Search
Close this search box.

Neu Cyber Threats – 22nd June 2023

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” border_style=”solid” margin_top=”1px” flex_align_items=”center” flex_justify_content=”flex-start”][fusion_builder_row][fusion_builder_column type=”1_1″ type=”1_1″ layout=”1_1″ background_position=”left top” border_style=”solid” border_position=”all” spacing=”yes” background_repeat=”no-repeat” margin_top=”0px” margin_bottom=”0px” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” hover_type=”none” first=”true” background_blend_mode=”overlay” min_height=”” link=””][fusion_text]

Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber-attacks, scams, frauds, and malware including Ransomware and DDoS, to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:


The UK’s National Cyber Security Centre (NCSC) has disclosed details of a major cyber attack on Zellis, a payroll services provider. The attack was facilitated by exploiting a vulnerability in Progress Software’s MOVEit file transfer application, which is widely used by organisations globally. As a result, customer data, including that of prominent companies such as the BBC, Boots, and British Airways, was compromised.

If you are a customer or a business that has an account with one of these companies, then please do ensure you have the necessary cybersecurity in place to deal with any potential breaches. The companies should contact your organisation if there are any issues that you need to be aware of.

What is happening with the cyber breach?

The NCSC is collaborating with Zellis to investigate and respond to the incident. Individuals affected by the breach are advised to follow the NCSC’s guidance on protecting personal information, while organisations are directed to Progress Software’s best practice advice to address the vulnerability.

An increase in supply chain cyber attacks

The NCSC emphasises the growing prevalence of supply chain cyber attacks and offers resources on supply chain mapping, assessing cybersecurity, and managing risk. The NCSC, in alignment with law enforcement, discourages the payment of ransoms. UK organisations affected by the vulnerability are encouraged to report the incident through the government’s signposting service.

Source: https://www.ncsc.gov.uk/information/moveit-vulnerability

Father’s Day scam – Watch out for similar scams

Scammers were seen to be taking advantage of Father’s Day by impersonating Guinness and promoting a fake giveaway on WhatsApp. The scam involved sending messages advertising the chance to win one of 750 Guinness mini-fridges.

Clicking on the link takes users to a fraudulent website with fake Guinness branding, where they are prompted to take a quiz. After completing the quiz, victims are asked for payment details to cover the delivery of the mini fridge, which are then given to the scammers. The website also urges users to share the competition with their contacts, allowing the scam to spread rapidly.

This is not the first scam of this kind and nor it will be the last, as scammers try to take advantage of multiple ‘advertisement holidays and celebrations’ such as Mother’s Day, Father’s Day & Valentine’s Day.

WhatsApp scams are becoming increasingly prevalent and are a new cyber threat that employees need to be increasingly vigilant with. If you get a WhatsApp from your manager or CEO, always ring them on the number you have saved or the office number to confirm that it was them.

Combatting Whatsapp Cyber Threats

To combat WhatsApp scams, users should exercise caution with unexpected messages and report suspicious activity to the relevant authorities. There is a report and block button on any message which you may suspect is fraudulent or a scam. Please always err on the side of caution when receiving potential WhatsApp messages which you do not recognise.

Source: https://www.which.co.uk/news/article/beware-of-this-guinness-fathers-day-giveaway-scam-a7TTJ8h1aGGT

User Data stolen from Reddit – Does your business have account?

Hackers known as the BlackCat ransomware gang, or ALPHV, have threatened to release confidential data stolen from Reddit unless the company pays a ransom demand and reverses its controversial API price hikes. The hackers claim to have stolen 80 gigabytes of compressed data from Reddit during a breach in February.

Reddit confirmed the cyber incident at the time but stated that there was no evidence of stolen personal user data. The hackers, however, have now taken responsibility for the breach and are threatening to leak the stolen data. The BlackCat group has previously targeted companies like Western Digital and Ring. They demand a ransom of $4.5 million from Reddit and want the company to withdraw its API pricing changes.

Reddit’s recent API pricing plans have faced significant criticism, leading to the closure of the popular third-party app Apollo and the protest of numerous subreddits. Reddit has yet to indicate whether it intends to respond to the hackers’ demands. In 2018, Reddit experienced a significant data breach that exposed user information dating back to 2007.

Source: https://our.today/hackers-threaten-to-release-stolen-reddit-data/

Microsoft confirms that the June service outage was a cyber attack

Microsoft has confirmed that the service outages experienced in early June resulted from cyber attacks. The company stated that it observed a surge in traffic against certain services, which led to temporary availability issues. However, Microsoft has not found evidence of customer data being accessed or compromised during the attacks.

Upon detecting the threat, Microsoft initiated an investigation and started monitoring the distributed denial-of-service (DDoS) activity carried out by a threat actor called Storm-1359. The company has not disclosed any information about the identity of the responsible party.

What is a DDOS attack and will your business have been affected?

DDoS attacks involve overwhelming targeted servers with large internet traffic to disrupt their operations. Microsoft’s 365 software suite, which includes popular services like Teams and Outlook, experienced downtime for over two hours on June 5, affecting thousands of users. A brief recurrence of the outage occurred the following morning. This incident marks the fourth such outage for Microsoft in the past year.

As stated, there was no evidence of any customer data being stolen. Should your business have been affected by the outage, your business will be contacted and let you know if there are any steps you have to make. In the meantime, stay vigilant, update and regularly update your passwords.

Source: https://www.reuters.com/technology/microsoft-says-early-june-service-outages-were-cyberattacks-2023-06-18/

A rise in Crypto Currency Phishing scams

There has been a fresh warning for cryptocurrency users who have been alerted to the rise in phishing attacks within the cryptocurrency industry. Many experts in the field have provided warnings to crypto users, urging them to stay vigilant when there are multiple cyber threats.

Amongst many threats, it has been noted that scammers often impersonate exchanges or wallet providers and send bogus payment requests, asking recipients to provide login credentials and sensitive information.

The CEO of Giddy, a cryptocurrency firm, advises users to be suspicious of unsolicited messages and to exercise caution when faced with offers of free money or messages that create a sense of urgency or fear. Another expert recommends verifying the sender’s identity, checking email legitimacy, and avoiding direct link clicking. This should be the thought process for any unsolicited email with a link in it, but it is more notable with crypto.

It has been suggested that crypto scams remain popular, with complacency and the younger generation’s internet usage habits contributing to their vulnerability to phishing attacks.

It must be emphasised that all organisations, regardless of size or sector, are vulnerable to phishing attacks, and it’s crucial to understand the risks and take preventive measures.

Source: https://www.itgovernance.co.uk/blog/catches-of-the-month-phishing-scams-for-june-2023

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name