Cyber Round-up for 13th December
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Google have recently introduced a new Chrome feature which notifies a user when their account details have been compromised in a data breach. Upon entering their credentials, the user will receive a notification suggesting that they change their passwords. As well as this, Google are forever expanding their list of unsafe sites that are blocked by Safe Browsing which is designed to make the web a more secure place for its users. They have also dedicated time to improving their predictive phishing protection. This feature, that was introduced in 2017, warns you if you input your login details on a suspected phishing site. Google have been working hard recently on improving account security and password protection, and so far, they are making good progress.
1&1 Telecom GmbH have been hit with one of the biggest fines seen under the European GDPR legislation. This fine came because of the insufficient security measures in place in their call centre which allowed unauthorised parties to access their company data. This was in breach of article 32 of the GDPR legislation and resulted in a €9.5 million fine. The incident only affected a small number of customers, however the German data protection agency said that their entire customer base was at risk, so the fine was necessary.
Children’s smart toys have become an easy target for many criminals, and recent research suggests a large number of toys are affected by security flaws. Across seven separate smart toys that were tested, more than 20 concerns were raised regarding security issues; one of the most alarming flaws was the lack of secure authentication for Bluetooth connectivity, allowing an attacker to stream audio from the device. If you’re buying your children smart toys for Christmas, we advise doing some research before hand to ensure that they are safe.
Password Reuse is a major problem in the world of security, and a recent survey revealed that 49% of users reuse the same password in their workplace, and often would only make a minor change, such as adding a capital letter. As well as reusing passwords, the majority of users relied on human memory for storing their passwords, rather than using a password safe. The lack of a password safe encourages reusing passwords because it can be difficult remembering a lot of complex passwords; this was confirmed by recent research in which 78% of users admitted to forgetting a password and resetting it. We encourage good password practice and highly recommend the use of a password manager, to not only help you remember passwords, but also generate them and store them securely.
Vulnerabilities & Updates
Microsoft’s Patch Tuesday for December has arrived and features several updates covering 25 vulnerabilities, including 7 which are considered critical. Two critical vulnerabilities addressed in this patch are remote code executions; the first exists in the Windows font library and occurs as a result of the library improperly handling some embedded fonts. This means that an attacker could convince a user to visit a web page which features the malicious embedded font. The other flaw is in the Hyper-V hypervisor, which can occasionally fail to validate input on a guest operating system, even from an authenticated user. This can be exploited by an attacker using a specially crafted application to execute code on a host OS remotely. There are 23 other vulnerabilities addressed in this edition of patch Tuesday which we highly recommend looking into.
Microsoft have plans to roll out a new phishing protection feature in response to recent incidents involving MS Forms. This enhancement aims to restrict repeat offenders who are attempting to phish. Although phishing protection was introduced in July 2019, these updates that are scheduled are designed to massively improve its effectiveness. The new automated review will block users who have two or more confirmed phishing forms from distributing forms and collecting responses. Global and security admins will be sent daily notifications regarding potential phishing attempts. There is no preparation that needs to be done for these new features, however updating training and documentation is recommended.
And that’s it for this week round-up, please don’t forget to tune in for our next instalment.
Why not follow us on social media using the links provided on the right.
Edition #71 – 13th December 2019
Ironshare – Security Simplified