In April's Cyber News Update, we take a look at breaches that have impacted Funky Pigeon and WhatsApp, as well security updates and cyber threat advice.
Funky Pigeon Hit by a Cyber Attack
Earlier this month, the gift card retailer known as Funky Pigeon experienced a cyber attack, resulting in them needing to temporarily suspend operations. Once the organisation became aware of the breach which occurred earlier this month, they took their systems offline, so that an investigation could be conducted, and the extent to which the breach caused damages could be minimised. Fortunately, the impact of the breach is now more understood, and the organisation doesn’t believe that payment and account password data have been compromised.
As part of their response to the cyber attack, Funky Pigeon will contact all customers over the last year, and are in contact with the relevant authorities so that a full investigation can be conducted.
New Microsoft 2022 Update
Microsoft has released their April 2022 security update that addresses a number of vulnerabilities, including a remote procedure call runtime remote code execution (CVE-2022-26809). NCSC advises that in these circumstances, it is best to follow Microsoft’s best practice when it comes to mitigating risks. Therefore, you should ensure that you download and install their latest updates as soon as you can, so that you are as protected as you can be. Microsoft have also published advice on additional mitigation measures for their new update, which you can find by clicking here.
Advice to CNI on Russian Cyber Threat
Earlier this month the UK, along with international allies have given advice to global CNI organisations on the cyber threat posed by Russia. The advisory comes from agencies in the US, Canada, New Zealand and Australia, as well as the National Cyber Security Centre in the UK, which is a part of GCHQ. The advice provides details and information on Russian-aligned cyber criminal groups. Some of these groups have, in the past, threatened to commit cyber attacks in retaliation, should countries provide support to Ukraine.
You can read the advisory that was published by clicking here.
Fake Whatsapp voice messages are spreading malware
A recent phishing campaign has been taking place, where WhatsApp voice messages are being used, that feature malware that can steal user data. The malware finds its way onto devices through an email that is sent to users claiming to be a notification from WhatsApp stating that they have a new private voice message. The email identifies itself as coming from ‘WhatsApp Notifier’, and it masks a real email address belonging to a Russian road safety organisation. The attack was discovered by Armorblox, and they believe that the Russian organisation being used might not even be aware of their role in the scam. Due to the fact that the email address and organisation are real, the emails aren’t flagged as spam and therefore aren’t blocked from being sent to user inboxes.
The email includes a ‘Play’ button which takes the user to a website where they are asked to allow a prompt to confirm that they aren’t a robot. Once the user clicks ‘allow’, it then prompts them to download a piece of software, which is of course, the information-stealing malware. The NCSC has published various pieces of guidance which I’ll link below on the signs to look out for when it comes to phishing emails.