Considering many of the Microsoft Exchange vulnerabilities were disclosed many months ago, it is surprising to see such a huge percentage still vulnerable. The move from on-premises to cloud is slowly taking place, but Integrity360 have found that most organisations that get breached due to a vulnerable Exchange server is because they are in the process of migrating. Whilst migrating, we have found that they take their “foot off the pedal” when it comes to keeping their servers patched because in their mind they are getting rid of them soon anyway.
The side-channel vulnerability (where indirect effects of the system or hardware is monitored and then targeted) was discovered in Apple’s M-series processors and the researchers claim that they can use it to steal encryption keys from Mac devices. Similar to the historical and infamous Spectre/Meltdown vulnerability that affected a huge amount of different CPU models, this vulnerability relies on the preloading of data (called branch prediction) in order to work. In order to patch this would require the redesign of the CPU which is unlikely.
It allows unauthenticated attackers with no permissions to read the first few lines of any file they wish on the underlying operating system. This means that potentially sensitive data could be read. The vulnerability arises from an un-sanitised argument being interpreted by the Jenkins service. Jenkins is a major piece of DevOps infrastructure around the world and is used by many organisations meaning that a large number might get breached.
The parent company of the street newspaper company has reportedly suffered a ransomware attack from the Qilin ransomware gang. They claim to have stolen 550GB of company data. In the initial data leak by Qilin, sensitive data such as the CEO’s driving licence and salary information have been released. It is an unforatunate event for any company to be ransomware’d, but especially so for one that typically employs homeless/vulnerable people to give them a chance to earn money and reintegrate into society.
If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager, or alternatively Get in touch to find out how you can protect your organisation.
The Threat Intel Roundup was prepared by Integrity360 summarising threat news as we observe it, current at the date of publishing. It should not be considered to be legal, consulting or any other professional advice. Any recommendations should be considered in the context of your own organisation. Integrity360 does not take any political stance in the information that we share. Moreover, the opinions expressed may not necessarily be the views of Integrity360.
If you are worried about any of the threats outlined in this roundup or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager or fill in the form for a complimentary no-commitment consultation.
If you’d like more detailed threat intelligence news, Integrity360 offers this as part of our security monitoring managed services.
We also offer a tailored threat intelligence monitoring service for your organisation that actively monitors for threat actors and campaigns of direct relevance to your organisation, brand damage, copycat & spoofed domains, credential leakage and dark web monitoring.
Integrity360's flagship conference Security First comes to Stockholm in 2023!
Join leading cybersecurity experts from across the community as we explore the latest threats and industry trends, and learn practical strategies to safeguard your organisation.