HAPPY NEW YEAR! Welcome to the first Ironshare Cyber Round-up of 2022,where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The cyberattack on the Ministry of Defence’s Defence Academy in March 2021 was “sophisticated” and “significant”. The attack was thought to be from a foreign power and affected the network services of the academy. It is speculated that the attack was a way to access the ministry of defence’s core network, however no claims have been validated. Despite the significance of the attack, recovery was “manageable because your people work incredibly hard to keep things going and find backup methodologies."
More details on the nature of the incident can be found here.
By News-Sky.com
A new malware campaign has been spotted and is being run by a group of cybercriminals known as Malsmoke. This campaign appears to be using the popular Zloader banking trojan, but in a new way that we have not seen before. Historically, the trojan has been utilised in traditional phishing attacks, whereas Malsmoke are using a legitimate remote management application called Atera to gain initial access; this technique has not been seen in previous Zloader attacks making it a unique campaign. We advise all users to avoid installing programs from untrusted/unknown sources.
By infosecurity-magazine.com
The Federal Trade Commission has warned companies that they will need to patch the recent Log4j vulnerabilities or face legal action. The FTC seems to be taking the Log4j vulnerability seriously as it poses a threat to potentially millions of customers around the world. They example a previously exploited company Equifax, who failed to patch similar vulnerabilities, resulting in the compromise of their systems and exposing the data of 147 million customers. The company agreed to pay $700 million in settlement for the Federal Trade Commission, the Consumer Financial Protection Bureau and all fifty states. The FTC reported “The duty to take reasonable steps to mitigate known software vulnerabilities implicates laws including, among others, the Federal Trade Commission Act and the Gramm Leach Bliley Act. It is critical that companies and their vendors relying on Log4j act now, in order to reduce the likelihood of harm to consumers, and to avoid FTC legal action.”
You can read the official FTC statement here.
By TechCrunch.com
SlimPay, a payment service for businesses, has allowed the banking information of its 12 million customers to be publicly accessible for 5 years. In 2015 SlimPay was testing a new anti-fraud feature to join its service, testing of this feature used the data of real users which was within legal rights, however after the testing was complete the information of its users was found to be on a publicly facing server which could have allowed anyone access without any security in place. SlimPay have since received a €180,000 fine for failing to comply with GDPR regulations.
By TheRegister.com
More than 100 sites relating to the luxury real estate sellers, Sotheby’s, were found to be compromised with card stealing code embedded within its pages. The hackers modified JavaScript code via the Brightcove video player which was distributed to the compromised sites. The attack happened the end of last year, however the security firm Palo Alto has only just released the report of the attack. Malwarebytes are also currently looking into this to see if more Brightcove users are compromised with the same attack.
By TheRecord.media
Chrome's latest patch is set to include fixes for 37 vulnerabilities, 1 of which is considered critical. This critical flaw is a use-after-free bug that could allow actions such as executing malicious code or data corruption. Other vulnerabilities found are buffer overflows and type confusion vulnerabilities. All Chrome users are advised to update their browser as soon as possible to ensure they are protected from exploitation of these vulnerabilities.
By TheHackerNews.com
And that is it for this year’s round-up, please do not forget to tune in for new instalments every week.
Stay Safe, Secure and Healthy!
Edition #173 – 7th January 2022
Why not follow us on social media:
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
