Cyber Round Up - 6 Cybersecurity Threats and How to Mitigate Them

As a business owner, you're probably aware of the increasing importance of cybersecurity in today's digital landscape. With cyber attacks becoming more sophisticated and frequent, it's crucial to stay informed about the latest threats and vulnerabilities that could affect your organization.

That's why we're proud to be members of the CompTIA Information Sharing and Analysis Organization (ISAO), which provides us with access to real-time threat intelligence and alerts. This allows us to stay up-to-date with the latest cybersecurity risks and take proactive steps to protect our clients' systems and data.

In this article, we've put together a summary of some of the recent actionable alerts from the past month and a half along with advice to reduce your risk.

Contents:

• Trend Micro report: Increased Emotet activity and how to protect your business
• 3CX Desktop Application Supply Chain Attack - What it is and what you can do to stay safe
• Apple Fixes Recently Disclosed Webkit Zero-Day on Older iPhones - Why you need to update your iPhone
• WordPress Force Patching WooCommerce Plugin With 500K Installs - How to protect your online store
• Exploit Released for Veeam Bug Allowing Cleartext Credential Theft - What you need to do to stay protected
• PoC Exploits Released for Netgear Orbi Router Vulnerabilities - How to secure your home network

To stay up-to-date with the latest cybersecurity risks, we recommend subscribing to our email newsletter. This will ensure that you receive timely alerts and advice on how to protect your organization from the latest threats. Subscribe here

Now, let's dive into the recent actionable alerts and what you can do to mitigate these risks.

Trend Micro report: Increased Emotet activity and how to protect your business

Emotet is a highly sophisticated malware that can infiltrate your computer systems and steal sensitive information. According to a recent report by cybersecurity firm Trend Micro, there has been a significant increase in Emotet activity in the past few months.

To protect your business from Emotet, you should:

• Educate your employees on how to identify and avoid phishing emails, which are the primary delivery method for Emotet.
• Use antivirus software and keep it up to date.
• Regularly back up your data to minimize the impact of a potential attack.

3CX Desktop Application Supply Chain Attack - What it is and what you can do to stay safe

A supply chain attack is when attackers target a third-party vendor that a company uses to gain access to the company's systems or to mass target users of that vendor. This is difficult to protect against because it exploits the trust that businesses have in their vendors. The recent attack on the 3CX desktop application is an example of a supply chain attack where a legitimate update for the 3CX desktop app included a malicious payload.

To protect your business from supply chain attacks, you should:

• Monitoring for suspicious behavior, implementing application whitelisting with ring fencing
• Using threat intelligence to stay informed about potential threats
• While updating software is important, it's important to remember that updates can sometimes be the cause of a spread of a supply chain attack, this is where the above two mitigations are important.

Apple Fixes Recently Disclosed Webkit Zero-Day on Older iPhones - Why you need to update your iPhone

If you own an older iPhone or iPad, it’s important to update your device as soon as possible. Apple recently published security updates to address a zero-day bug related to a WebKit type confusion bug. This bug could enable attackers to trigger OS crashes and gain code execution on compromised iOS and iPadOS devices after tricking victims into opening malicious web pages.

To protect your iPhone or iPad, you should:

• Update your device to the latest version of iOS or iPadOS.
• Be cautious when opening links or downloading files from untrusted sources.
• Regularly back up your data to minimize the impact of a potential attack.

WordPress Force Patching WooCommerce Plugin With 500K Installs - How to protect your online store

If you run an online store using WordPress and the WooCommerce plugin, it’s important to apply the latest security updates. A critical vulnerability (CVSS 9.8) was discovered in the plugin that could allow unauthenticated attackers to gain admin access to vulnerable stores.

To protect your online store, you should:

• Update the WooCommerce plugin to the latest version.
• Check your store for newly added admin users and suspicious posts.
• Rotate API keys, public/private keys for payment gateways.

Exploit Released for Veeam Bug Allowing Cleartext Credential Theft - What you need to do to stay protected

Veeam Backup & Replication software, used by over 450,000 customers worldwide, was recently found to have a critical vulnerability that allows unauthenticated attackers to breach backup infrastructure after stealing cleartext credentials and gaining remote code execution as SYSTEM. A proof-of-concept exploit has been released for this vulnerability.

To protect your Veeam software, you should:

• Update your software to the latest version.
• Check for newly added admin users and suspicious activity.
• Use local access, valid login credentials, or the admin console to limit the potential for exploitation.

PoC Exploits Released for Netgear Orbi Router Vulnerabilities - How to secure your home network

Netgear Orbi routers have several vulnerabilities that could allow attackers to gain remote access and execute arbitrary commands. Proof-of-concept exploits have been released for some of these vulnerabilities.

To secure your home network, you should:

• Update your router firmware

In conclusion, cybersecurity threats are constantly evolving, and staying informed is key to protecting your business and personal information. As a member of the CompTIA ISAO, we are committed to providing our clients with timely and actionable threat intelligence. By subscribing to our email newsletter, you can receive the latest updates and recommendations on how to stay safe in the ever-changing threat landscape. Subscribe here

Remember to always keep your software and devices up-to-date, use strong and unique passwords, and enable multi-factor authentication wherever possible. By implementing these best practices and staying informed, you can reduce the risk of falling victim to a cyberattack.