Cyber Round-up for 31st July
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
The Vatican has reported a breach in their computer systems, and it is believed that they were infiltrated by Chinese hackers. This came at an interesting time, not long after the Vatican had planned sensitive talks with Beijing over the state of religion in China. The Chinese state has faced many accusations over the years regarding cyber-espionage against religious groups; the recent Vatican incident appears to be another case of this. Investigations found that the intrusion could have revealed the Vatican’s negotiation plans ahead of their talks in September. The group behind the attack is believed to be RedDelta, who were also involved in several other incidents relating to organisations related to the Catholic Church.
Garmin have released a statement confirming they were recently a victim of a ransomware attack, which has affected them quite severely. They are returning to operation a week later, but it has been a slow process which they are staggering through. Garmin managed to restore their encrypted data, but they have not confirmed if they eventually paid the ransom. Rumours online suggest that the demand may have been in the region of $10 million. Garmin have contacted their customers stating there has been ‘no indication’ of personal data being accessed, which is reassuring for users of their tech.
Dave, a popular digital banking app and tech unicorn has released a statement addressing a recent security breach, in which 7.5 million users were compromised. The breach occurred through an analytics platform known as Waydev, who were previously business partners of Dave; this allowed malicious actors to gain unauthorised access to the user data of 7,516,625 customers. The company began investigations as soon as they were made aware of the incident, and quickly patched their systems. Reports suggest that the hackers may have cracked some of the stolen passwords and are attempting to sell the credentials online. Dave are currently working with law enforcement to resolve this and have issued an app-wide password reset to compensate.
The NCSC and CISA have jointly reported on a new malware strain that appears to target NAS devices made by QNAP. This strain, which is known as QSnatch, first surfaced in late 2019, but has only recently come under investigation; it is believed that all versions are potentially vulnerable to this malware apart from the latest version. We highly advise applying the latest security fixes to ensure your devices do not join the thousands that have already been infected worldwide.
Vulnerabilities & Updates
Cisco has issued a warning to their customers regarding a high severity flaw that is affecting its network security software. They made it clear that a remote, unauthenticated attacker could access sensitive data, and that this is already being actively exploited. This flaw exists in the web services interface of Firepower Threat Defense software and their Adaptive Security Appliance software. A patch for these vulnerabilities have been released, which we recommend applying as soon as possible. CVE details for this vulnerability have been released, with a CVSS score of 7.5 out of 10. More details on the advisories can be found here.
And that’s it for this week’s round-up, please don’t forget to tune in for new instalments every week.
We hope this makes for light reading during these times of uncertainty.
Stay Safe, Secure and Healthy!
Edition #102 – 31st July 2020
Why not follow us on social media:
Ironshare – Security Simplified