Cybersecurity Newsletter - Issue 15
Keeping an eye on cyber news and threats
Ursnif trojan stealing data from banks
Ursnif, also known as Gozi, is a trojan capable of stealing financial data from victim’s devices. It is currently having a significant impact to Italian financial organisations, with at least 100 banks in Italy being hit by the virus. Researchers from Avast discovered more than 1700 stolen credentials.
Ursnif is not new, however. In fact, it’s emergence dates back to 2007 and was recently spotted carrying out malicious activities in the US last year. Despite being around for a while, Ursnif continues to evolve and develop new ways of attacking financial organisations and remains a persistent threat to such institutions, focusing interest within Europe.
Samsung release critical security fixes in March 2021 updates
Keeping your phone up to date with the latest updates and patches is critical in keeping your device safe and secure. Samsung have just released an update which includes fixes for some very high security vulnerabilities, which I highly recommend installing if you haven’t already.
One of the vulnerabilities found in Android devices includes RCE (remote code execution) that uses Bluetooth the gain higher privileges on the device, known as privilege escalation. This allows hackers or viruses to have access to the entire phone and make any changes they like.
Other fixes in the update address vulnerabilities in the system, runtime and framework of Android devices. You can find a list of the CVEs (common vulnerabilities and exposures) along with more detail here.
Microsoft fixes 82 flaws and 2 zero-day vulnerabilities in this month’s Patch Tuesday.
You may have heard the phrase ‘patch Tuesday, hack Wednesday’, which stems from Microsoft’s ‘patch Tuesday’ which happens every second Tuesday of the month and basically involves rolling out updates with security fixes, and hack Wednesday being when hackers aim to take advantage of the newly announced vulnerabilities in the hope that people or businesses haven’t yet installed the updates.
This month’s updates fix 10 critical vulnerabilities and 72 labelled as important so make sure you get these updates installed as soon as possible. These vulnerabilities are added on top of the vulnerabilities announced in Exchange and Edge earlier this month for which patches have already been released.
The severity of these recently announced and patched vulnerabilities highlights the importance of keeping on top of updates and checking regularly for any patches or announcements relating to new bugs.
More detailed info on this here.
This week’s top tip – What to do if you’ve entered your details into a phishing site
Change your password immediately on any platform where you use those credentials.
If it’s for a particular platform, log in as soon as possible on the legitimate site and change your password, if you can’t log in then you may have already been compromised and contact support. If you use the same credentials or password anywhere else, then change those too.
Try not to use the same password on different websites so that if one of them is compromised the others will remain safe. A password manager is a good way of creating unique passwords for each site without worrying about remembering them.
That’s all for now, stay safe.