A roundup of UK centered Cyber and Data Safety Information, Weblog Posts, Studies and common Menace Intelligence from the earlier calendar month, July 2020.
The standout hack of July 2020, and probably of the yr, was the takeover of 45 celeb Twitter accounts, in a bid to rip-off their thousands and thousands of followers by requesting Bitcoin in tweets.
The high-profile Twitter accounts compromised included Barack Obama, Elon Musk, Kanye West, Invoice Gates, Jeff Bezos, Warren Buffett, Kim Kardashian, and Joe Biden. Round £80,000 of Bitcoin was despatched to the scammer’s Bitcoin account earlier than Twitter swiftly took motion by deleting the rip-off tweets and blocking each ‘blue tick’ verified Twitter consumer from tweeting, together with me.
Whereas the Twitter hack and rip-off dominated media headlines around the globe, the assault was not the ‘extremely subtle cyber-attack’ as reported by many media retailers, nevertheless it was definitely daring and intelligent. The attackers phoned Twitter administrative workers and blagged (socially engineered) their Twitter privilege account credentials out of them, which in flip gave the attackers entry to Twitter’s backend administrative system and to any Twitter account they desired. It’s understood this Twitter account entry was bought by a hacker on the darkish internet to a scammer within the days earlier than the assault, that scammer(s) orchestrated a near-simultaneous Bitcoin rip-off tweets to be posted from the excessive profile accounts. On 31st July, legislation enforcement authorities charged three males for the assault, with one of many suspects disclosed as a 19-year British man from Bognor Regis.
There was a really severe important Home windows vulnerability disclosed as half the July 2020 Microsoft ‘Patch Tuesday’ safety replace launch. Dubbed “SIGRed”, it’s a 17-year-old Distant Code Execution (RCE) vulnerability in Home windows Area Title System (DNS), a element generally current in Microsoft Home windows Server 2008, 2012, 2012R2, 2016 and 2019. Disclosed as CVE-2020-1350 it was given the very best attainable CVSS rating of 10.0, which mainly means the vulnerability is “straightforward to assault” and “more likely to be exploited”, though Microsoft stated they hadn’t seen any proof of its exploitation on the time of their patch launch.
Given SIGRed is a wormable vulnerability, it makes it significantly harmful, as wormable malware might exploit the vulnerability to quickly unfold itself over flat networks with none consumer interplay, as per the WannaCry assault on the NHS and different massive organisations. Secondly, it could possibly be used to use privilege degree accounts (i.e. admin accounts discovered on Servers). The Microsoft CVE-2020-1350 vulnerability might be mitigated on effected methods by both making use of the Microsoft Home windows DNS Server Microsoft launched patch (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350 or by making use of a Registry Workaround (https://assist.microsoft.com/en-us/assist/4569509/windows-dns-server-remote-code-execution-vulnerability)
As anticipated, the UK Authorities ordered UK cellular community operators to take away all Huawei 5G gear by 2027, and banning their buy of Huawei 5G community gear after 31st December 2020. Digital Secretary Oliver Dowden stated it follows sanctions imposed by the USA, which claims the Chinese language agency poses a nationwide safety menace, which Huawei continues to resolutely deny. The ban is anticipated to delay the UK’s 5G rollout by a yr. “This has not been a simple resolution, however it’s the proper one for the UK telecoms networks, for our nationwide safety and our economic system, each now and certainly in the long term,” he stated.
In some media quarters, it was steered the UK u-turn on Huawei might result in cyberattack repercussions after Reuter’s stated its sources confirmed China was behind cyberattacks on Australia’s important nationwide infrastructure and authorities establishments following their commerce dispute with China.
Russian Hacking Group (APT 29) was collectively accused of focusing on the theft of coronavirus vaccine analysis by the UK NCSC, the Canadian Communication Safety Institution (CSE), United States Division for Homeland Safety (DHS), Cyber-security Infrastructure Safety Company (CISA) and the US Nationwide Safety Company (NSA). The UK’s Nationwide Cyber Safety Centre (NCSC) stated the hackers “nearly definitely” operated as “a part of Russian intelligence providers”. It didn’t specify which analysis organisations had been focused, or whether or not any coronavirus vaccine analysis knowledge was taken, nevertheless it did say vaccine analysis was not hindered by the hackers. Russia’s ambassador to the UK has rejected allegations, “I don’t imagine on this story in any respect, there isn’t a sense in it,” Andrei Kelin advised the BBC’s Andrew Marr Present. Whereas Overseas Secretary Dominic Raab stated it’s “very clear Russia did this“, including that it is very important name out this “pariah-type behaviour“.
Yet one more massive knowledge publicity brought on by a misconfigured AWS S3 bucket was discovered by safety researchers, a million recordsdata of Health Model ‘V Shred’ was found uncovered to the world, together with the non-public knowledge of 99,000 V Shred prospects. Apparently V Shred defended the researcher findings by claiming it was vital for consumer recordsdata to be publicly obtainable and denied that any PII knowledge had been uncovered.
VULNERABILITIES AND SECURITY UPDATES
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
*** It is a Safety Bloggers Community syndicated weblog from IT Safety Skilled Weblog authored by SecurityExpert. Learn the unique put up at: http://feedproxy.google.com/~r/securityexpert/~3/vHgdInWaxc8/cyber-security-roundup-for-august-2020.html