Weekly Threat Report - 21st February 2020
Instagram phishing campaign promises presidential money
Russian Instagram users are reportedly being targeted by a phishing campaign under the guise of a non-existent presidential decree.
Cyber criminals are using fake advertisements on Instagram accounts impersonating those of state TV channels. The adverts are crafted to look legitimate and promise upwards of 100,000 rubles (£1,210) to all citizens looking to start up a business.
Victims are then directed to websites where they are asked to give their full name and date of birth and pay a small fee to register for the larger payment.
Phishing attacks can be made over text message, social media, phone or email. The NCSC’s guidance on phishing offers tips on how to spot suspicious looking emails.
Amazon's Ring makes authentication step mandatory
Ring, the home security company owned by Amazon, has updated its log in process, adding a verification code step and making it the default setting for all its products.
The change means that users will now have to enter their password and unique six-digit code when they first log in to the app, or haven’t logged in for 30 days.
Nest, Google’s home security device, has also recently announced it is implementing a number of security safeguards. Amongst these is the mandation of two-factor authentication (2FA) for its users following a spate of attacks where hackers guessed, or used pwned passwords, to access Nest accounts.
Using 2FA on your important accounts means that even if a criminal knows your password, they won't be able to access your accounts.
The NCSC has published top tips on keeping you and your family safe online, which includes guidance on updating devices and software, as well as how to set up 2FA wherever it is available.
Connected medical devices running Windows in hospitals are vulnerable to attack
According to figures in a recent report by cyber security firm CyberMDX, 45% of all networked Windows devices in a typical hospital in the US are vulnerable to the Remote Code Execution flaw known as BlueKeep, because they haven't been updated or patched.
Obsolete software and unpatched devices put networks at risk of being vulnerable to attack. Connected medical devices can include x-ray and ultrasound equipment and monitors.
The NCSC first reported on the BlueKeep exploit (CVE-2019-0708), that affects some older versions of Windows, in May 2019 after alerting Microsoft to the threat. Microsoft issued a critical security fix and the NCSC always recommends that organisations and individuals apply updates.
The NCSC has published guidance on how organisations can mitigate and manage vulnerabilities, manage obsolete platforms and advice on patching and why it can be difficult.
Microsoft security patches for CVE-2019-0708.