Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

Android 10 Security updates will be stopping in September

Android 10 is set to end security support by the end of this year. It is important to know if your phone is using Android 10 and if you have the capability to upgrade to a newer version of Android. This can easily be checked by navigating to your settings and finding the software information. Within these settings, you should see an Android version. An update is needed if your version is saying ‘Android version 10’. To see if your phone is eligible for the upgrade to Android 11 or 12, you will need to see if the update is within software updates. This can be performed by looking in the software update section of your settings for your phone.

What do you risk if you don’t upgrade your Android?

If you do not upgrade to a supported Android version, you will no longer receive security updates for this software once the support for Android runs out. This means any vulnerabilities discovered will not be patched. Your phone becomes a permanent weakness for all your stored data.

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos’ firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack.

The zero-day flaw in question is tracked as CVE-2022-1040 (CVSS score: 9.8), and concerns an authentication bypass vulnerability that can be weaponized to execute arbitrary code remotely. It affects Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier.

A patch was created for this, so if you use a Sophos Firewall, it is important to ensure the latest versions of security updates are installed.

Mitigating malware and ransomware attacks

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or its data might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network, such as the WannaCry malware that impacted the NHS in May 2017.

A few action points you can take to protect your organisation from ransomware better and mitigate the damage as much as possible are:

  • Action 1: Make regular backups
  • Action 2: Prevent malware from being delivered and spreading to the device
  • Action 3: Prevent malware from running on devices
  • Action 4: Prepare for an incident

More advice can be found here: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.