Archived news and threats - 2014

9 December 2014 | Microsoft security bulletin for December 2014

Microsoft has released updates to address vulnerabilities in Microsoft Exchange, Windows, Internet Explorer and Office. Some of these vulnerabilities could allow elevation of privilege, remote code execution or disclosure of information. It is always recommended that you regularly ensure your Microsoft updates are downloaded and installed. Further information on this link.

5 December 2014 | Security update for Safari | Apple

Apple has released security updates for Safari to address multiple vulnerabilities. These vulnerabilities may cause denial of service or execute arbitrary code on an affected system. Further information on Apple updates.

2 December 2014 | Security updates for Firefox and Thunderbird | Mozilla

The Mozilla Foundation has today released security updates to address multiple vulnerabilities in Firefox and Thunderbird. This may cause sensitive information to be accessed, denial of service or exploit a buffer overflow. For further information review this link to Mozilla.

11 November 2014 | Microsoft security bulletin for November 2014

Microsoft has a major patch update today on windows update. Patches will address vulnerabilities in Windows, Office, Exchange, .NET Framework, SharePoint and Internet Explorer. Some of these vulnerabilities could allow remote code execution, elevation of privilege or denial of service. For full details please review link to Microsoft here.

9 November 2014 | UK Weather: Flood warnings issued | UK Met Office

The Met Office is forecasting the UK to expect a month-long conveyor belt of storms as December approaches, with the Environmental Agency predicting flash floods in south-east England after 20 mm of rain fell in just six hours overnight. The vast variations of weather patterns that we are now seeing is a good reason to check that you have tried and tested business continuity management in place, particularly if your building is in low lying areas or next to a river.
Source: The Independant on Sunday.

1 November 2014 | Incident response - a common failing | Computer Weekly

Many investigators called in after a company has been hit by a cyber attack have reported that in many instances there was no effective incident response plan. But why are so many failing to prepare for the inevitable? Most companies either do not have the time to create one or think that they are invulnerable. Preparing for these incidents should be part of your business continuity plan, particularly as you are required to protect your customers data. The article from Computer Weekly can be found here. If you would like assistance with any of these issues please call or email us.

25 October 2014 | IT system failure hit passenger baggage processing at Heathrow

Airline baggage processing at London's Heathrow airport suffered a IT glitch today that affected baggage handling at all of their terminals. No doubt it was quickly resolved - but this shows how important the need to have a full business continuity and disaster recovery plan in place. Credit for the story "The Independent" click here for more.

25 October 2014 | Spoof emails - a reminder | Camtek CSI

Just a timely reminder that there are many spoof emails circulating, that do not originate from where they say they do. For example an email from Amazon.co.uk regarding "Account Confirmation" has a button link "to confirm" which goes to an address in Romania. If in doubt do not comply with an email but log on to the original account site or email the company. You can quite often get an idea by 'mousing over' the link without actually clicking on it. There are similiar emails going round pretending to be from BT and other major companies. Amazon emails can be forwarded on to stop-spoofing@amazon.com if you wish to do so.

23 October 2014 | Crypto Ransomware | US-CERT (Microsoft Windows)

Ransomeware is a type of malicious malware that infects a computer and restricts access to it until a ransom is paid to unlock it - the files are automatically encrypted and you have to pay for the key (which may not work). This is spread typically through phishing emails that contain malicious attachments and drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and malware is downloaded and installed without their knowledge. Crypto ransomeware, a variant that encrypts files, is typically spread through similiar methods, and has been spread through web-based instant messaging applications. Typically a user will see messages such as -
                    •  "Your computer has been infected with a virus. Click here to resolve the issue."
                    •  "Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a
                         fine of $100.
                    •  "All files on your computer have been encrypted. You must pay a ransom within 72 hours to regain access
                        to your data."
This is still very prevalent and you should beware of opening unsolicited and strange messages, particularly comming from an unusual source. This affects Windows users worldwide, but is particularly prevalent in the UK.  For further reading please follow this link. If this happens to you, the best advice is to immediately disconnect your computer from the internet and seek help from a professional.
                      

20 October 2014 | Apple updates for iOS and Apple TV

Apple has released security updates for iOS devices and Apple TV to address multiple vulnerabilities, one of which could allow an attacker to decrypt data protected by SSL. Please use these links to Apple to review iOS or Apple TV.

15 October 2014 | Mozilla Firefox and Thunderbird updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, bypass same-origin policy and key pinning, cause an exploitable crash, conduct a man-in-the-middle attack,or execute arbitrary code. The following updates are available.
Firefox 33 | Firefox ESR 31.2 | Thunderbird 31.2.
For further information go to Mozilla
on this link.
Source: US-CERT NCCIC.

14 October 2014 | Microsoft security bulletin summary for October 2014

The Microsoft bulletin for October details latest updates including those to correct vulnerabilities in Internet Explorer (2987107), .NET Framework (3000414), remote code execution in Kernel-mode Driver (3000061), Microsoft Word remote code execution (3000434) and others.

7 October 2014 | Google updates for Chrome and Chrome OS

Google have released security updates to address multiple vulnerabilities in Chrome and Chrome OS, some of which could potentially allow an attacker to take control of the affected system or cause a denial of service condition. Users and administrators are encouraged to update their systems.

9 September 2014 | Microsoft Security Bulletin Summary for September 2014

The September summary details vulnerabilities in:
•  Internet Explorer  (User rights exploit)   •  .NET Framework (Denial of Service)   •  Windows Task Scheduler and Lync Server

29 August 2014 | Home Office

The Home Secretary, Theresa May, has announced that the Joint Terrorism Analysis Centre (JTAC) has changed the threat level for international terrorism from substantial to severe. This means a terrorist attack is highly likely, although there is no intelligence to suggest that one is imminent. Camtek CSI would recommend that all inner city companies review and update their business resilience proceedures. 

10 August 2014 | Unusual invoices being sent by email

A number of differing emails are circulating alledging to be unpaid invoices. They come in the form of attachments, attached folders or attached zipped folders. The sending source may look correct or may look incorrect, in any event these are likely to be fraudulent attempts to infect your computer. Some of these attachments attempt to download crypto-locker malware. This is a ransomeware trojan which may attempt to encrypt some of your computer files. For more infomation regarding invoice scams please go to the UK Police Action Fraud website.