Cybersafe | Cyber Threats | 28th March – Technologist

Welcome to the latest edition of the Cybersafe Cyber Threats Update, from the 28th March 2024. This is a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online. Being aware of these cyber threats helps UK companies to gain cyber essentials certifications and keeps employees on alert for potential danger. If you need help with Cyber Security, contact Neuways to become Cybersafe.

Here are the most prominent cyber threats to businesses which you should be aware of:

Publishing Platforms being used to dupe employees into clicking links in new spate of Phishing Attacks

Hackers exploit digital document publishing (DDP) platforms like FlipSnack and Issuu to launch phishing attacks, steal credentials, and hijack session tokens. These platforms offer an interactive flipbook format and enjoy a favourable domain reputation, making them attractive targets for threat actors and cyber criminals.

By creating multiple accounts on free tiers or trial periods, hackers host malicious documents on DDP platforms, leveraging features like automatic content expiration and anti-extraction mechanisms to evade detection. In these attacks, DDP sites serve as intermediaries, redirecting users to fake login pages resembling Microsoft 365 and bypassing traditional email and web content filtering controls.

Businesses need to improve their cyber security to combat these phishing attacks

Exploiting digital document publishing platforms for phishing underscores the importance of maintaining vigilance and robust cyber security measures. As hackers adapt and exploit new avenues for cyber attacks, businesses and individuals must stay alert to emerging threats. By monitoring suspicious activity, implementing adequate security protocols, and regularly updating defences, organisations can mitigate the risk of phishing attacks and safeguard sensitive information from unauthorised access.

Additionally, educating users about the dangers of phishing and providing training on identifying and reporting suspicious emails can further enhance cyber security posture. In an increasingly interconnected digital landscape, proactive measures and vigilance are essential for protecting against evolving cyber threats.

Contact Neuways to see how we can help provide your employees with Phishing Awareness Training and better improve your cyber security.

Malware Detected in Organisation used by Companies all over the world

A new malware campaign has been uncovered by cyber security researchers, utilising Google Sites pages and HTML smuggling to distribute AZORult malware, with the aim of stealing sensitive information. This phishing campaign, widespread and attributed to no specific threat actor, is designed to gather valuable data for underground forums. AZORult, a well-known method used by cyber criminals is typically distributed through various channels such as phishing emails, trojanised software, and malvertising. However, this recent attack tactic involves counterfeit Google Docs pages on Google Sites, leveraging HTML smuggling to deliver the payload stealthily.

To enhance legitimacy and bypass URL scanners, the attackers have added a CAPTCHA barrier. Upon download, a Windows shortcut file poses as a PDF bank statement, triggering a series of actions to deploy the AZORult loader and malware. This campaign effectively evades traditional cyber security measures by utilising legitimate domains like Google Sites to deceive victims.

Furthermore, threat actors have employed AutoSmuggle to spread Agent Tesla and XWorm through malicious SVG files, as well as LokiBot via shortcut files within archives, targeting users with AutoIt-based malware.

CFO’s How important is it to become Cybersafe?

Again, what this emphasises is just how important it is to be aware of these Cyber threats, By implementing the right training and frameworks into your business, Neuways can assist your business to become Cybersafe. If your employees are vigilant and aware of the signs of a phishing attack or other cyber attacks, then your data is less likely to be compromised.

Don’t leave a data breach to chance, the financial implications could be a disaster for your business. Become Cybersafe today.

The Importance of Managed Cyber Security within your business

This malware campaign highlights the critical importance of implementing managed cyber security measures within businesses. With cyber threats constantly evolving and becoming more sophisticated, relying solely on traditional security measures may not be sufficient to protect sensitive data and systems. Managed cyber security services like the ones from Neuways offer proactive monitoring, threat detection, and response capabilities, ensuring that businesses stay one step ahead of emerging threats.

By partnering with managed cyber security providers, businesses can benefit from continuous monitoring of their IT infrastructure, timely threat intelligence updates, and expert analysis of potential security vulnerabilities. Additionally, managed cyber security services can help businesses develop and implement robust security policies, conduct regular security assessments and audits, and provide employee training to enhance cyber security awareness.

Chinese hackers responsible for two ‘malicious’ cyber campaigns against UK

Chinese state-affiliated hackers launched two significant cyber campaigns targeting UK parliamentarians and democratic institutions, as disclosed by Oliver Dowden, the deputy prime minister. The National Cyber Security Centre (NCSC) identified one group responsible for breaching the UK Electoral Commission’s IT systems from 2021 to 2023. Another group, APT31, conducted surveillance activities against UK parliamentarians in 2021. The gravity of these attacks was highlighted, emphasising a pattern of hostile behaviour originating from China, posing threats to democratic institutions not only in the UK but internationally.

The UK government announced sanctions against two individuals and a company linked to APT31 to address these breaches. At the same time, the US Department of Justice charged seven Chinese nationals associated with the same group. He reiterated the government’s commitment to holding China accountable for its actions, signalling a firm stance against threats to national security.

Furthermore, it was revealed that Chinese hackers likely orchestrated a cyber attack on the Electoral Commission in 2021, compromising sensitive voter information. Despite these attempts, officials reassured the public that UK election security remained intact without impacting voter registration or democratic processes.

In response to growing concerns, the UK government has implemented legislation to counter foreign interference, limiting Chinese involvement in sectors deemed critical to national cyber security. Prime Minister Rishi Sunak characterised China as an “epoch-defining challenge,” reflecting the seriousness with which the UK views the situation.

Despite the cyber threats, officials expressed confidence in the resilience of UK election systems, reassuring the public that upcoming elections, both local and national, are secure from foreign influence. John Pullinger, chair of the Electoral Commission, affirmed that while the cyber attack did occur, it did not compromise the integrity of UK elections or the democratic process.

What this story highlights is how easy it is for cyber criminals to orchestate a cyber attack on large organisations, The size of your business does not matter, and neither does the industry you operate in. Data is data in the eyes of cyber criminals and you may just be a tiny domino in a much larger effect. It is important to ensure that you become Cybersafe.

Contact Neuways to become Cybersafe

If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today. We’re based in Derby but we work with clients all over the UK and can travel for your needs.