Search
Close this search box.

Become Cybersafe – 28th March

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” border_style=”solid” margin_top=”1px” flex_align_items=”center” flex_justify_content=”flex-start”][fusion_builder_row][fusion_builder_column type=”1_1″ type=”1_1″ layout=”1_1″ background_position=”left top” border_style=”solid” border_position=”all” spacing=”yes” background_repeat=”no-repeat” margin_top=”0px” margin_bottom=”0px” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” hover_type=”none” first=”true” background_blend_mode=”overlay” min_height=”” link=””][fusion_text]

Welcome to the latest edition of the Cybersafe Cyber Threats Update, from the 28th March 2024. This is a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online. Being aware of these cyber threats helps UK companies to gain cyber essentials certifications and keeps employees on alert for potential danger. If you need help with Cyber Security, contact Neuways to become Cybersafe.

Here are the most prominent cyber threats to businesses which you should be aware of:

Publishing Platforms being used to dupe employees into clicking links in new spate of Phishing Attacks

Hackers exploit digital document publishing (DDP) platforms like FlipSnack and Issuu to launch phishing attacks, steal credentials, and hijack session tokens. These platforms offer an interactive flipbook format and enjoy a favourable domain reputation, making them attractive targets for threat actors and cyber criminals.

By creating multiple accounts on free tiers or trial periods, hackers host malicious documents on DDP platforms, leveraging features like automatic content expiration and anti-extraction mechanisms to evade detection. In these attacks, DDP sites serve as intermediaries, redirecting users to fake login pages resembling Microsoft 365 and bypassing traditional email and web content filtering controls.

Businesses need to improve their cyber security to combat these phishing attacks

Exploiting digital document publishing platforms for phishing underscores the importance of maintaining vigilance and robust cyber security measures. As hackers adapt and exploit new avenues for cyber attacks, businesses and individuals must stay alert to emerging threats. By monitoring suspicious activity, implementing adequate security protocols, and regularly updating defences, organisations can mitigate the risk of phishing attacks and safeguard sensitive information from unauthorised access.

Additionally, educating users about the dangers of phishing and providing training on identifying and reporting suspicious emails can further enhance cyber security posture. In an increasingly interconnected digital landscape, proactive measures and vigilance are essential for protecting against evolving cyber threats.

Contact Neuways to see how we can help provide your employees with Phishing Awareness Training and better improve your cyber security.

Malware Detected in Organisation used by Companies all over the world


A new malware campaign has been uncovered by cyber security researchers, utilising Google Sites pages and HTML smuggling to distribute AZORult malware, with the aim of stealing sensitive information. This phishing campaign, widespread and attributed to no specific threat actor, is designed to gather valuable data for underground forums. AZORult, a well-known method used by cyber criminals is typically distributed through various channels such as phishing emails, trojanised software, and malvertising. However, this recent attack tactic involves counterfeit Google Docs pages on Google Sites, leveraging HTML smuggling to deliver the payload stealthily.

To enhance legitimacy and bypass URL scanners, the attackers have added a CAPTCHA barrier. Upon download, a Windows shortcut file poses as a PDF bank statement, triggering a series of actions to deploy the AZORult loader and malware. This campaign effectively evades traditional cyber security measures by utilising legitimate domains like Google Sites to deceive victims.

Furthermore, threat actors have employed AutoSmuggle to spread Agent Tesla and XWorm through malicious SVG files, as well as LokiBot via shortcut files within archives, targeting users with AutoIt-based malware.

CFO’s How important is it to become Cybersafe?

Again, what this emphasises is just how important it is to be aware of these Cyber threats. By implementing the right training and frameworks into your business, Neuways can assist your business to become Cybersafe. If your employees are vigilant and aware of the signs of a phishing attack or other cyber attacks, then your data is less likely to be compromised.

Don’t leave a data breach to chance, the financial implications could be a disaster for your business. Become Cybersafe today.

The Importance of Managed Cyber Security within your business

This malware campaign highlights the critical importance of implementing managed cyber security measures within businesses. With cyber threats constantly evolving and becoming more sophisticated, relying solely on traditional security measures may not be sufficient to protect sensitive data and systems. Managed cyber security services like the ones from Neuways offer proactive monitoring, threat detection, and response capabilities, ensuring that businesses stay one step ahead of emerging threats.

By partnering with managed cyber security providers, businesses can benefit from continuous monitoring of their IT infrastructure, timely threat intelligence updates, and expert analysis of potential security vulnerabilities. Additionally, managed cyber security services can help businesses develop and implement robust security policies, conduct regular security assessments and audits, and provide employee training to enhance cyber security awareness.

