Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

Newcastle-based Transport Company Suffers Cyber Attack

Go-Ahead, one of the United Kingdom’s largest bus companies, has released that it detected “unauthorised activity” on its network on Monday. Go-Ahead also jointly runs train operator Govia Thameslink Railway with Keolis, but this was unaffected as a result of running on a different system.

The company announced it was dealing with a “cyber security incident” after detecting the unwanted activity on its network. However, a Go-Ahead spokesperson did confirm that there was “no indication that any customer data has been compromised”. The company has taken precautionary measures with its IT infrastructure in response to the incident and continues to investigate the issue.

After a cyber attack in 2018, British Airways was fined £20 million for failing to identify security weaknesses and protect their customers’ personal and financial details. The precise impact of the Go-Ahead incident is currently unknown, but the UK and international rail services are operating normally, and Go-Ahead has notified the Information Commissioner’s Office “as a precaution”.

Regular staff awareness training, patch management and email filtering are various ways that your business can protect itself against cyber threats.

Neu Cyber Threats

Google Release Urgent Patch for New Zero-Day Vulnerability in Chrome

A vulnerability in the Chrome web browser was being exploited in the wild, which forced Google to issue emergency fixes to address the security concern.

The patch concerned applies to this recently discovered zero-day vulnerability:

CVE-2022-3075 – This regards insufficient data validation in Mojo, which concerns a series of runtime libraries that provide specific design attributes and philosophies for inter-process communication. Google announced it was aware of the flaw after an anonymous researcher was credited with reporting it a few days earlier.

 

This update is the sixth zero-day vulnerability in Chrome that Google has resolved since the start of 2022 –

· CVE-2022-0609 – Use-after-free in Animation

· CVE-2022-1096 – Type confusion in V8

· CVE-2022-1364 – Type confusion in V8

· CVE-2022-2294 – Heap buffer overflow in WebRTC

· CVE-2022-2856 – Insufficient validation of untrusted input in Intents

It is recommended that Windows, macOS and Linux users update to version 105.0.5195.102 to mitigate against any potential threats. To maintain and improve the security of your devices and networks, users must keep up to date with the latest patches and updates available.

Notorious Hacker Group REvil Claim To Hit a Fortune 500 Company

400GB of data that includes firmware source code and financial data is claimed to have been stolen. The alleged victim is Midea Group, a major Chinese electrical appliance manufacturer with a workforce of over 150,000 and estimated annual revenue of approximately $49billion (approximately £42billion). Midea Group also claims to be ranked 245 on the Global Fortune 500 list.

REvil is notorious for extortion attacks against meat supplier JBS and software company Kaseya that raised serious questions regarding the security of critical infrastructure. The hacking cartel claims to have recently become active again. Screenshots were released of the apparently stolen data, with one screenshot showing a folder that appeared to contain 373 GBs worth of information.

On a leak site, REvil posted: “We have all data from the PLM system (blueprints, source of firmware, etc.), and also, we have financial information which we are ready to sell. A lot of source code, git and svn which will be published [sic] soon,”

Cyber security researchers have noted that it is unclear whether the group is actually back as cyber criminals often rebrand their modes of attack.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.