Weekly Threat Report - 10th January 2020
Travelex New Year’s Eve incident
There has been prominent media coverage this week after foreign exchange company Travelex suffered a ransomware attack on New Year’s Eve. The company has taken all of its systems offline in a move they said will prevent the spread of the virus further across the network. Travelex have said there had been no evidence customer data had been compromised. Media reports have said those responsible for the attack have set a ransom to the company, and have threatened to release data obtained through the attack. The Information Commissioner’s Office (ICO) have been in contact with Travelex to advise on “potential personal data issues”. The NCSC has guidance for organisations looking to defend against the threat of ransomware. Guidance such as mitigating malware is also of use with this kind of cyber attack.
Security issues in Citrix products reported by researchers
Positive Technologies have reported a security issue that affects Citrix products. The flaw could give attackers an opportunity to search for weaknesses on the internet.
Honeypots run by security researchers have shown potential attackers scanning the internet for potentially vulnerable instances. This may put organisations that are exposing them to the open world at risk of being attacked and compromised.
Citrix have published an advisory, which recommends mitigation for customers to apply and advice on how to upgrade all of their vulnerable appliances to a fixed version of the appliance firmware when released.
As always, the NCSC recommends making use of the latest and most up to date security patches, and following vendor provided mitigation advice. Good security architecture may help to limit exposure, and consider the impact of such products are used to control access to management interfaces.
TikTok fix flaws following vulnerability report
TikTok, a video-sharing platform, has acted upon security flaws which were highlighted by researchers at the security firm, Check Point.
A number of issues were spotted by researchers which included the potential to allow hackers access to change privacy settings, steal personal data and add or delete videos. Before the attack, it would have been theoretically possible for hackers to access private personal information that are required to set up an account on the service, such as mobile phone numbers.
TikTok’s developer ByteDance were informed in November and the social platform has publicly thanked the researchers.
The platform allows users to create short videos and has experienced huge growth over the past few years.
The NCSC has published advice about using social media safely.