Skip to content
Ironshare
  • Home
  • What We Do
  • Prepare & Respond
    • Consulting
    • Cyber Basics
    • Security Guidance
  • Prevent
    • Account Security
    • Cloud Security
    • Web Security
    • Endpoint Security
  • Recover
    • Backup & Recovery
  • Blog
Contact Us
Cyber Round-up for 27th September
Joshua H
by Joshua H

Cyber Round-up for 27th September

September 26, 2019 No comment(s) Cyber Round-up, News Account Takeover, Cyber Round-Up, Cyber Security, Cyber Security News, Data Leak, DDoS, GandGrab, Microsoft Vulns, News, Ransomware, Vulnerabilities
Facebook
Twitter
Google+
LinkedIn
Pinterest
Cyber Round-up

Cyber Round-up for 27th September

Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.


In this week’s round-up:

Security News

Lack of Visibility into Cloud Instances is the Reason for Most Data Leaks

The McAfee team has announced its views on the ongoing issues surrounding data leaks. Data leaks are becoming more common by the day, with the majority going unnoticed. McAfee believe that lack of visibility is to blame for the problem; their recent report revealed that enterprises are unaware of 99% of the exposed instances they are running. These instances are typically databases and storage buckets that were left accessible to the public on the internet, which makes up a large portion of the data leaks in recent years. A recent study proved that just 26% of organisations have tools to audit their cloud configurations, meaning the majority of companies have no idea what is happening within their cloud instances. By simply introducing cloud auditing to an organization, they can know exactly what needs changing to keep their data secure.

By TheRegister.co.uk

GandCrab Hacker Group Comes Out of Retirement

Notorious hacker group GandCrab, who were originally known for building ransomware for other criminals, have reappeared after retiring from their activities earlier this year. Researchers have been analyzing a new strain of viruses that show signs of GandCrab’s involvement. Their customized ransomware that they sell to others, has reportedly hit over 1.5 million machines, including devices located in hospitals. This code that appears to have surfaced shares many similarities with GandCrab’s old work, including their mistakes. Researchers are not surprised of the group’s return and remain on the lookout for any further activity.

By BBC.co.uk


Cisco Umbrella Trial

Threats

Account Hijack Scheme Targeting YouTube Creators

A massive surge of account hijacks has hit YouTube creators over the last few days; the scheme has mainly targeted those in the car review and auto-tuning community, although others have reported issues. The attack was part of a coordinated campaign that involved a phishing scheme to lure users into giving up their account credentials. A user who managed to recover their account provided insight into the attack chain that led to the hijack. It appears that the hackers use phishing emails to gain credentials and use them to access their google accounts; from there they can re-assign channels to new owners and change the channel’s custom URL, so it appears the account has been deleted. As SMS based 2FA was also compromised during these account takeovers its recommended to move your accounts to 2FA using hardware keys or authentication apps.

By ZDNet.com

Hacker Arrested for Suspected Involvement in World of Warcraft DDoS Attack

Game developers Blizzard, who created World of Warcraft, have made an announcement following a recent DDoS attack targeting their game service. They revealed that shortly after the attack, the developers began working with law enforcement to find the person responsible; it was confirmed that law enforcement have arrested the individual they suspect was behind the attack. Although the hacker’s identity was not disclosed, a twitter account by the name of ‘UKDrillas’ claimed responsibility shortly before the attack took place; upon analysis of the twitter account it appears that the hacker is based in the United Kingdom. Another Blizzard title, Overwatch, was also reportedly affected by the DDoS, however the suspect has since been arrested and the game services should return to normal.

By HotForSecurity.BitDefender.com


AMP Free Trial

Vulnerabilities & Updates

Unscheduled Adobe Update Addresses Critical ColdFusion Flaws

Adobe has released updates for the 2016 and 2018 versions of ColdFusion after identifying that they are affected by three new vulnerabilities; 1 rated important & 2 rated critical. ColdFusion is Adobe’s commercial rapid web-application development platform. The first critical vulnerability is a command injection flaw that allows an attacker to execute arbitrary code; the second is a path traversal exploit that allows attackers to bypass access controls. The two vulnerabilities were addressed in a recent unscheduled update; Adobe recommend updating to the latest version of ColdFusion to minimize the risk of an attack. More details on the flaws are included in the original post.

