Request a call back

About Neuways

This author has not yet filled in any details.
So far Neuways has created 341 blog entries.

Neu Cyber Threats – 30th June 2022

A recent vulnerability has been discovered for Microsoft SharePoint. CVE-2022-30157 was published on 15/06/2022 with a CVSS 3.1 score of 8.8, meaning it is a high rating in criticality. The vulnerability allows for the remote running of arbitrary code on affected Microsoft SharePoint Servers. The vulnerability exists in the processing of charts. They are tampering with the client-side data, which can trigger a serialisation of untrusted data. An attacker can leverage this to execute code. If you are using Microsoft SharePoint, it is highly recommended that you ensure all current patches are installed. For further information about CVE-2022-30157, click here.

By |2022-06-29T15:45:24+01:0030 June 2022|Weekly Update|Comments Off on Neu Cyber Threats – 30th June 2022

Neu Cyber Threats – 23rd June 2022

Android 10 is set to end security support by the end of this year. It is important to know if your phone is using Android 10 and if you have the capability to upgrade to a newer version of Android. This can easily be checked by navigating to your settings and finding the software information. Within these settings, you should see an Android version. An update is needed if your version is saying 'Android version 10'. To see if your phone is eligible for the upgrade to Android 11 or 12, you will need to see if the update is within software updates. This can be performed by looking in the software update section of your settings for your phone. What do you risk if you don't upgrade your Android? If you do not upgrade to a supported Android version, you will no longer receive security updates for this software once the support for Android runs out. This means any vulnerabilities discovered will not be patched. Your phone becomes a permanent weakness for all your stored data.

By |2022-06-17T21:09:35+01:0023 June 2022|Weekly Update|Comments Off on Neu Cyber Threats – 23rd June 2022

Neu Cyber Threats – 16th June 2022

The BlackCat Ransomware, which was first seen in November 2021, has since emerged as one of the most active ransomware groups. The group look for active vulnerabilities within organisations and pay in particular favour to the unpatched Microsoft exchange. The group gained access through this vulnerability and applied Rust-based Ransomware. According to the Cyber Security Analyst ANOZR WAY, the BlackCat group is the 3rd most active ransom group behind Lockbit 2.0 & Conti. They were recently targeting the University of Pisa. They held the University to ransom for an alleged $4.5 million. Ensuring a regular patching schedule is in place to apply any security update is the best option to defend against this attack style. It is also an excellent notion to ensure you have a good backup stance which is regularly checked and validated. Other things that can be put in place to secure your organisation against ransomware are to ensure the use of MFA(Multifactor authentication) and the implementation of good endpoint protection. Facilities that offer sandboxing technology can assess files sent in through email and ascertain if they have malicious intent.

By |2022-06-15T12:41:14+01:0016 June 2022|Weekly Update|Comments Off on Neu Cyber Threats – 16th June 2022

Neu Cyber Threats – 9th June 2022

Whilst there has been no official patch for the Follina vulnerability, Microsoft has provided some workaround that can be implemented to prevent this vulnerability from being exploited. The Follina Zero-day was first discovered on the 30th of May 2022, which was issued the CVE-2022-30190 with regards to the Microsoft Support Diagnostic Tool (MSDT). Mimecast, an email filtering service that utilises sandboxing techniques to analyse links and attachments, had this to say: “Mimecast’s security stack has been updated to cover known IOCs. We are also deploying supplemental detection to identify further and block the technique leveraged by the vulnerability. Mimecast provides a comprehensive layered security approach by leveraging internally developed services combined with third-party partners throughout our stack. This includes heuristic-based machine learning and human analysis practices.” This vulnerability allowed for the remote code execution if an end-user opened a document containing malicious code that exploited Follina. Microsoft is yet to announce if an official patch will be created for this vulnerability, but for more information about this and for guidance on how to utilise the Microsoft’s workaround, updates can be found here: https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

By |2022-06-08T08:59:20+01:009 June 2022|Weekly Update|Comments Off on Neu Cyber Threats – 9th June 2022

Neu Cyber Threats – 2nd June 2022

A very dangerous 0-day exploit for Microsoft Office (CVE-2022-30190 aka Follina) was announced earlier this week. This is a 0-day attack that sprung up out of nowhere, and there's currently no patch available. It affects all versions of MS Office. Detonating this malicious code is as simple as opening up an infected Word document —even in preview mode and with Macros disabled. We strongly advise you don't click on any attachments you are not expecting to receive! Further (technical) details can be found here: CVE-2022-30190 - Security Update Guide - Microsoft - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability Rapid Response: Microsoft Office RCE - “Follina” MSDT Attack (huntress.com) We continue to monitor the situation and will provide further guidance/updates as necessary.

By |2022-06-01T15:18:01+01:001 June 2022|Weekly Update|Comments Off on Neu Cyber Threats – 2nd June 2022

Neu Cyber Threats – 26th May 2022

The energy regulator Ofgem has issued advice after reports of cyber criminals contacting people and trying to access their bank details. Criminals are fraudulently requesting bank details under the guise of offering the council tax rebate currently being issued by the government. The NCSC has guidance advising how to recognise and report phishing emails, texts, websites and adverts or phone calls, which can be found here: Phishing: Spot and report scam emails, texts, websites and... - NCSC.GOV.UK. If you have received an email you’re not quite sure about, forward it to report@phishing.gov.uk. Suspicious texts should be forwarded to 7726.

By |2022-05-26T08:32:47+01:0026 May 2022|Weekly Update|Comments Off on Neu Cyber Threats – 26th May 2022
Go to Top