Cyber Round-up for 18th October
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Cyber Security Month
In John Opdenakker’s Cyber Security Month series of blogs, he talks about the threat of Tech Support Scams and what you can do to avoid and protect yourself against them.
A tech support scam is a fraudulent operation in which the criminals try to convince people that they have serious problems on their computer that put them at risk. The scams can be initiated either by the criminals calling people out of the blue or when people call the numbers that are shown on this kind of pop-ups in the browser…. Use the link above to head over to his blog and continue reading.
By John Opdenakker.
The UK government announced their plan to implement an age verification system into porn-hosting websites that would block users if they were deemed under the age of 18. The idea was first promoted in 2015 and was said to launch in April 2018; however, they encountered an overwhelming amount of delays along the way. As a result, the government has decided that the system would not work and have decided to drop it. Some of the issues encountered were the use of VPNs, social media platforms that allow pornographic content and various providers refusing to allow the verification system. Because of this, the block will not be commencing and an alternate approach is being taken.
Chinese telecoms manufacturer, Huawei Technologies, have began meeting with EU members to appeal for a 5G network security partnership, despite concerns raised by the US. The United States added Huawei to their trade blacklist back in May due to concerns of their devices being used for spying; following these concerns, the US advised other allies to do the same. The Chinese manufacturer has announced its plans to work with European partners and denies the claims made against them. German partners finalized their build-out 5G mobile network plans and have not excluded Huawei from bidding for those networks. Does this mean that other European countries are going to follow suit, time will tell.
The Silent Librarian threat group that operates out of Iran has launched a new phishing campaign targeting university students. The scheme involves highly targeted, socially engineered emails that redirect the victim to a landing page which then requests their credentials. These attacks have proven very successful; researchers discovered that in September, 20 new phishing domains were targeting more than 60 universities all over the world. The targeted attacks were especially successful, including topics such as university services and loan claims. Details on how the attacks are carried out are included in the original post.
Researchers at Morphisec have discovered a new vulnerability in iCloud for Windows and iTunes for Windows that allows an attacker to bypass endpoint protection and active antivirus software. The flaw was discovered in the update delivery mechanism included in iTunes for Windows, known as Bonjour. Researchers found this flaw being exploited as part of a BitPaymer ransomware campaign that has been targeting US public and private companies for six months. Apple have now released a patch for this vulnerability; we recommend updating your devices as soon as possible.
Vulnerabilities & Updates
The latest WordPress update has addressed six vulnerabilities, including cross-site scripting, cache poisoning, unauthorized access and server-side request forgery. These flaws affect versions 5.2.3 and earlier; which have all been addressed in 5.2.4. Those who have not yet upgraded to the 5.2 branch can also find updates available for WordPress 5.1.
Today, Adobe released a pre-announced out-of-band security update that addresses 82 vulnerabilities. Products affected by these flaws include Adobe Acrobat and Reader, Experience Manager, Experience Manager Forms and Download Manager. 45 of the 82 flaws were rated critical, all of which were present in Adobe Acrobat and Reader and allowed remote code execution. We recommend applying the most recent Adobe updates as soon as possible to mitigate the risk of an attack.
And that’s it for this week round-up, please don’t forget to tune in for our next instalment.
Why not follow us on social media using the links provided on the right.
Edition #63 – 18th October 2019
Ironshare – Security Simplified