Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
LastPass is now encrypting URLs within user vaults to enhance security and privacy. Historically, URLs were unencrypted due to performance constraints on older devices. With advancements in technology, LastPass can now encrypt these URLs without affecting user experience. This change, rolling out in phases starting in June 2024, will further protect sensitive account details and uphold LastPass’s “zero-knowledge architecture”. Users and admins will receive instructions on the transition process, ensuring seamless encryption of all URL fields by the end of 2024. For more details, read the full announcement here.
By blog.lastpass.com
A critical security flaw in Veeam Backup Enterprise Manager (CVE-2024-29849) with a CVSS score of 9.8 allows unauthenticated attackers to bypass authentication and log in as any user. Veeam has also disclosed three other vulnerabilities, including NTLM relay (CVE-2024-29850), an NTLM hash theft (CVE-2024-29851), and log-reading (CVE-2024-29852) flaws. All vulnerabilities are fixed in version 12.1.2.172, and the company urges users to update to the latest version to mitigate these risks.
By thehackernews.com
Microsoft's new Windows 11 Recall feature, announced during an AI event, has sparked significant privacy concerns. The feature takes periodic screenshots of the active window that can be analyzed by an AI model to help you ‘recall’ information you have viewed in the last 3 months, storing all data locally. Although Microsoft claims the data is encrypted and stored only on the user's device, experts worry about potential exploitation by hackers and unauthorized users. The UK’s Information Commissioner’s Office is discussing the idea with Microsoft to understand their plans to protect the recorded information and ensure it is not being misused. Critics argue that this feature introduces substantial privacy and security risks, likening it to a built-in keylogger.
By bleepingcomputer.com
Aston Villa Football Club (AVFC) exposed the personally identifiable information of 135,770 individuals by leaving an Amazon Web Services (AWS) S3 bucket publicly accessible. Discovered by the Cybernews research team on March 13, 2024, the exposed data includes full names, dates of birth, home addresses, phone numbers, email addresses, membership details, and purchase information. This exposure leaves fans vulnerable to spear phishing, identity theft, and the potential for sophisticated social engineering attacks exploiting the leaked data.
Cybernews has advised AVFC to monitor access logs for unauthorized access and recommends encrypting sensitive data to prevent future breaches. Fans are urged to be cautious of any suspicious emails or SMS messages in the near future to protect themselves from targeted phishing attempts and other security risks.
By cybernews.com
The National Cyber Security Centre (NCSC) is now offering guidance on protecting your organisation against Business Email Compromise (BEC) risks. Business Email Compromise is a form of cybercrime where attackers manipulate organisations into transferring funds or sensitive data via fraudulent emails, often by impersonating executives or trusted business partners.
Key takeaways from this guidance include implementing multi-factor authentication, training staff to recognize phishing attempts, verifying payment requests through secondary channels, and maintaining up-to-date software defenses. The NCSC emphasizes the importance of a comprehensive approach combining technical defenses and user awareness to effectively safeguard against these sophisticated attacks.
For more detailed information, you can visit the NCSC blog here.
By ncsc.gov.uk
Stay Safe, Secure and Healthy!
Edition #275 – 24th May 2024
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
