Cyber Round-up for 24th January
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The Computer Misuse Act was introduced in 1990 as a way of criminalising unauthorised computer activity, however 30 years later, cyber security experts want change. According to the Criminal Law Reform Now Network, the Computer Misuse Act is restricting expert’s ability to carry out research into threats, thus compromising the UK’s cyber security. The report from CLRNN includes a list of recommendations on how the CMA can be improved to both criminalise malicious activity and benefit threat intelligence research.
The Information Commissioner’s Office, which is responsible for the UK’s data privacy regulations, have published a new code of practice aimed at protecting the privacy of children online. The long overdue code is said to be ‘transformational’ and comes following the suicide of a 14-year-old girl who killed herself in response to graphic content she had seen online. The privacy settings introduced by the Age Appropriate Design Code are likely to be in operation by autumn 2021, once it is approved by parliament; to further enforce these privacy policies, large fines will be issued to online content providers, such as social media platforms for breaches in its conduct.
250 million Microsoft customer records from the last 14 years have been exposed in an online database with no password protection. The exposed records included the email addresses, IP addresses, locations and support cases of those affected; this database is a goldmine for fraudsters planning to carry out Microsoft support scams. The exposure was found on December 28, 2019 and was disclosed to Microsoft immediately; within 24 hours all servers had been secured. The severity of this leak comes as no surprise; Microsoft have been in the news a lot recently, and not for good reasons.
Citrix have partnered with well-known security company, FireEye, to develop a tool that can be used to check for compromise. After the news hit regarding critical vulnerabilities being actively exploited, Citrix responded with this tool which they highly recommend to all of their customers. The tool is said to provide a quick response assessment that highlights any indicators of compromise based on known attacks and exploits; it is also compatible with all versions of the Citrix Application Delivery Controller and Gateway. If you are concerned that you might be impacted, Citrix customers should try this tool to quick assess their products; it is both free and easy to use.
Vulnerabilities & Updates
Following a recent series of exploitation attempts and proof-of-concept exploits, Citrix has sped up their patch rollout process, and intends to have all versions of their Application Delivery Controller and Gateway products patched by January 24. Citrix originally stated they would not be patching the products; however, they were given no choice after proof-of-concept exploit code was published publicly. We suggest looking into this if you use these products to understand what versions are expecting updates and when they can be applied.
An unpatched zero-day vulnerability has been discovered in Internet Explorer, and it is being actively exploited in targeted attacks. The flaw could allow an attacker to execute arbitrary code and is typically being exploited via web-based attacks in which the victim is sent to a malicious webpage, often through an email link. This vulnerability is believed to be linked to a critical Firefox flaw from earlier this month, and Microsoft have confirmed that all supported versions of windows are vulnerable. There is currently no security patch for this flaw, however Microsoft have released a list of workarounds to help mitigate the threat. We highly recommend looking into these workarounds to best protect yourself from potential attacks.
And that’s it for this week’s round-up, please don’t forget to tune in for new instalments every week.
Why not follow us on social media using the links provided on the right.
Edition #75 – 24th January 2020
Ironshare – Security Simplified