and Australia. Their findings show that cybersecurity measures are severely lacking for most universities, with 97% failing to block impersonation from attackers. Email fraud and spoofing is a serious issue and is growing rapidly, making email security an absolute necessity for all organisations. In addition to this statistic, Proofpoint also revealed that only 1 of the 30 Australian universities was utilising a Reject policy, and 5 of the top ten universities in the US had no DMARC record at all. Email is still an incredibly common attack vector and should be a priority when securing your business, regardless of size.
By Proofpoint.com
Bromford housing association has released a statement regarding a recent cyber attack that has caused disruption. As a precaution, the housing association has shut down its systems while the incident is investigated. Their CIO has commented on the situation, claiming there was “no evidence the hackers had been successful”. While this is good news, there is still work being done to return operations to normality.
By BBC.co.uk
Microsoft has announced that they will be issuing threat intelligence access to enterprise security operation centers. This change aims to help organisations with tracking threats and identifying gaps in their security. In their announcement, Microsoft unveiled two band new services in Defender Threat Intelligence and Defender External Attack Surface Management; the goal of these releases is to enable organisations to “proactively protect themselves by seeing the same data Microsoft cybersecurity experts see”.
By TheRegister.com
Two schools in England were at the mercy of yet another cyber-attack. Wootton Upper School and Kimberley College, which are both owned by the Wotton Academy Trust were affected by a cyber attack after a hacker breached the trust's network and reportedly stole information relating to students’ home addresses, banking details and medical records. The hacker has expressed his desire to make this information public unless a ransom of £500,000 is paid for the information to remain private.
A statement by the hacker said, “If Wootton management decides to move on with their plan and refuse to negotiate, we are going to release all of the stolen data online for everyone to see”, “All of your child’s private information will be online for everyone and for free.”
Executive principal Michael Gleeson has expressed that they are working with “specialist third party experts” however no verdict has been made if the ransom is going to be paid.
By TheRecord.media
The Solana blockchain is the latest victim of attacks on cryptocurrency. An exploit has caused funds located in a hot wallet to be sapped by hackers. An estimated 8,000 wallets have been breached with funds being drained. An exploit is somehow allowing a hacker to obtain the ability to sign transactions themselves rather than the user. Solana’s core code has been reviewed and engineers have stated that the exploit is not to do with its code, but rather the software used by several software wallets. The exploit being used is still unknown and is being used to drain victims’ hot wallets, users are advised to move their funds to a cold wallet and make transactions from a cold wallet instead.
By Coindesk.com
Security giant Norton has been given the go-ahead by the UK government to acquire Avast. Both companies offer solutions for malware prevention and detection, VPN and other cyber security services. The Competition and Markets Authority watchdog investigated the potential acquisitions as it could leave consumers a limited market but concluded that "After gathering further information from the companies involved and other industry players, we are currently satisfied that this deal won't worsen the options available to consumers."
By SecurityWeek.com
Apple has released version 15.6 for iOS and iPadOS. This update fixes 39 different security flaws, including a code execution vulnerability in Apple File System. Flaws in the kernel, WebKit browser engine, IOMobileFrameBuffer, Audio, iCloud Photo Library and more have been addressed. We recommend updating your iOS devices as soon as possible to ensure you are up to date with key security patches.
By Wired.co.uk
VMWare is urging its users to update to its latest version to avoid being the victim of a critical Authentication bypass vulnerability. Tracked as CVE-2022-31656 with a CVSS of 9.8 this vulnerability is still awaiting proof of concept but has been reported that a hacker with network access to the UI may be able to obtain administrative access without the need to authenticate.
The official VMWare Security Advisory can be found here.
By ThreatPost.com
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #200 – 5th August 2022
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.