blog-layout

Neu Cyber Threats – 21st July 2022

Last week, Microsoft disclosed many phishing attacks on organisations since September 2021 through hijacked Office 365 accounts that are even protected by MFA (Multifactor Authentication). An AitM (Adversary-in-the-middle) phishing site is set up, and the attacker will then deploy a proxy server making the intended target connect to a lookalike page designed to harvest the login credentials and MFA token. Although AitM attacks look to circumvent MFA, it is vital not to underestimate the importance of MFA as it prevents several other attacks and is simple but effective for security. Educating your staff on how to spot phishing emails and what signs to look for is essential. Use tools like KnowBe4 training that provides staff awareness training and sends simulated phishing emails.

2023-12-15T10:09:56+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 21st July 2022

Neu Cyber Threats – 14th July 2022

Microsoft has released its latest batch of security updates for windows machines; this patch addresses 84 new security flaws spanning a multitude of products. Of the 84, 4 are rated as critical, and 80 are rated important in their severity level. This patch also resolves two bugs within the Chromium-based Edge browser, one of which rectifies a zero-day vulnerability that was being exploited in the wild. Security patches are important to apply as they rectify many known vulnerabilities and offer better levels of security; this can be done manually or by allowing the tool to automatically update.

2023-12-15T10:09:57+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 14th July 2022

Neu Cyber Threats – 7th July 2022

Wiltshire Farm Foods is the UK's largest provider of ready-meals, and there are speculations that a ransomware attack hit them, which caused significant disruption to Meals on Wheels. Ransomware attacks are always devastating and can greatly damage a company in terms of reputation and finances. This attack has created issues within supply lines that have had drastic consequences for Meals on Wheels, leaving the elderly potentially without food. It is important to ensure your supply chain has robust security enforcement. You can perform checks by asking to see your supply chain's incident response plan and what precautions they take regarding cyber security. But what about protecting yourselves? Start training your staff to identify phishing attempts, employ a reputable ant-virus/malware, and adopt reasonable backup solutions and incident response.

2023-12-15T10:09:58+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 7th July 2022

Neu Cyber Threats – 30th June 2022

A recent vulnerability has been discovered for Microsoft SharePoint. CVE-2022-30157 was published on 15/06/2022 with a CVSS 3.1 score of 8.8, meaning it is a high rating in criticality. The vulnerability allows for the remote running of arbitrary code on affected Microsoft SharePoint Servers. The vulnerability exists in the processing of charts. They are tampering with the client-side data, which can trigger a serialisation of untrusted data. An attacker can leverage this to execute code. If you are using Microsoft SharePoint, it is highly recommended that you ensure all current patches are installed. For further information about CVE-2022-30157, click here.

2023-12-15T10:09:59+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 30th June 2022

Neu Cyber Threats – 23rd June 2022

Android 10 is set to end security support by the end of this year. It is important to know if your phone is using Android 10 and if you have the capability to upgrade to a newer version of Android. This can easily be checked by navigating to your settings and finding the software information. Within these settings, you should see an Android version. An update is needed if your version is saying 'Android version 10'. To see if your phone is eligible for the upgrade to Android 11 or 12, you will need to see if the update is within software updates. This can be performed by looking in the software update section of your settings for your phone. What do you risk if you don't upgrade your Android? If you do not upgrade to a supported Android version, you will no longer receive security updates for this software once the support for Android runs out. This means any vulnerabilities discovered will not be patched. Your phone becomes a permanent weakness for all your stored data.

2023-12-15T10:10:00+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 23rd June 2022

Neu Cyber Threats – 16th June 2022

The BlackCat Ransomware, which was first seen in November 2021, has since emerged as one of the most active ransomware groups. The group look for active vulnerabilities within organisations and pay in particular favour to the unpatched Microsoft exchange. The group gained access through this vulnerability and applied Rust-based Ransomware. According to the Cyber Security Analyst ANOZR WAY, the BlackCat group is the 3rd most active ransom group behind Lockbit 2.0 & Conti. They were recently targeting the University of Pisa. They held the University to ransom for an alleged $4.5 million. Ensuring a regular patching schedule is in place to apply any security update is the best option to defend against this attack style. It is also an excellent notion to ensure you have a good backup stance which is regularly checked and validated. Other things that can be put in place to secure your organisation against ransomware are to ensure the use of MFA(Multifactor authentication) and the implementation of good endpoint protection. Facilities that offer sandboxing technology can assess files sent in through email and ascertain if they have malicious intent.

2023-12-15T10:10:01+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 16th June 2022

Neu Cyber Threats – 9th June 2022

Whilst there has been no official patch for the Follina vulnerability, Microsoft has provided some workaround that can be implemented to prevent this vulnerability from being exploited. The Follina Zero-day was first discovered on the 30th of May 2022, which was issued the CVE-2022-30190 with regards to the Microsoft Support Diagnostic Tool (MSDT). Mimecast, an email filtering service that utilises sandboxing techniques to analyse links and attachments, had this to say: “Mimecast’s security stack has been updated to cover known IOCs. We are also deploying supplemental detection to identify further and block the technique leveraged by the vulnerability. Mimecast provides a comprehensive layered security approach by leveraging internally developed services combined with third-party partners throughout our stack. This includes heuristic-based machine learning and human analysis practices.” This vulnerability allowed for the remote code execution if an end-user opened a document containing malicious code that exploited Follina. Microsoft is yet to announce if an official patch will be created for this vulnerability, but for more information about this and for guidance on how to utilise the Microsoft’s workaround, updates can be found here: https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

2023-12-15T10:10:02+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 9th June 2022

Neu Cyber Threats – 2nd June 2022

A very dangerous 0-day exploit for Microsoft Office (CVE-2022-30190 aka Follina) was announced earlier this week. This is a 0-day attack that sprung up out of nowhere, and there's currently no patch available. It affects all versions of MS Office. Detonating this malicious code is as simple as opening up an infected Word document —even in preview mode and with Macros disabled. We strongly advise you don't click on any attachments you are not expecting to receive! Further (technical) details can be found here: CVE-2022-30190 - Security Update Guide - Microsoft - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability Rapid Response: Microsoft Office RCE - “Follina” MSDT Attack (huntress.com) We continue to monitor the situation and will provide further guidance/updates as necessary.

2023-12-15T10:10:04+00:00Neuways Blog, Uncategorised|Comments Off on Neu Cyber Threats – 2nd June 2022
Go to Top