Welcome to the Ironshare Cyber Round-up where we look back atthe events of that last week and cover some of the news, posts, views, and highlightsfrom the world of Security.
In this week’s round-up:
A recentphishing study has emerged highlighting 43% of small to medium businesses inthe UK have been targets of phishing attacks. Attackers have been seen impersonatingstaff to trick users over the last year. What makes phishing so effective isthe difficulty that security experts have defending against them; all itrequires is a victim being fooled by an attacker’s disguised emails.Researchers have worryingly reported that 66% of these attacks were successfulin carrying out a breach of data. Make sure your users are given awarenesstraining, that helps them identify these threats and avoid opening emails,links or attachments unless you are certain they are safe.
By BetaNews.com
On August30, the Twitter CEO Jack Dorsey’s official account was hacked using theSMS-to-tweet feature; the technique allowed the hacker to post offensive tweetson his account. As a result, twitter has decided to disable the feature untilthe issue can be resolved. This technique has become increasingly popular overthe last two years, but an attack on the CEO has finally sparked a response intoresolving it.
By ZDNet.com
Twocritical vulnerabilities have emerged in the AK-EM 800 food-quality managementproduct that could allow an attacker to compromise the system. Securityresearchers announced that one of the flaws is a backdoor debug tool that wasmade to help the vendor’s support team; because of this it offers highprivileges which can be abused by an attacker. These issues have been patchedthis week and updates are included in the original post. We recommend updatingas soon as possible, if you can’t update immediately look to restricted accessto trusted users.
By ThreatPost.com
An ongoinghacking campaign has been affecting WordPress users since July and doesn’t seemto be slowing down. The campaign started out redirecting visitors to malicioussites but has since evolved into something much worse. Attackers appear to betaking advantage of compromised third-party plugins to gain access to theirvictim’s sites. This allows them to install backdoors and create administratoraccounts from within to exploit the site. A list of all compromised plugins isincluded in the original post; if you are using any of them, please take thetime to check for updates to mitigate the risk of an attack.
By Forbes.com
PopularWebcomic Platform, XKCD, has suffered a massive data breach, compromising theaccount details of 562,000 of its users. The breach included usernames, emailaddresses, IP addresses and hashed passwords. The leak was discovered by asecurity researcher and the forum has since been taken down until XKCD canensure it is secure. Users of the online forum are strongly recommended tochange the passwords of all accounts linked to their email address to mitigatethe risk of an attack
By TheHackerNews.com
A new remote authentication-bypass vulnerability has beenclassified as the highest possible severity and given a 10 out of 10 on the CVSSscale. The bug resides in the REST API interface of multiple Cisco routers, allof which are included in the original post. The vulnerability allows a remoteattacker to bypass authentication and take complete control of a target router.Fortunately, the REST API interface is not enabled by default, so only usersthat have manually enabled it are at risk. The bug was patched in the mostrecent Cisco software release which is included in the original post. Please besure to update as soon as possible.
By ThreatPost.com
Microsoft has recently released more updates for criticalRemote Desktop Protocol security flaws, which were classified as ‘wormable’,meaning it can spread between systems without user interaction. Microsoftstrongly recommends that all organisations update their systems as soon aspossible and apply the necessary patches to mitigate the risk of an attack. Alist of all vulnerabilities is included in the original post. If you are a Ciscocustomer the post includes ways to defend against these threats using Firepowerservices.
By TalosIntelligence.com
And that’s it for this week round-up, please don’t forget totune in for our next instalment.
Why not follow us on social media using the links providedon the right.
Edition #57 – 6th September 2019
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
