Welcome to the latest edition of the Cybersafe Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online.
Here are the most prominent threats which you should be aware of:
Vulnerabilities identified in Microsoft Outlook
In a recent cyber security report, researchers discovered two new vulnerabilities in Microsoft Outlook, capable of being exploited in a zero-click remote code execution (RCE) attack. The vulnerabilities, namely CVE-2023-35384 and CVE-2023-36710, were promptly reported to and addressed by Microsoft. The researcher behind the findings explained that by chaining these vulnerabilities together, an attacker could execute a remote code on Outlook without user interaction.
The vulnerabilities came to light during an investigation into an older privilege escalation vulnerability in Outlook, shedding light on potential risks associated with the popular email client. Specifically, CVE-2023-35384 is identified as a security feature bypass vulnerability in the MapUrlToZone function, with a CVSS score 6.5. Microsoft initially implemented this function to address a previous vulnerability (CVE-2023-23397), which could be bypassed with CVE-2023-29324. The latter was disclosed in May, with disagreements over its severity.
The second vulnerability in this exploit chain is CVE-2023-36710, categorised as a Windows RCE flaw in the Audio Compression Manager (ACM) with a CVSS score of 7.8. Barnea outlined that this vulnerability is triggered when a downloaded sound file is autoplay, potentially leading to code execution on the victim’s machine.
Despite Microsoft’s efforts in patching these vulnerabilities, the researchers emphasised the persistence of the threat vector and recommended additional security measures. They urged users to follow Microsoft’s detection and mitigation guidance and implement strategies like micro-segmentation to filter malicious IP addresses.
Additionally, the researchers highlighted the ongoing risk posed by the custom sound notification feature in Outlook, suggesting its removal to enhance user security. While Microsoft stated that the issues have been addressed and users are protected with the latest security updates, the researchers stressed the importance of ongoing vigilance and mitigation efforts in light of the evolving threat landscape.
UK Software sector at risk of cyber attacks from cyber criminals
In 2024, the software sector faces a surge in cyber attacks, according to a report. The study found that, on average, software companies experienced 30 cyber attacks in the past year despite significant cyber security spending. Nearly half of the surveyed firms invested over £50,000 annually in cyber security, primarily on services like vulnerability assessments and penetration testing. However, 44% of respondents felt their budgets were insufficient for comprehensive protection.
Additionally, the report highlighted the susceptibility of software companies to cyber threats due to their early adoption of emerging technologies and collaborative working practices. The report emphasised the rising threat of cyber crime and a lack of confidence among organisations in safeguarding against such cyber attacks. The report suggested that industry challenges, such as increasing energy costs, rising insurance premiums, skills shortages, and staff burnout, contribute to businesses’ difficulties.
While acknowledging budget constraints, it indicated that effective strategies and emerging technologies like artificial intelligence (AI) could help relieve cyber security pressures. It was recommended that businesses should collaborate with trusted partners to develop a tailored cyber strategy aligned with business needs and challenges.
The report also revealed gaps in data protection practices, with only 37% of the surveyed businesses incorporating security into all their processes and functions. Concerningly, 14% admitted addressing cyber security on an ad hoc or as-needed basis. The challenges of the past couple of years, including the pandemic-related budget constraints and ongoing skills shortages, have further complicated the cybersecurity landscape. Many businesses have sacrificed security budgets to maintain essential services during the pandemic.
In addition to financial pressures, the report highlighted the persistent skills gap, with organisations needing more in-house talent to address their security needs. This presents an opportunity for the managed service channel to play a crucial role in helping businesses navigate the evolving cyber security landscape.
UK companies still under risk of cyber attack
The Joint Committee on National Security Strategy (JCNSS) has issued a report warning of a high risk of a “catastrophic” ransomware attack in the UK due to the Home Office’s lack of planning and investment. The report emphasises the potential for severe disruption to critical government services, including healthcare and child protection, with the capacity to bring the country to a standstill. It criticises the UK’s preparedness, citing outdated legislative frameworks, resource limitations, and skill deficiencies in agencies handling ransomware attacks.
The report recommends transferring responsibility for tackling ransomware from the Home Office to the Cabinet Office, overseen by the Deputy Prime Minister.
For more information on ensuring your business benefits from tight cyber security and you are able to protect your own business from any ransomware attacks, you can speak to the Neuways dedicated cyber security team. We can help train your employees to be alert for phishing attacks, as well as protect your data. Network security for businesses has never been more important.
Contact Neuways for Network Security For Businesses
If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today.