Cyber Round-up for 25th September
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The Office of National Statistics has been investigating the drastic increase in cyber crime in Cambridgeshire. Figures from their reports state that the number of attacks has increased by more than 49% in the last three years, with around 63.7 cyber attacks per 10,000 people. The rise in cyber crime in the region has been unrivalled by the rest of the UK, with only North Wales coming close with a 47% increase. Cambridgeshire now has a reputation as the ‘cyber-crime capital of the UK’; this is partly due to it being home to one of the world’s most prominent universities, which are seen as huge liabilities when it comes to cyber security.
Twitter has prepared for the upcoming US election by providing additional account security for politicians and candidates involved. Back in June, twitter experienced a large-scale hack which affected a number of celebrities, including Joe Biden. In response to this, Twitter has taken the necessary precautions to ensure it does not happen in a time as important as the election. They confirmed they would be adding ‘proactive internal security safeguards’ for high profile individuals, including the Executive Branch, Congress, US governors, Presidential candidates and even news outlets/journalists. The new rules include much stronger password complexity requirements, as well as encouragement to use two-factor authentication.
The Keychain password manager has been a feature on iOS for quite a while now, but iOS 14 introduces a big addition to its functionality. The feature originally allowed users to save account credentials so they can be stored safely and not forgotten; the latest update also provides the user with a notification if one of their passwords has been compromised in a data breach. The notification also presents the user with the option to generate a strong and secure password to replace their compromised one; This new addition is a huge step forward in terms of security for the mobile operating system.
As the world of cybersecurity evolves, we keep coming back to the same question: how likely is a passwordless future? Many factors seem to be driving the need for a passwordless world, including security weaknesses and the increasing popularity of BYOD (Bring Your Own Device). This has been a topic of interest in Cisco webinars lately; CISO, J. Wolfgang Goerlich has said, ‘in a passwordless world, they throw in a username and complete a secondary factor of authentication without having to enter a password, and then they don’t have to remember things or rotate things’. This whole concept is aiming to make things as easy as possible for the user, without compromising security. There has been a lot of discussion about a passwordless future, and while it may be a long time before this happens, we should expect to see the use of passwords slowly reduce in the future.
The Department of Homeland Security’s cybersecurity division has released a new emergency directive addressing a new vulnerability known as Zerologon. This is a privilege escalation flaw that exists on Windows Servers; and was addressed in Microsoft’s August Patch Tuesday update. After realising the severity of this vulnerability, DHS’s emergency directive ordered all federal civilian agencies to apply the new patch immediately; and states that the flaw is an ‘unacceptable risk’ to federal networks. The directive also stated that systems that remain unpatched by the end of Monday 21st September would be removed from the network and taken offline. The short time limit is a good indicator of just how dangerous this vulnerability is. If you haven’t already please update as soon as you can.
Vulnerabilities & Updates
A vulnerability emerged earlier this year that allowed local privilege escalation and remote compromise while using the Citrix Workspace app with Windows file sharing enabled. This flaw existed in the automatic update service in the app and was patched in July. However, a new attack vector has been discovered that has revived this security flaw. The original patch did not address remote connectivity, meaning attackers can still exploit the vulnerability. More details on this new attack vector can be found in this Citrix advisory. Also, please ensure that you apply the latest security patches, which can be found here.
And that’s it for this week’s round-up, please don’t forget to tune in for new instalments every week.
We hope this makes for light reading during these times of uncertainty.
Stay Safe, Secure and Healthy!
Edition #110 – 25th September 2020
Why not follow us on social media:
Ironshare – Security Simplified