Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Microsoft’s March Patch Tuesday includes a fix for a critical (CVSS 9.8) vulnerability in Microsoft Outlook.
If exploited, this flaw allows an attacker to send the Net-NTLMv2 hash of the compromised Windows account to a remote URL using specially crafted emails. This would enable the attacker to relay the hash to another service and authenticate as the victim.
This flaw is also being actively exploited by state-sponsored Russian hacker groups and does not require outlook to be running.
We strongly recommend applying the latest updates as soon as possible, to ensure you are protected against this threat.
Welcome to our round-up of the Microsoft Patch Tuesday for March 2023!
This batch of updates appears to be similar to last month, with 80 total vulnerabilities being patched. In this, 9 vulnerabilities classed as critical have been patched along with 2 publicly disclosed and 2 exploited in the wild. There are some very dangerous vulnerabilities addressed this month, the main focus being the privilege escalation flaw in Microsoft Outlook.
We urge all users to apply the latest updates as soon as possible. For more details, please see our round-up of this month’s Patch Tuesday here.
Two members of the crime group Vile have been charged for “wire fraud and conspiracy to commit computer intrusions.”. These allegations were made after the individuals compromised the account of a police officer and were able to access databases containing sensitive information. The duo reportedly used this information to threaten and blackmail family members of the exposed subjects.
A US attorney has condemned the misuse of “the public safety infrastructure that exists to protect our citizens.”, as the Vile members face up to five years in prison.
By darkreading.com
Nord Security, the creators of NordVPN, have open sourced the source code of their Linux VPN client in an effort to be “more transparent and ease user’s security and privacy concerns”. They are also making some of their paid services available for all users, specifically the MeshNet private tunnelling feature.
Nord has commented on these changes by saying:
“We want the input and scrutiny of the coding community and to show you that we have confidence in our own software.”.
They are also encouraging the community to report vulnerabilities through their bug bounty program. Its great to see a company this committed to their users, and the improvement of their product and we are excited to see the impact that these changes have.
By bleepingcomputer.com
The NCSC has released some guidance for users of AI language models, and AI chatbots like ChatGPT. ChatGPT has become one of the “fastest growing consumer applications ever.”, and , as always, this popularity has painted a target on its back. The NCSC are very aware of the risks associated with this new technology, and advises all users to carefully consider the data they choose to share with AI chatbots.
We advise all users of ChatGPT and other AI tools to consider the guidance in this NCSC advisory.
By ncsc.gov.uk
There have been a lot of concerns around the security of TikTok recently, with many believing that more data than necessary is being shared with the Chinese government. As a result of these allegations, the UK have opted to ban TikTok on all government phones. Due to the strong data protection laws in place in the UK the government will allow public use to continue, but consider the risk too great for sensitive government devices. TikTok responded to this news and said the bans are based on "misplaced fears and seemingly driven by wider geopolitics". While this may be the case, it is important that government devices remain protected against any potential data leaks.
By gov.uk
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #228 – 17th March 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
