Neu Cyber Threats – 23rd June 2022


Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

.fusion-body .fusion-builder-column-0{width:100% !important;margin-top : 25px;margin-bottom : 0px;}.fusion-builder-column-0 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 1.92%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 1.92%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-0{width:100% !important;}.fusion-builder-column-0 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-0{width:100% !important;}.fusion-builder-column-0 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

.fusion-body .fusion-flex-container.fusion-builder-row-1{ padding-top : 0px;margin-top : 0px;padding-right : 30px;padding-bottom : 0px;margin-bottom : 0px;padding-left : 30px;}

Android 10 Security updates will be stopping in September

.fusion-body .fusion-builder-column-1{width:50% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-1 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 3.84%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 3.84%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-1{width:50% !important;order : 0;}.fusion-builder-column-1 > .fusion-column-wrapper {margin-right : 3.84%;margin-left : 3.84%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-1{width:100% !important;order : 0;}.fusion-builder-column-1 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

Neu Cyber Threats

.fusion-body .fusion-builder-column-2{width:50% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-2 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 3.84%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 3.84%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-2{width:50% !important;order : 0;}.fusion-builder-column-2 > .fusion-column-wrapper {margin-right : 3.84%;margin-left : 3.84%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-2{width:100% !important;order : 0;}.fusion-builder-column-2 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

Android 10 is set to end security support by the end of this year. It is important to know if your phone is using Android 10 and if you have the capability to upgrade to a newer version of Android. This can easily be checked by navigating to your settings and finding the software information. Within these settings, you should see an Android version. An update is needed if your version is saying ‘Android version 10’. To see if your phone is eligible for the upgrade to Android 11 or 12, you will need to see if the update is within software updates. This can be performed by looking in the software update section of your settings for your phone.

What do you risk if you don’t upgrade your Android?

If you do not upgrade to a supported Android version, you will no longer receive security updates for this software once the support for Android runs out. This means any vulnerabilities discovered will not be patched. Your phone becomes a permanent weakness for all your stored data.

.fusion-body .fusion-builder-column-3{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-3 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 1.92%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 1.92%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-3{width:100% !important;order : 0;}.fusion-builder-column-3 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-3{width:100% !important;order : 0;}.fusion-builder-column-3 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

.fusion-body .fusion-flex-container.fusion-builder-row-2{ padding-top : 0px;margin-top : 0px;padding-right : 30px;padding-bottom : 0px;margin-bottom : 0px;padding-left : 30px;}

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

.fusion-body .fusion-builder-column-4{width:50% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-4 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 3.84%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 3.84%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-4{width:50% !important;order : 0;}.fusion-builder-column-4 > .fusion-column-wrapper {margin-right : 3.84%;margin-left : 3.84%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-4{width:100% !important;order : 0;}.fusion-builder-column-4 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

Neu Cyber Threats

.fusion-body .fusion-builder-column-5{width:50% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-5 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 3.84%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 3.84%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-5{width:50% !important;order : 0;}.fusion-builder-column-5 > .fusion-column-wrapper {margin-right : 3.84%;margin-left : 3.84%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-5{width:100% !important;order : 0;}.fusion-builder-column-5 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos’ firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack.

The zero-day flaw in question is tracked as CVE-2022-1040 (CVSS score: 9.8), and concerns an authentication bypass vulnerability that can be weaponized to execute arbitrary code remotely. It affects Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier.

A patch was created for this, so if you use a Sophos Firewall, it is important to ensure the latest versions of security updates are installed.

.fusion-body .fusion-builder-column-6{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-6 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 1.92%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 1.92%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-6{width:100% !important;order : 0;}.fusion-builder-column-6 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-6{width:100% !important;order : 0;}.fusion-builder-column-6 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

.fusion-body .fusion-flex-container.fusion-builder-row-3{ padding-top : 34px;margin-top : 0px;padding-right : 30px;padding-bottom : 0px;margin-bottom : 0px;padding-left : 30px;}

Neu Cyber Threats

.fusion-body .fusion-builder-column-7{width:50% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-7 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 3.84%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 3.84%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-7{width:50% !important;order : 0;}.fusion-builder-column-7 > .fusion-column-wrapper {margin-right : 3.84%;margin-left : 3.84%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-7{width:100% !important;order : 0;}.fusion-builder-column-7 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

Mitigating malware and ransomware attacks

.fusion-body .fusion-builder-column-8{width:50% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-8 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 3.84%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 3.84%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-8{width:50% !important;order : 0;}.fusion-builder-column-8 > .fusion-column-wrapper {margin-right : 3.84%;margin-left : 3.84%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-8{width:100% !important;order : 0;}.fusion-builder-column-8 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or its data might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network, such as the WannaCry malware that impacted the NHS in May 2017.

A few action points you can take to protect your organisation from ransomware better and mitigate the damage as much as possible are:

  • Action 1: Make regular backups
  • Action 2: Prevent malware from being delivered and spreading to the device
  • Action 3: Prevent malware from running on devices
  • Action 4: Prepare for an incident

More advice can be found here: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks

.fusion-body .fusion-builder-column-9{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-9 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 1.92%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 1.92%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-9{width:100% !important;order : 0;}.fusion-builder-column-9 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-9{width:100% !important;order : 0;}.fusion-builder-column-9 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

.fusion-body .fusion-flex-container.fusion-builder-row-4{ padding-top : 39px;margin-top : 0px;padding-right : 30px;padding-bottom : 0px;margin-bottom : 0px;padding-left : 30px;}

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.

.fusion-body .fusion-builder-column-10{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-10 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px !important;margin-right : 1.92%;padding-bottom : 0px !important;padding-left : 0px !important;margin-left : 1.92%;}@media only screen and (max-width:1024px) {.fusion-body .fusion-builder-column-10{width:100% !important;order : 0;}.fusion-builder-column-10 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}@media only screen and (max-width:640px) {.fusion-body .fusion-builder-column-10{width:100% !important;order : 0;}.fusion-builder-column-10 > .fusion-column-wrapper {margin-right : 1.92%;margin-left : 1.92%;}}

.fusion-body .fusion-flex-container.fusion-builder-row-5{ padding-top : 0px;margin-top : 0px;padding-right : 30px;padding-bottom : 0px;margin-bottom : 0px;padding-left : 30px;}

The post Neu Cyber Threats – 23rd June 2022 appeared first on Neuways.


Source link

Leave a Reply

Your email address will not be published.

56  ⁄    =  eight