Cyber Round-up for 11th February
Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The UK’s Foreign, Commonwealth and Development Office was recently involved in a cyber incident, in which unknown attackers gained access to their systems. Their presence was discovered early on and there was reportedly no serious compromise of data. Foreign governments are typically a big target for nation-state attackers, with Russia and China often being the subject of accusations regarding espionage campaigns in the west. Both the US and UK have warned of an increase in cyber attacks amid the conflict with Ukraine, while the Canadian Foreign Ministry have also reported a recent attack.
Regardless of how much we encourage users to employ stronger authentication methods, there will always be a large amount of customers who ignore the advise. Despite Microsoft’s recent efforts to promote the adoption of Multi-Factor Authentication, it appears that just 22% of Azure AD customers have implemented the security feature. Statistics from Microsoft show that more than 25.6 billion brute force attempts were blocked in 2021, as well as 35.7 billion phishing emails. Currently, 99.9% of users who have had their accounts stolen did not have MFA enabled. We are encouraging everyone to enable MFA across all of their accounts that allow it, to ensure that you are protected from account compromise. Is it time for Microsoft to make MFA mandatory for all users?
Security Firm, Avast, recently released a free decryption tool for victims of the TargetCompany ransomware. The company decided to create the tool when one of their customers was hit by the gang; this tool has now been shared with the public and is available in 32-bit and 64-bit versions.
Victims of the TargetCompany ransomware can download the decryptor tool and find more information here.
The US Justice Department recently arrested a married couple in New York, and reportedly found a large sum of bitcoin, which appears to have been stolen during the 2016 Bitfinex hack. The couple were charged with “conspiring to launder money”. At the time of the hack, the stolen bitcoin was worth around $71 million, but has since increased to $4.5 billion. While officials were unable to seize all of the stolen currency, they did capture about 94,000 bitcoin, which is equal to $3.6 billion.
Vulnerabilities & Updates
PHP Everywhere, a WordPress plugin used on more than 30,00 websites, is currently vulnerable to a critical flaw that could allow remote attackers to execute arbitrary code. This can be carried out by all users regardless of permissions, including subscribers and customers. We recommend that all PHP Everywhere users upgrade to the latest version (3.0.0) as soon as possible; this version is only supported by the Block editor and so users of the Classic editor are advised to uninstall and use an alternative plugin
A member of the Cisco Talos team recently discovered a use-after-free vulnerability in Google Chrome, that could allow an attacker to remotely execute code on the target device. This flaw exists in the Chrome object used to create audio and video streams and can only be exploited when a user opens a “specially crafted web page in Chrome”. Talos have made Google aware of this, who have since released a patch. We recommend updating to the latest version of Google Chrome as soon as possible:
- Version 94.0.4606.81 (Stable)
- Version 97.0.4674.1 (Canary)
Microsoft’s monthly batch of security updates has arrived, and it addresses some key vulnerabilities that have been recently affecting their products and systems. You can find our Patch Tuesday round-up here, which includes details on key vulnerabilities, as well as links to advisories and security guidance.
And that is it for this week’s round-up, please do not forget to tune in for new instalments every week.
Stay Safe, Secure and Healthy!
Edition #178 – 11th February 2022
Why not follow us on social media:
Ironshare – Security Simplified