Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Last year saw a significant increase in ticket scams targeting English Premier League (EPL) football fans, and 2024 has seen more of the same. Research by Lloyds Bank reveals that the number of ticket scams more than doubled during the 2022/23 season, with victims losing an average of £154, although some losses exceeded £1,000. Fraudsters primarily operate on social media platforms such as Facebook, Instagram, and X (formerly Twitter), with over 90% of reported scams originating from these sites. Arsenal and Liverpool fans were identified as the most frequent targets.
These scams exploit the high demand and limited availability of EPL tickets, often luring fans with too-good-to-be-true deals. The typical scam involves advertising fake tickets on social media and requesting payment via bank transfer, which offers little protection for the buyer. Lloyds Bank advises fans to purchase tickets only through official club channels or recognized partners to avoid falling victim to these scams. The bank also calls for greater action from social media companies to combat the prevalence of fraudulent activities on their platforms (Home) (TechRadar) (Home).
By cybernews.com
Security researcher Alon Leviev revealed at Black Hat 2024 that two zero-day vulnerabilities (CVE-2024-38202 and CVE-2024-21302) allow attackers to perform downgrade attacks on Windows 10, 11, and Server systems. These attacks force systems to revert to older, vulnerable versions of software, making them susceptible to previously patched security flaws. This process is undetectable by current security measures, as Windows Update reports the system as fully updated. Microsoft is working on fixes and has issued mitigation advice, though no active exploits have been detected yet.
For more details, you can read the full article here.
By bleepingcomputer.com
A critical security vulnerability, CVE-2024-42219, was identified in 1Password 8 for Mac, potentially allowing malicious software on a local machine to bypass security measures and access vault items and credentials. This flaw, affecting versions prior to 8.10.36, was responsibly disclosed by Robinhood’s Red Team. 1Password has addressed the issue in the latest update, and users are strongly advised to upgrade to the newest version to ensure their data remains secure.
For full details of this vulnerability, please see 1Password’s Support Advisory here.
By support.1password.com
AWS has patched several vulnerabilities in its services, including CloudFormation, Glue, EMR, SageMaker, ServiceCatalog, and CodeStar, which could have been exploited for account takeovers. These flaws, disclosed by Aqua Security at Black Hat USA 2024, involved the predictable naming of S3 buckets, allowing attackers to preemptively create buckets and execute malicious code. This could lead to arbitrary code execution, data exfiltration, and the creation of admin users with elevated privileges. AWS confirmed the issues have been resolved, with no customer action required.
By securityweek.com
UK authorities have successfully shut down an online scam platform called "Russian Coms," which enabled criminals to make fraudulent phone calls with ease. This platform, operating since 2021, was used by criminals to impersonate legitimate entities such as banks to deceive victims into transferring money. The National Crime Agency (NCA) reported that the platform had facilitated 1.3 million calls to UK phone numbers, causing financial losses in the tens of millions of pounds and affecting approximately 170,000 UK victims alone.
The operation offered crime-as-a-service, including features like encrypted calls, voice alteration, and even hold music, for a monthly fee. Authorities have arrested three individuals believed to be key figures behind the platform, highlighting the increasing use of technology in perpetrating fraud on a large scale. This shutdown follows previous actions against similar platforms, indicating an ongoing effort to combat cybercrime despite its persistent and evolving nature.
By reuters.com
Stay Safe, Secure and Healthy!
Edition #281 – 9th August 2024
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
