Weekly Threat Report - 27th September 2019
Emergency patch issued for Internet Explorer
Microsoft has issued an emergency patch which users should utilise as soon as possible to fix a bug on the Internet Explorer browser.
The vulnerability could allow the browser to be hijacked by attackers with Microsoft confirming that versions 9 to 11 were vulnerable. Users still using Internet Explorer should download and apply the patch as soon as possible.
In one scenario described by Microsoft an attacker could host a website designed to exploit the vulnerability through Internet Explorer and convince users to visit through an email. The attacker could then feasibly install malware, alter data or set up brand new accounts with full user rights.
Just over 8% of people still use Internet Explorer, but where possible users should consider using a different browser. Other popular browsers include Microsoft Edge, Google Chrome and Apple Safari, but of course there are others available.
Software and app updates, including browsers, often contain vital security updates which will protect devices from criminals. You will often receive prompts to update to the latest version and these should not be ignored. Turning on automatic updates for important patches such as this is a great way to ensure you are secure without much effort. You can read more about updating software in our Top Tips for Staying Secure Online advice.
New REvil ransomware attributed to GandCrab Developers
Back in May this year, the developers behind GandCrab Ransomware as a Service (RaaS) announced their “retirement”, after claims they profited more than $2bn since January 2018.
But this week, security researchers at Secureworks say they have discovered links between the thought-to-be-disbanded group and a strain of ransomware dubbed REvil, or Sodinokibi.
Researchers have noted “numerous characteristics” that would suggest the same developers were involved in the production of both GandCrab and REvil, including “nearly identical” coding.
Ransomware attacks are continuing to rise in number and sophistication. The NCSC has previously published guidance on how to protect your organisation from ransomware and, more recently, advice on how to effectively detect, respond to and resolve cyber incidents.
We’ve also produced a step-by-step guide on how individuals can recover an infected device.