Cyber Round-up for 7th August
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
More than 135,000 people were unable to access online public services, following a cyber-attack that hit Redcar and Cleveland’s website and computer systems. Since the attack occurred back in February, the local authority has been looking into the recovery costs and has been actively making improvements to their cyber security; they also have plans to continue these upgrades in the future to ensure another attack cannot happen. The council has estimated it has taken £10.4M to cover the costs of the incident, and they have since enrolled on an NCSC security scheme; meaning their defences will be “far more advanced than most peers in local government”.
The group behind Maze ransomware have published over 70GB of internal data from LG and Xerox networks. Typically, if the victim refuses to pay the ransom, their data is added to a ‘leak website’, which they then use to threaten them again. If the second attempt fails also, then the site is published. LG reportedly had 50.2 GB of data stolen, and Xerox had 25.8 GB stolen. Despite being a ransomware group, Maze issued a statement to ZDNet stating that they did not deploy the ransomware on LG’s network as they did not want to disrupt operations; instead, they simply exfiltrated their data. The same cannot be said for Xerox, who have issued no comments regarding the incident.
The FBI has recently issued a private industry notification to US private sector partners addressing the dangers of using Windows 7 as it has reached end-of-life. With Windows 7 no longer receiving support, there have already been sights of weaponised vulnerabilities specifically targeting the operating system. Part of the FBI’s warning contained statistics from when Windows XP went end-of-life; this shows that the healthcare industry saw a huge increase of records being exposed in the following year. This will also be the case with Win7, which is why we and the FBI recommend upgrading your operating system as soon as you can.
Recent reports have found that hundreds of Instagram users have become victims of ‘get rich quick’ schemes; Action Fraud have seen 356 separate cases of fraudulent scams on Instagram since the end of 2018, with an estimated loss of £3M. Studies found that most victims were between 20 and 30 years old, each losing approximately £9,000 to scams. The scheme requests £600 from the user, with a promise that they will receive a significant sum shortly after; as you can expect, this is not the case. Instagram have said that they are actively fighting back against fraudulent activity on the platform and are working to improve their detection systems, so scams are removed faster.
Here we are with yet another scam that takes advantage of the pandemic. This new SMS-based phishing attack sends a text message offering a free one-year TV license because of COVID-19; the link within the message sends the user to a fraudulent site where their personal information is requested. The victim is asked to provide banking details, home addresses and dates of birth. As always, look out for suspicious messages and do not open links unless you are certain of their nature and from a trusted source.
Vulnerabilities & Updates
Googles latest security patch addresses a high-severity flaw which could allow remote code execution on Android devices. This vulnerability exists in the Android Framework, a set of APIs designed to help developers quickly write apps for mobile devices. This flaw currently affects all versions before Android v10; we recommend updating as soon as possible. This patch also addresses a number of other vulnerabilities, including privilege escalation, information disclosure and denial of service flaws. If you wish to learn more about these, you can find details here on Google’s security bulletin.
And that’s it for this week’s round-up, please don’t forget to tune in for new instalments every week.
We hope this makes for light reading during these times of uncertainty.
Stay Safe, Secure and Healthy!
Edition #103 – 7th August 2020
Why not follow us on social media:
Ironshare – Security Simplified