Cyber Round-up for 12th March
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Security company, Verkada, recently had their systems hacked by a group of unknown cybercriminals. The firm provides security cameras for many high-profile companies, such as Tesla and Virgin Hyperloop. Verkada have set up a support line for the affected customers while their security team investigates the incident alongside law enforcement. Tesla have not yet commented on the situation, but other victims such as Cloudflare have confirmed that a number of offices around the world have been affected.
The darknet has quickly taken advantage of those desperate to get the COVID-19 vaccine by selling them on dark web marketplaces. Prices for these vaccines range from $250 to $1,200 across 15 different marketplaces and Kaspersky researchers have observed multiple sellers, all of which have made between 100 and 500 transactions. Although some of these sellers are providing legitimate vaccines, interacting with these individuals is very risky and we advise everyone to wait for an official vaccine.
CISA have released an article containing guidance for those affected by the recent Microsoft Exchange vulnerabilities, this includes advice for organisation leaders and IT security staff, with remediation and mitigation techniques. We advise all companies affected by these flaws to look into this article, as it include references to multiple sources of information and will be regularly updated by CISA with new information and guidance.
A new phishing scheme has been discovered that is targeting Office 365 users with the intent of stealing their credentials. This scam is unique, as it uses a fake Google reCAPTCHA that redirects to a malicious Microsoft login page containing the logo of the victim’s company. All Office 365 users are advised to verify the legitimacy of any emails they receive, and be cautious when asked to provide credentials or other sensitive information.
Vulnerabilities & Updates
Microsoft have released their monthly batch of security updates, including fixes for 89 vulnerabilities, 14 of which are considered critical. These critical flaws include remote code execution in Internet Explorer, Git for Visual Studio and DNS Servers. We advise all users to apply the latest updates as soon as possible to stay protected.
More details on these flaws can be found here.
Apple have released an emergency patch for a vulnerability affecting iOS, macOS, watchOS and the Safari web browser. The exploit was made possible by a memory corruption issue and allows an attacker to execute arbitrary code on the target devices using malicious web content. This was reported to Apple by researchers from Google’s Threat Analysis Group and Microsoft’s Browser Vulnerability Research group. We advise all Apple customers to update their devices as soon as they can.
This week, F5 released a security advisory for four critical vulnerabilities, including remote code execution and buffer overflow flaws in the iControl REST interface, the TMUI and TMM. These flaws are are considered critical severity, and so F5 advises all users apply the latest updates as soon as they can.
More details on these vulnerabilities can be found here.
And that is it for this week’s round-up, please do not forget to tune in for new instalments every week.
Stay Safe, Secure and Healthy!
Edition #132 – 12th March 2021
Why not follow us on social media:
Ironshare – Security Simplified