Chinese hackers responsible for two ‘malicious’ cyber campaigns against UK


Chinese state-affiliated hackers launched two significant cyber campaigns targeting UK parliamentarians and democratic institutions, as disclosed by the deputy prime minister. The National Cyber Security Centre (NCSC) identified one group responsible for breaching the UK Electoral Commission’s IT systems from 2021 to 2023. Another group, APT31, conducted surveillance activities against UK parliamentarians in 2021. The gravity of these attacks was highlighted, emphasising a pattern of hostile behaviour originating from China, posing threats to democratic institutions not only in the UK but internationally.

The UK government announced sanctions against two individuals and a company linked to APT31 to address these breaches. At the same time, the US Department of Justice charged seven Chinese nationals associated with the same group. It was reiterated that the government’s commitment to holding China accountable for its actions, signalling a firm stance against threats to national security.

Furthermore, it was revealed that Chinese hackers likely orchestrated a cyber attack on the Electoral Commission in 2021, compromising sensitive voter information. Despite these attempts, officials reassured the public that UK election security remained intact without impacting voter registration or democratic processes.

In response to growing concerns, the UK government has implemented legislation to counter foreign interference, limiting Chinese involvement in sectors deemed critical to national cyber security. Prime Minister Rishi Sunak characterised China as an “epoch-defining challenge,” reflecting the seriousness with which the UK views the situation.

Despite the cyber threats, officials expressed confidence in the resilience of UK election systems, reassuring the public that upcoming elections, both local and national, are secure from foreign influence. John Pullinger, chair of the Electoral Commission, affirmed that while the cyber attack did occur, it did not compromise the integrity of UK elections or the democratic process.

What this story highlights is how easy it is for cyber criminals to orchestate a cyber attack on large organisations, The size of your business does not matter, and neither does the industry you operate in. Data is data in the eyes of cyber criminals and you may just be a tiny domino in a much larger effect. It is important to ensure that you become Cybersafe.

Contact Neuways to become Cybersafe

If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today. We’re based in Derby but we work with clients all over the UK and can travel for your needs.

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Work Password Example - why you need a password manager
The most hacked passwords in 2024 and how to protect yourself
These are the most hacked passwords in 2024, learn today how you can protect your business and foster...
Read More
Early patching in Cyber Security
The Importance of Early Patching
Combat against cyber threats with early patching in cyber security.
Read More
Zero Patch updates - Cyber security vulnerability spotted - Neuways urge businesses to act.
Biggest Microsoft Patch Tuesday in years fixes four zero-days, five critical bugs
Discover how the latest Microsoft Patch Tuesday update addresses 142 vulnerabilities, including four...
Read More
Cyber security offered by Neuways in Derby
Businesses pressing ahead with AI regardless of Concerns
Businesses are ignoring concerns re: AI for data tracking. Neuways advise on how to foster a cyber security...
Read More
Cybersafe
What is Credential Stuffing and how can it affect your business?
Defend your business against credential stuffing attacks thanks to Managed Cyber Security services from...
Read More
Cyber secure culture within the business
6 ways to foster a Cyber Secure culture within your company
95% of cyber security issues traced to human error. Here is how to foster a cyber secure culture within...
Read More
Apple devices holding company data could be a security flaw in your business. Photo by Aurich Lawson.
Why it's important to control what apps go into devices that hold company data
If you supply employees with work devices holding company data, managers need to be able to control what...
Read More
Beware of Fake Free WiFi netowrks.
Beware of Fake Free WiFi Networks
Fake free WiFi networks allow cyber criminals to gain access and steal personal data. Use a secure WiFi...
Read More

Frequently Asked Questions

As a leading IT and technology provider, we offer three core services, all of which have additional add-ons. We offer Managed IT Support, Business Central implementation and consultation, as well as Managed Cyber Security. Call us on 01283 753333 if you are interested in any of our services.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

We can help you conduct Cyber Audits to assess whether your business would gain Cyber Essentials and Cyber Essentials Plus Certification. Our dedicated departments work with your team to assess how much work is required before you gain Cyber Essentials Plus certification. We will then provide advice and consultation on what aspects you need to change within your business before providing a quote on how we can assist your company become Cybersafe.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. Our experienced business consultants have worked all over the world for organisations operating on a global scale. 

Exclaimer Pro is a dynamic email signature that helps clients to switch and change around email signatures so that clients are able to advertise different offers and brands to a variety of email recipients. Administrators can also manage user emails internally, meaning the user does not have to touch their own email signature.

We offer Managed Security Training to help employees spot email phishing attacks, spear phishing attacks and vishing attacks. We also help train clients on how to use the various pieces of software we provide to clients, like Exclaimer Pro, Business Central and Cybersafe software.

We are a Managed IT Support provider based in Derby, East Midlands. However, we cover so many areas including the whole of the UK, Europe, and America. We are always willing to travel and send our expert technicians to ensure you have the best experience. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name