Skip to content
Ironshare
  • Home
  • What We Do
  • Prepare & Respond
    • Consulting
    • Cyber Basics
    • Security Guidance
  • Prevent
    • Account Security
    • Cloud Security
    • Web Security
    • Endpoint Security
  • Recover
    • Backup & Recovery
  • Blog
Contact Us
Cyber Round-up for 24th May
Stuart
by Stuart Hare

Cyber Round-up for 24th May

May 23, 2019 No comment(s) Cyber Round-up, News Cyber Round-Up, Cyber Security, Cyber Security News, GozNym Gang takedown, Instagram account leaks, Legal scams, more Magecart, Mozilla vulns, News, Talos BlackWater campaign
Facebook
Twitter
Google+
LinkedIn
Pinterest
Cyber Round-up

Cyber Round-up for 24th May

Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.


In this week’s round-up:

Security News

Data on millions of Instagram accounts spills onto the internet

Researcher Anureg Sen, has discovered an unprotected database containing the details for millions of Instagram users. The data was found in a publicly accessibly Amazon Web Services S3 storage bucket, managed by marketing company Chtrbox, which could be accessed without needing a username or password. Users profiles and contact information was included in the leak.

By Tripwire.

Legal Threats Make Powerful Phishing Lures

We have seen a huge increase in phishing scams over the past couple of years and they are not looking like slowing down. Brian Krebs has reported on a recent scam campaign that hit more that 100,000 business emails with legal threats. A fake document is delivered to the victim and includes trojan malware that can deliver additional malicious content such as ransomware. As per our usual guidance never open email attachments or click on links if they are untrusted or you are not expecting them.

By KrebsonSecurity

GozNym Cybercrime gang bought down by US and EU law enforcement

The infamous GozNym gang, who were responsible for stealing approximately 100Million Euros from its victims, have been taken down in a joint effort by US and EU law enforcement agencies. The group of cyber specialists used advanced banking malware, sourced from a mix of the Gozi banking trojan and the Nymaim ransomware variant to capture banking credentials and steal funds, before laundering the money through its financial network.

By SCMagazine UK.


Threats

BlackWater campaign associated with MuddyWater Threat Actor

Cisco Talos have identified a recent campaign they have dubbed “BlackWater”, which is suspected of being associated with the known threat actor MuddyWater. New samples discovered use the same method of delivery as previous variants of MuddyWater malware, in the form of macro infected Office documents. They deliver a PowerShell backdoor and bundle new techniques that evade detection. Head over to the Talos blog for another excellent technical write up.

By Cisco Talos Intelligence.

Magecart’s Payment Card Data-Skimming Code Found on Forbes Magazine’s Website

The Magecart threat just keeps rolling on, this time hitting the subscription page on the Forbes Magazine website. Magecart uses malicious javascript to collect credit card and personal information from online checkout pages. But this attack on the Forbes sites show that the Magecart group are not just focused on ecommerce sites.

By Trend Micro


Vulnerabilities & Updates

Mozilla Tackles Two Critical Flaws with Firefox 67 Release

Mozilla have this week released their latest version of the Firefox browser, which aims to provide better speed and greater privacy. Version 67 includes updates for two critical memory corruption vulns, that allow code execution and could result in a bad actor taking control of the target system. If you are running Firefox its time for an update.

By Threatpost.

Talos releases coverage for ‘wormable’ Microsoft vulnerability

On the back of the critical RDP vulnerability, disclosed by Microsoft in last week’s patch Tuesday, Cisco Talos have released Snort IDS / IPS rule coverage for CVE-2019-0708. Users of Snort can now get access to the update for rules set 2019-05-20 which includes rule 50137 for this vuln.

By Cisco Talos Intelligence.


And that’s it for this week round-up, please don’t forget to tune in for our next instalment.

Why not follow us on social media using the links provided on the right.

Edition #42 – 24th May 2019

Ironshare – Security Simplified

FreeAssessmentBanner
CyberRound-UpSignUpBanner
Stuart
About the Author
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
About the Author
Stuart Hare
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Search
Search for:
Post Categories
  • Case Studies (3)
  • Cisco AMP for Endpoints (4)
  • Cisco Umbrella (8)
  • Cyber Basics (3)
  • Cyber Round-up (192)
  • News (221)
  • Phishing (1)
  • Products and Services (18)
  • Ransomware (2)
  • Security Advisory Archives (16)
  • Security Guidance (8)
  • Technical Archives (5)
Latest Posts
  • Cyber Round-up for 27th May May 26, 2022
  • Cyber Round-up for 20th May May 19, 2022
  • Microsoft Patch Tuesday: May 2022 May 16, 2022
  • Cyber Round-up for 13th May May 12, 2022
  • Cyber Round-up for 6th May May 5, 2022
Tags
Account Takeover Apple Vulns Case Study Cisco Cisco AMP Cisco AMP Tags for Endpoints Cisco Umbrella Investigate Cisco Umbrella Tags Cisco vulns Consulting cyber attack Cyber Attacks Cyber Round-Up Cyber Security Cyber Security News Cyber Security Round-up Data Breach Data Leak Emotet Exploits Fraud Insider Threats IT Security MageCart Malware Microsoft Patch Tuesday Microsoft Updates Microsoft Vulns MS Patch Tuesday News OpenDNS Password Security Patch Tuesday phishing Phishing Attack Tags Products and Services Tags Ransomware Scams Security Advisory Security Updates Services Small Business Security Vulnerabilities Weekly Cyber Round-up Wordpress vulns
Follow us on Social Media
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube
Get the latest News & blogs delivered to your mailbox!
About

Ironshare is a provider of Information and Cyber Security services. With over 80 years of industry experience, Ironshare focuses on helping its customers to achieve a greater understanding of the risks to their organisation, whether large or small, while ensuring that defined Security solutions are delivered in simple and effective manner.

cyberessentials_80j

Navigation
  • Customer Success
  • Careers
  • News
  • Products and Services
  • Ransomware
  • Security Advisory Archives
  • Security Guidance
  • Technical Archives
  • IT Security Self-Assessment
  • Privacy Policy
Recent Posts
  • Cyber Round-up for 27th May
  • Cyber Round-up for 20th May
  • Microsoft Patch Tuesday: May 2022
  • Cyber Round-up for 13th May
  • Cyber Round-up for 6th May
Contacts
  • Phones: +44 (0) 121 769 0475;
  • E-mail: information@ironshare.co.uk
  • Address: The Colmore Building, 20 Colmore Circus, Birmingham, B4 6AT
  • We are open: Mon-Fri: 9 am-6 pm
Ironshare Theme © 2022.
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
Privacy Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT