01 May 2020

IRM Weekly Cybersecurity Roundup: Microsoft Teams loophole and more

Microsoft Teams GIF loophole creates security flawsMicrosoft Teams GIF

Microsoft has recently addressed a vulnerability on the Teams platform which allowed hackers to send specially crafted links or GIFs to Microsoft Teams accounts and hijack them.

Microsoft stated: “While we have not seen any use of this technique in the wild, we have taken steps to keep our customers safe”.

The research, which lead to the vulnerability being highlighted, found that malicious code could be attached to innocent looking GIFs and if the user clicked on the GIF, their system could be compromised.

You can read more here.

Nintendo players hit by data breach

With many people turning to gaming consoles during lockdown, Nintendo has been in the headlines this week for a potential data breach.

An external report released on Wednesday showed that attackers were using a combination of crimeware and vulnerable logins to credential stuff Nintendo accounts.

Nintendo has neither confirmed or denied the allegation and instead directed users to technical support.

It’s thought that attackers were able to extract billing and account information from the breached accounts, including gaining access to the ‘points’ that allow you to buy Nintendo Switch digital games.

You can read more here.

Whisky cyber-attack collection auction interrupted by cyber-attack

The Perfect Collection

A collection of rare whiskies set to fetch millions at an online auction was interrupted this week by a cyber-attack.

Richard Gooding’s “The Perfect Collection” was due to be the largest private whisky collection ever to be offered for public sale.

The auction firm originally delayed the event by 48 hours as they thought the excessive load on the website was causing technical issues. It later turned out that the auction site’s website and database had actually been targeted by cybercriminals.

The whisky auction has been postponed indefinitely until the issues are solved.

You can read more here.

£1 million funding offered to predict military cyber-attacks

The Defence and Security Accelerator (DASA) has announced £1 million to further develop technology to predict and counteract cyber-attacks.

Three lead organisations alongside three further collaborators will be working together on the project after winning a competition set by DASA.

The work will focus on how they can proactively defend deployed UK military systems and networks from the increasing offensive cyber action from nation states.

A secondary phase of the project will look to develop the ‘predictive approaches’ and adapting them to suit a military environment.

You can read more here.

Israeli water companies hit by cyber-attacks

A series of cyber-attacks is reported to have affected several Israeli water companies last weekend, according to a government report.

The attacks were launched on the control systems of waste water treatment plants, pumping stations and sewers. As an immediate reaction, the stations were informed to change passwords, reduce internet connectivity and ensure their controllers had the most up to date versions installed.

According to the Water Authority’s security department, ‘no damage’ has been reported during the incident, but the events highlight what’s at risk for critical national infrastructure.

You can read more here.

Quick-Fire Updates

Architects hit by cyber-attack: Zaha Hadid Architects are sharing their experience after falling victim to cyber-attackers who stole data and asked the company for money to release the data. Read more here.

GCHQ report says AI will be used to power cyber-attacks: In the latest report, GCHQ warns how malicious actors will use AI to attack the UK and they anticipate that hostile nation states will already be developing this technology for cyber warfare. Read more here.

Survey says 59% of respondents would avoid an organisation that has experienced a cyber-attack: in the last year, according to Arcserve. In addition, 43% said they would rather spend more money with an organisation they deem to be more safe and secure. Read more here.

Facebook cuts back on cybersecurity teams: to invest more heavily in automation. It’s believed that 24 people have been displaced as the company has restructured to make the cyber teams focus on how they can identify vulnerabilities with automation. Read more here.

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter.