Skip to content
Ironshare
  • Home
  • What We Do
  • Prepare & Respond
    • Consulting
    • Cyber Basics
    • Security Guidance
  • Prevent
    • Account Security
    • Cloud Security
    • Web Security
    • Endpoint Security
  • Recover
    • Backup & Recovery
  • Blog
Contact Us
Cyber Round-up for 26th July
Joshua H
by Joshua H

Cyber Round-up for 26th July

July 25, 2019 No comment(s) Cyber Round-up, News Amex Phish, Apple Vulns, Cyber Round-Up, Cyber Security, Cyber Security News, Deliveroo Account Hack, Lancaster Uni attack, News, Office 365 Phish, Sky email breach, Wordpress vulns
Facebook
Twitter
Google+
LinkedIn
Pinterest
Cyber Round-up

Cyber Round-up for 26th July

Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.


In this week’s round-up:

Security News

Hacked Deliveroo Accounts Being Sold By Dark Web Dealers

Deliveroo users have recently had their accounts hacked and sold by dark web dealers for prices as small as £5. Hackers are using login details from previous mega-hacks and various phishing techniques to obtain a user’s credentials to sell online. Victims have been reporting unusual amounts of food being ordered from their accounts, with one order coming to £450. A significant number of account thefts have been reported recently, mostly in London. Many users have complained about the slow response from Deliveroo and are unhappy that they are simply deleting the compromised accounts. They disclosed that they were working hard to address the issue, using fraud prevention software, but no solution has been presented yet.

By Forbes.com

Sky is Forcing its Customers to Reset Their Passwords

TV giant Sky has sent a notification to its customers warning them that their passwords had been reset following an incident that happened last week. After customers reacted with confusion to the email, Sky responded saying that they occasionally reset passwords to keep accounts safe. The incident they referred to appears to be a potential breach of Sky email accounts, which indicated that unauthorised access had been identified. However, information regarding the nature of the incident has not yet been fully disclosed. This has not affected all of Sky’s customers, but a researcher has confirmed that the customers contacted did not have their accounts breached. Sky responded with what they were they consider best practice account management and reset those accounts they believed were affected.

By Forbes.com

Sophisticated Phishing Attack Hits Lancaster University Students

Lancaster University is working to secure its systems following a recent data breach. Stolen data included phone numbers, ID documents and records of a small number of students. The data stolen was reportedly linked to those who applied in 2019 and 2020. Officials announced that the stolen data was being used to send fake invoices to victims and described the attack as sophisticated and malicious. The university announced that those who were affected will be contacted with advice.

By BBC.co.uk


Threats

New Phishing Method Targets Office 365 Admins

Phishers have a new method of infiltrating people’s Office 365 accounts, and it all starts with a fake email that appears to be from Microsoft. The email contains a link to a fake Office login site, where the victim can enter their credentials; if login credentials are entered correctly, they are captured by the attacker before redirecting the victim to the official Office 365 dashboard, to avoid any suspicion regarding the breach. However, if credentials are entered incorrectly, a seemingly real error page is shown asking to login again. This method is unlike anything previously seen, as it focuses on masking the truth from the victim, even after compromising their account. Microsoft recommends enabling Multi Factor Authentication to mitigate this threat.

By HelpNetSecurity.com

New Phishing Scheme Targeting Amex Card Holders

American Express card holders are being targeted by a new phishing campaign, in which attackers send a fake email to a victim, posing as an account update. The hyperlink then redirects to a malicious site. What makes this method seem legitimate is its use of an embedded “base href” URL; this also hides its intent from security tools and anti-virus. The attack does not just target consumers however, actual credit cards, membership reward accounts, merchant accounts and American Express @Work accounts are all at risk. The attackers behind this campaign are taking many precautions to disguise the malicious site, these methods are discussed in more detail in the original post.

By Sesin.at


Vulnerabilities & Updates

Malvertising Campaign Exploiting WordPress Plugin Flaws

A recent malicious advertising campaign has been actively exploiting WordPress plugin vulnerabilities to launch attacks. The most recent target was the ‘Coming Soon Page and Maintenance Mode’ plugin, which is present on over 7,000 sites. The flaw allows an attacker to inject code into the target website, giving them the ability to display popup ads and even redirect visitors to malicious sites disguised as tech support. The biggest flaw targeted by this campaign is the Yellow Pencil Visual CSS Style Editor plugin, which has over 30,000 installs. These vulnerabilities were recently disclosed by WordPress and, although patches have been released, those using versions older than 1.7.8 are still at risk.

By ThreatPost.com

Apple Addresses Recent Vulnerabilities in July Patch

Apple’s latest patch addresses recent vulnerabilities in iOS, MacOS, Safari, watchOS and tvOS. The update includes a total of 37 fixes, including patching for a few high severity vulnerabilities. One major flaw allowed an attacker to authorise purchases without unlocking the phone using the wallet app. The patch also resolved a bug that allowed a Walkie-Talkie connection to be active during a call without the user’s knowledge. More details on this patch are included in the original post. If your devices are not set to automatically update then we encourage you to update the latest patches as soon as you can.

By TheRegister.co.uk


And that’s it for this week round-up, please don’t forget to tune in for our next instalment.

Why not follow us on social media using the links provided on the right.

Edition #51 – 26th July 2019

Ironshare – Security Simplified

FreeAssessmentBanner
CyberRound-UpSignUpBanner
Free21dayTrial
Joshua H
About the Author
Joshua is working as a Junior Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Search
    Post Categories
    • Case Studies (3)
    • Cisco AMP for Endpoints (4)
    • Cisco Umbrella (8)
    • Cyber Basics (3)
    • Cyber Round-up (126)
    • News (147)
    • Phishing (1)
    • Products and Services (17)
    • Ransomware (2)
    • Security Advisory Archives (13)
    • Security Guidance (4)
    • Technical Archives (5)
    Latest Posts
    • Cyber Round-up for 22nd January January 21, 2021
    • Cyber Round-up for 15th January January 14, 2021
    • Cyber Round-up for 8th January January 7, 2021
    • Cyber Round-up for 18th December December 17, 2020
    • The FireEye SolarWinds Attack – What You Need to Know December 17, 2020
    Tags
    Account Takeover Apple Vulns Case Study Cisco Cisco AMP Cisco AMP Tags for Endpoints Cisco Umbrella Investigate Cisco Umbrella Tags Cisco vulns Consulting cyber attack Cyber Attacks Cyber Round-Up Cyber Security Cyber Security News Cyber Security Round-up Data Breach Data Leak Emotet Exploits Fraud Insider Threats IT Security MageCart Malware Microsoft Patch Tuesday Microsoft Updates Microsoft Vulns MS Patch Tuesday News OpenDNS Password Security Patch Tuesday phishing Phishing Attack Tags Products and Services Tags Ransomware Scams Security Advisory Security Updates Services Small Business Security Vulnerabilities Weekly Cyber Round-up Wordpress vulns
    Follow us on Social Media
    • LinkedIn
    • Twitter
    • Facebook
    • Youtube
    Get the latest News & blogs delivered to your mailbox!
    About

    Ironshare is a provider of Information and Cyber Security services. With over 80 years of industry experience, Ironshare focuses on helping its customers to achieve a greater understanding of the risks to their organisation, whether large or small, while ensuring that defined Security solutions are delivered in simple and effective manner.

    cyberessentials_80j

    Navigation
    • Customer Success
    • Careers
    • News
    • Products and Services
    • Ransomware
    • Security Advisory Archives
    • Security Guidance
    • Technical Archives
    • IT Security Self-Assessment
    • Privacy Policy
    Recent Posts
    • Cyber Round-up for 22nd January
    • Cyber Round-up for 15th January
    • Cyber Round-up for 8th January
    • Cyber Round-up for 18th December
    • The FireEye SolarWinds Attack – What You Need to Know
    Contacts
    • Phones: +44 (0) 121 769 0475;
    • E-mail: information@ironshare.co.uk
    • Address: The Colmore Building, 20 Colmore Circus, Birmingham, B4 6AT
    • We are open: Mon-Fri: 9 am-6 pm
    Ironshare Theme © 2021.
    • LinkedIn
    • Twitter
    • Facebook
    • Youtube
    This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
    Privacy Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled

    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

    Non-necessary

    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.