Patches released for Apple and Google Chrome vulnerabilities
Users should be aware that Google and Apple have released security updates to fix vulnerabilities affecting their respective products.
Apple’s two vulnerabilities include a remote code execution vulnerability (CVE-2022-32893) in its WebKit software, as well as a kernel vulnerability (CVE-2022-32894).
Meanwhile, Google has released a standard update for its Chrome browser with eleven updates, but which includes a fix for the vulnerability CVE-2022-2856 which exists in the wild.
The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. The presence of potential exploits in the wild makes it the more important to install the latest updates as soon as possible.
Microsoft report on a sustained phishing campaign by the SEABORGIUM threat actor
The Microsoft Threat Intelligence Center (MSTIC) has published a new blog on the sustained campaign of phishing and credential theft by the threat actor SEABORGIUM.
This campaign has persistently targeted larger scale organisations over long periods of time.
The group often conducts research on individuals in an organisation to attempt to gain access and is known to identify legitimate contacts in the target organisation’s corporate network, through social media platform, personal directories and information it finds in open source.
The opening exchange with the target is often a benign email referencing an attachment that doesn’t exist. Once a target opens the email, they are directed to an actor-controlled server hosting a phishing framework. The final page is a prompt for authentication, mirroring the sign-in page for a legitimate provider and intercepting any credentials.
This threat actor targets particular organisations and sectors, or individuals within them, rather than the general public. The NCSC has guidance on how to defend your organisation against phishing attacks.
Warning as cyber criminals use HMRC branding in phishing scams
Cyber criminals are again impersonating Her Majesty’s Revenue and Customs (HMRC) branding to try and trick the public into sharing personal or financial details.
It is reported that criminals are sending fraudulent emails claiming that the recipient is eligible for a tax refund as they have overpaid on their National Insurance.
Recipients of this phishing attempt are encouraged to ‘submit their tax refund request’ via a link, which would send them to a fraudulent website designed to harvest their personal details.
A cyber criminal’s goal is to trick you into giving them your sensitive information, which could include bank details. Criminals often falsely claim to be from UK government or other official organisations.
The NCSC has produced guidance on how to spot the most obvious signs of a scam, and what to do if you’ve already responded. We also recommend forwarding emails you’re unsure about to the NCSC via our reporting service, email@example.com.