Be Cybersafe | Cybersafe Threats | 18th April – Technologist

Welcome to the latest edition of the Cybersafe Cyber Threats Update, from the 18th April 2024. This is a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online. Being aware of these cyber threats helps UK companies to gain cyber essentials certifications and keeps employees on alert for potential danger. If you need help with Cyber Security, contact Neuways to become Cybersafe.

Here are the most prominent cyber threats to businesses which you should be aware of:

Hackers tried to breach and disable widely used open-source Java tools

Recent incidents involving attempts to insert vulnerabilities into primary open-source tools like XZ Utils and JavaScript projects underscore the ongoing and serious threat to the integrity of open-source software. Organisations like the Open Source Security Foundation and OpenJS Foundation warn that such attempts may not be isolated incidents, further emphasising the gravity of the situation. Business owners need to share these cyber threats with their employees to help them become more vigilant and utilise their phishing awareness training.

These foundations emphasise the crucial role of vigilance among open-source maintainers. Their ability to detect social engineering takeover attempts and early threat patterns is paramount in maintaining the security of open-source projects, which are relied upon globally. These projects depend on community contributions for updates and patches, often discussed in forums among volunteer maintainers, highlighting their integral role in the security of open-source software.

While no builds were compromised in the recent attempts, the potential consequences are severe. Such backdoors could render entire open-source ecosystems vulnerable to exploitation, particularly by nation-state hackers. The incident underscores the fragility of critical points in the open-source ecosystem and the risk of maintainer burnout, which could lead to compromised control over sensitive information.

Open-source code is pervasive in commercial systems, with most containing vulnerabilities, highlighting the critical need for robust cyber security measures in businesses relying on open-source software.

Cisco Duo warns of customer data breach through telephony provider attack

A recent breach involving the theft of VoIP and SMS logs used for multi-factor authentication (MFA) messages has been reported by Cisco Duo, a prominent MFA and Single Sign-On services provider. The breach, which occurred on April 1, 2024, involved the exploitation of employee credentials obtained through a phishing attack, impacting an undisclosed telephony provider.

The intrusion resulted in the unauthorised access and download of SMS and VoIP MFA message logs associated with specific Duo accounts between March 1, 2024, and March 31, 2024. Although message contents were not accessed, the stolen logs contain sensitive data such as phone numbers, carriers, locations, dates, times, and message types.

In response, Cisco is actively collaborating with the affected provider to investigate and address the incident. Security measures have been reinforced, including invalidating compromised credentials, analysing activity logs, and notifying affected parties. Cisco is also assessing the breach’s scope and impact using the exposed message logs provided by the provider.

Businesses impacted by this breach are urged to remain vigilant against potential SMS phishing or social engineering attacks utilising the stolen information. It’s essential to promptly report any suspicious activity to relevant incident response teams and educate users about the risks associated with social engineering tactics.

Is AI a threat to businesses?

The UK’s Competition and Markets Authority (CMA) is alarmed by the grip major tech firms have on the AI Foundation Models (FMs) market, fearing they could manipulate competition and hike prices. Highlighting risks such as controlling crucial inputs and potential collusion, the CMA is taking steps to ensure fair play. This includes closely examining alliances like Microsoft’s investment in OpenAI. Business owners in AI-related sectors should stay vigilant against anticompetitive practices and collaborate with regulators to maintain a level playing field.

As the CMA scrutinises the high-end AI landscape, it’s pushing for transparency and fair competition. Their efforts aim to prevent major tech players from monopolising the market, which could stifle innovation and limit options for businesses and consumers. By adhering to responsible AI principles and staying informed about regulatory developments, businesses can help uphold fair competition in this rapidly evolving sector.

Contact Neuways with help to be Cybersafe

If you need any assistance with cyber security to be Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today. We’re based in Derby but we work with clients all over the UK and can travel for your needs.