Cyber Round-up for 29th January
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Emotet has been one of the most dangerous threats over the last few years, but this week major progress was made in shutting down their operations. Authorities from the Netherlands, Germany, the US, the UK, France Lithuania, Canada, and Ukraine have collaborated with Europol to disrupt the Emotet botnet and take control of its infrastructure. This is a huge step in the security world, and you can find out more about this take down campaign here in Europol’s statement.
SonicWall have suffered an attack on their internal systems after bad guys exploited probable zero-day vulnerabilities that are affecting their SMA 100 Series of devices. At this time, there is no patch for these flaws, however SonicWall have published an advisory on how to mitigate the risk of exploit. The advisory urges anyone with an SMA 100 Series appliance to enable two-factor authentication, as well as some other steps to secure your device.
More guidance can be found here.
The NHS advise all UK citizens to keep an eye out for fake COVID-19 vaccination messages. Many people have received scam emails and SMS messages impersonating the NHS in order to bait victims into clicking a link. Upon clicking the link, the victim will be asked to provide payment card details, from which the attackers attempt to steal money. The NHS have strictly stated that they will never ask for any passwords, personal information, or payment card details; we urge everyone to be cautious with suspicious emails at all times.
Windows software developer, IObit, has been targeted by a ransomware gang; their forums were hacked and altered to display a ransom demand. This appears to have been done as part of their plan to distribute the DeroHE ransomware; the attackers also messaged forum users with a disguised link that installs the malware. The group are demanding $100,000 in exchange for the decryption key.
Vulnerabilities & Updates
A vulnerability existing in Apple tvOS has been discovered and Apple have confirmed that it affects all versions up to 11.1. This flaw is a memory corruption vulnerability that requires authentication to be exploited. We advise all users they upgrade to version 11.2 to ensure they are protected against this flaw. If possibly its recommended to enable automatic updates on your Apple devices.
More details can be found here.
An anonymous security researcher has discovered multiple flaws that have been addressed in an emergency iOS security update. One of these vulnerabilities exists in the operating systems kernel, while the other two are associated with the WebKit browser engine. All of these zero-days are being actively exploited by the bad guys, so we urge all users to apply the latest updates as soon as possible.
And that is it for this week’s round-up, please do not forget to tune in for new instalments every week.
Stay Safe, Secure and Healthy!
Edition #126 – 29th January 2021
Why not follow us on social media: