Ripple20 Vulnerabilities
Millions of internet of things (IoT) devices are affected by dozens of vulnerabilities. Cyber-security experts exposed a total of 19 vulnerabilities (4 of them considered critical) in a small library widely used and integrated into innumerous products over the last 20 years. These vulnerabilities affect both enterprise and consumer-grade products, from printers to insulin pumps.
Source: ZD Net
How do you protect yourself?
Treck has issued a patch for use by OEMs in the latest Treck stack version (6.0.1.67 or higher).
Linkedin ‘Job Offers’ Malware
A recent malware campaign targeting aerospace and military firms has been discovered. Victims in Europe and the Midle East received Linkedin spear-phishing messages, supposedly from Collins Aerospace and General Dynamics, with a job offer. Besides the offer being fake, the message also included malicious documents that eliminate data from the device.
Source: Threat Post
How do you protect yourself?
Users should be cautious whenever opening files from an email. Services like Secure IT – Mail help scan the files within emails to detect if they are legitimate or not. If they are not legitimate, these tools will block users from even visiting the malicious website.
Qbot Malware
Customers of U.S. banks and financial institution are the target of an ongoing campaign using “Qbot malware”, a banking Trojan active since 2008. Trough Qbot payloads, attackers are able to steal financial data from these clients, and spread malware on compromised devices. According to specialists, “Qbot malware” is being used with updated worm features.
Source: CISOMAG
How do you protect yourself?
Cybersecurity awareness training is highly recommended to defend against evolving malware threats. Secure IT – User Defence is a suite of security services specifically tailored to empower employees to become the first line of defence against cyber attacks.