Cyber Round-up for 18th June
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Volkswagen America recently confirmed that a third-party vendor had suffered a data breach; this vendor was being used for marketing purposes and reportedly left their systems unsecured online. The personal data of more than 3.3 million customers was exposed, most of which are Audi drivers. The breach was discovered by the vendor back in March; however, their server was not secured until two months later. It appears that 97% of customers involved in the breach only had contact information exposed, whereas the remaining percentage may have included social security numbers, account or loan numbers, and tax identification numbers.
During a summit meeting yesterday in Switzerland, Biden and Putin exchanged their views on the state of cyber-attacks. The US president is unhappy with the lack of action being taken against ransomware actors and calls on all countries to “take action against criminals who conduct ransomware activities on their territory”. It appears that Putin and Biden have agreed to “begin consultations on this”, with both sides suggesting the other is the aggressor.
In a recent statement from the UK’s National Cyber Security Centre, the nation was warned that ransomware is now the single biggest threat to British people and businesses. The head of the NCSC demands that ransomware threats are taken seriously and warns of the risks of ignoring the problem. The recent attack on the fuel pipeline operator has turned some heads and brought some attention to the growing issue, but it is not enough; the issue is believed to be so serious that discussions should be held between world leaders at the G7 summit.
Ikea France has been accused of hiring private detectives and law enforcement officers to collect the private data of their staff. This snooping included illegally accessing the criminal records of Ikea employees, as well as collecting other private data. The Ingka group, who owns most Ikea stores worldwide, has apologised for the actions of Ikea France, and the French court have issued them a fine of €1.2M.
Vulnerabilities & Updates
The Wordfence Threat Intelligence Team recently found a high severity flaw in the WooCommerce Stock Manager Plugin, allowing a remote attacker to execute arbitrary code on the target system. This flaw does however require an administrator to click a malicious link, so as always, we advise all admins to look out for suspicious emails. This vulnerability was recently patched by the Wordfence team, and fixes are included in version 2.6.0 of the plugin. Updating as soon as possible is highly recommended.
On another note, we have witnessed a new malicious campaign that is targeting users of the Jetpack plugin, specifically those reusing passwords across multiple services. This attack can be avoided almost entirely by enabling two-factor authentication on your WordPress account. Doing so means that even if your password is compromised, the attacker will be unable to gain access without also compromising your mobile device.
CISA have released a security advisory for a recently discovered vulnerability in the popular ThroughTek tool. This flaw allows attackers to access sensitive information, including audio and video feeds. As well as this, the attacker may be able to spoof the device and hijack its certificate. ThroughTek software is used frequently by security camera and smart device vendors, with their components being active in millions of devices.
The CISA advisory, including mitigation techniques and other recommendations, can be found here.
The increasingly popular maker of exercise equipment, Peloton, has recently released information on a security vulnerability affecting the Peloton Bike + and Peloton Tread. This flaw requires an attacker to have physical access to the equipment, but once the tablet has been breached, they are able to perform a variety of cyberattacks remotely. This includes accessing personal information, installing malware, and even accessing the camera and microphone. Peloton addressed this serious vulnerability in their latest firmware update; we recommend that all users apply the latest fixes as soon as possible.
And that is it for this week’s round-up, please do not forget to tune in for new instalments every week.
Stay Safe, Secure and Healthy!
Edition #146 – 18th June 2021
Why not follow us on social media:
Ironshare – Security Simplified