google-site-verification: googlee9447d3b266da5de.html
top of page
Search

NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

Updated: Oct 19, 2020


Weekly Threat Report - 16th October 2020

Call for caution during online shopping events

This week saw the 5th annual Amazon Prime Day sale. Software providers, Bolster, detailed the potential vulnerabilities shoppers face with fraudulent sites spoofing the Amazon brand.

Online scams are becoming harder to detect but it’s important to remain vigilant. If you are unsure about an email’s authenticity then you should forward it to report@phishing.gov.uk which helps us to continue removing malicious URLs and phishing scams.

With Black Friday (27 November) and Cyber Monday (30 November) on the horizon, use the NCSC’s guidance on how to shop securely whilst online. We also suggest taking a few minutes to review the Cyber Aware page. If the worst happens then our advice on how to recover a hacked account may help.


Passenger data compromise confirmed by Carnival

Cruise operator Carnival have confirmed that passenger data was accessed during a ransomware attack on 13 August.

The illegally accessed customer and employee data may have included names, addresses, dates of birth, contact numbers and passport numbers. Carnival’s statement can be read in full here.

Carnival have stated that they have been working as quickly as possible to notify the affected victims.

The NCSC has published guidance outlining how to mitigate against malware and ransomware attacks. There is also guidance for those concerned about the risk of phishing following a data breach such as this.


Microsoft security updates now available

Microsoft has released details of this months ‘Patch Tuesday’ including a Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-16952) and a Windows TCP IP Remote Code Execution Vulnerability (CVE-2020-16898).

It's important to keep firmware and software up-to-date, and to apply the latest security updates as soon as they become available. Our guidance on vulnerability management can help you understand the importance of this, and how to prioritise applying security updates.


Threat actors chaining vulnerabilities

CISA has reported threat actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability CVE-2020-1472 in Windows Netlogon, mentioned in our recent alert in September. The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities during a single intrusion to compromise a network or application.


The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. In this case, the most important aspect is to install the latest updates as soon as practicable.





 
 
 

Comments

bottom of page