By ThreatPost.com

Microsoft Issue Critical Security Warning for Windows 10, 8.1 and 7 Users

Its been a rough few weeks for Microsoft and Windows users due to the overwhelming amount of severe security issues. As well as the problems that recent Windows updates have presented, including breaking Windows Defender, warnings have been issued for exploits such as weaponized worms and device driver flaws. Among the mass of issues is a critical zero-day vulnerability in the scripting engine memory of Internet Explorer 9, 10 and 11. This remote code execution flaw allows an attacker to corrupt memory and execute arbitrary code in the context of the logged in user. Most of the issues have been patched, including the flaw mentioned above; however, the update does have to be installed manually, so we recommend seeking out updates from the official Microsoft website.

By Forbes.com


And that’s it for this week round-up, please don’t forget to tune in for our next instalment.

Why not follow us on social media using the links provided on the right.

Edition #60 – 27th September 2019

Ironshare – Security Simplified

FreeAssessmentBanner
CyberRound-UpSignUpBanner
Joshua H
About the Author
Joshua is working as a Junior Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Search
Search for:
Post Categories
  • Case Studies (3)
  • Cisco AMP for Endpoints (4)
  • Cisco Umbrella (8)
  • Cyber Basics (3)
  • Cyber Round-up (196)
  • News (226)
  • Phishing (1)
  • Products and Services (18)
  • Ransomware (2)
  • Security Advisory Archives (16)
  • Security Guidance (9)
  • Technical Archives (5)
Latest Posts
  • Cyber Round-up for 1st July June 30, 2022
  • Cyber Round-up for 24th June June 23, 2022
  • Cyber Round-up for 17th June June 16, 2022
  • Microsoft Patch Tuesday: June 2022 June 15, 2022
  • Cyber Round-up for 10th June June 9, 2022
Tags
Account Takeover Apple Vulns Case Study Cisco Cisco AMP Cisco AMP Tags for Endpoints Cisco Umbrella Investigate Cisco Umbrella Tags Cisco vulns Consulting cyber attack Cyber Attacks Cyber Round-Up Cyber Security Cyber Security News Cyber Security Round-up Data Breach Data Leak Emotet Exploits Fraud Insider Threats IT Security MageCart Malware Microsoft Patch Tuesday Microsoft Updates Microsoft Vulns MS Patch Tuesday News OpenDNS Password Security Patch Tuesday phishing Phishing Attack Tags Products and Services Tags Ransomware Scams Security Advisory Security Updates Services Small Business Security Vulnerabilities Weekly Cyber Round-up Wordpress vulns
Follow us on Social Media
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube
Get the latest News & blogs delivered to your mailbox!
About

Ironshare is a provider of Information and Cyber Security services. With over 80 years of industry experience, Ironshare focuses on helping its customers to achieve a greater understanding of the risks to their organisation, whether large or small, while ensuring that defined Security solutions are delivered in simple and effective manner.

cyberessentials_80j

Navigation
  • Customer Success
  • Careers
  • News
  • Products and Services
  • Ransomware
  • Security Advisory Archives
  • Security Guidance
  • Technical Archives
  • IT Security Self-Assessment
  • Privacy Policy
Recent Posts
  • Cyber Round-up for 1st July
  • Cyber Round-up for 24th June
  • Cyber Round-up for 17th June
  • Microsoft Patch Tuesday: June 2022
  • Cyber Round-up for 10th June
Contacts
  • Phones: +44 (0) 121 769 0475;
  • E-mail: information@ironshare.co.uk
  • Address: The Colmore Building, 20 Colmore Circus, Birmingham, B4 6AT
  • We are open: Mon-Fri: 9 am-6 pm
Ironshare Theme © 2022.
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
Privacy Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT