Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which, we here at Neuways, bring attention to the latest cybersecurity threats in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

Neu Cyber Threats

29 Hours From Initial Email to Full Compromise

The Ryuk ransomware strain has plagued businesses since 2018, and recently it has been revealed that it can take down a system in just 29 HOURS. This is from the initial phishing email to complete system takedown.

Upon opening the first email, malicious software is installed that covertly carries out reconnaissance, with data being exfiltrated to remote servers. Attackers then start making lateral movements, fully taking over, before handing their victims a ransom demand to retrieve control of their systems.

This is a dangerous phishing attack with a potentially lethal ransomware in it. To avoid falling victim to it, makes sure all of your staff are aware of the dangers to look out for when using email communications. You can direct them to our free Phishing Awareness page to help them spot a phishing email or we can arrange some bespoke, in-depth phishing awareness training. Call us on 01283 753333 to arrange.

Microsoft Teams Phishing Attack Targets Office 365 Users

Neu Cyber Threats

Thousands of Microsoft Teams users are being targeted by a new phishing campaign. An automated message that claims to be from Teams, instead steals the recipient’s Office 365 login details upon opening it.

Users receive a ‘missed chat’ notification, which urges them to click through to a link, opening up their system to cyber criminals. This is a particularly large problem at the moment, as the number of monthly Teams users has more than doubled between 2019 and 2020, from 32 million to 75 million.

Teams has been a critical tool for businesses who have more staff remote working than ever before. The communication methods it offers have been important in linking colleagues together through video and audio calls, as well as its text messaging.

To avoid any issues within your business, we would recommend notifying your colleagues of this scam as soon as possible.

Neu Cyber Threats

Attacks on WAFs Triple in Size as Ransom Demands Re-Emerge

Distributed denial-of-service (DDoS) attacks send a wave of sustained internet traffic to a system, sometimes as high as 200Gbps. This renders the system unusable, creating periods of downtime which can cost a business hundreds of thousands of pounds in lost revenue. Hackers then issue victims with a ransom, to compound the issue.

Ransom demands, combined with DDoS attacks, have seen a huge rise, tripling in the last quarter of 2020.

Microsoft is the Most-Imitated Brand for Phishing Emails

Neu Cyber Threats

Phishing email threats have continued to bombard businesses. The most common being those containing Microsoft branding which instantly lull the recipient into a false sense of security. With many companies utilising Microsoft’s 365 suite and apps such as Teams to facilitate remote working, these are a huge opportunity for the cyber criminals.

Poorly rendered company logos and bad grammar are often giveaways that it is a fake phishing email. The email addresses impersonating the company are also a strong indicator that there is something amiss with these communications.

If you receive an email with any of the above, do not open it! If you do, you may be giving the keys to your business’ systems over to cyber criminals.

Neu Cyber Threats

Another Office 365 OAuth Attack Targets Coinbase Users

If you’ve ever signed into a website using your Facebook or LinkedIn account, you’ll be aware of having to authorise access before successfully signing in.

The latest attempt to trick users into giving away their account login details is through consent-app attacks. Victims are asked to authorise access via a legitimate looking Microsoft 365 app request, which upon doing so allows hackers to open their emails.

Microsoft 365 users should remember to only grant access to valid app publishers, such as Outlook for mobile devices.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.