Over the last few weeks SRG has been alerted to and has been monitoring a new cyber-attack vector. This is a known group with access to a large and scalable Kubernetes cluster that is performing high-speed and broad reaching Brute Force Attacks against Microsoft O365 and Azure services. It is highly recommended that all customers enable two-factor (2FA) in their Microsoft cloud services and additionally recommended that password length and complexity policies be reviewed and increased in strength as needed.

As always if we can be of any assistance or provide further guidance please reach out to the Cyber Team at cyberservices@securityresourcegroup.com.

Both Google and Microsoft are pushing emergency updates to patch a critical vulnerability in their browsers. Hackers are actively exploiting this vulnerability, which allows for remote code execution within the browser Javascript engine.

This vulnerability, called CVE-2022-1096, was reported to Google by an anonymous user or researcher. It appears to affect all Chromium-based browsers, including Opera and Brave.

Details on the vulnerability are slim, but we do know that the vulnerability allows for “type-confusion” attacks in the browser V8 Javascript engine. Basically, hackers can confuse the browser, forcing it to read and write data on your machine without permission.

At this time there is limited official information from the browser vendor. We suggest that you update Chrome and Edge immediately to avoid the problem.

Google will reveal more information on this vulnerability once a majority of its users install the emergency update. The company will also wait for other Chromium browsers to patch the problem—Microsoft Edge is rolling out its fix, but competitors like Brave and Opera are still working on it.

Please reach out to your SRG Contact for more information on how to protect yourself and your business. Alternatively, you can contact SRG at admin@securityresourcegroup.com.

While the Russia-Ukraine tensions may seem far away, there is a very real threat of increased Cyber Attacks against European countries, as well as Canada and the US; any country that has retaliated against Russia’s invasion of Ukraine. It is highly unlikely Putin will be able to harm Canada or the US with military force, therefore his likely best option is through Cyber attacks. It is suspected that Russia has already attacked Ukrainian businesses with Malware, some with Ransomware and some that attacks systems and wipes them clean of data without any Ransom request – simply to disrupt/cripple the operations of these companies.

Over the past several months, SRG has observed an increase in attack activity. Ransomware and Denial of Service attacks are leading the way. Our professionals are monitoring our clients’ systems and blocking (or alerting our clients) to suspicious activities. Additionally, we are monitoring both the Deep and Dark web, as well as non-valid traffic from thousands of Dark Web Tor Exit Nodes. With this, we are also actively updating Indicators of Compromise (IOCs) in our security monitoring platforms to advise on new and emerging threats associated with the Russia/Ukraine conflict.

At the moment it is difficult to discern where the increased Attack activity is originating from, however we need to focus on the risk of Russian led Cyber attacks against our country and businesses. We recommend companies stay very vigilant and ensure they have taken reasonable steps to mitigate the risk of an attack being successful on their organizations.

The following are recommended Cyber Security processes:

  • Ensure you have a layered Cyber Security Regime – multiple layers of defense
  • Change passwords and do so frequently (use multi-factor authentication where possible)
  • Ensure Patching is up-to-date and is done immediately following Patch releases
  • Ensure Monitoring systems are Tuned to identify traffic from Russia (and their allied counties) as High Risk
  • Where possible, block any traffic from Russia, Belarus and other Russian allies
  • Staff training – most successful attacks are a result of a staff member inadvertently clicking on an attachment of an email from an unknown source. Phishing training must be part of the Cyber Security regime
  • Segmentation/Classification of Assets – ensure higher layers of Cyber Security surrounding your most critical information/systems

Please reach out to your SRG Contact for more information on how to protect yourself and your business. Alternatively, you can contact SRG at admin@securityresourcegroup.com.

Cyber-security experts have found an “extremely serious” bug that may pose an even greater risk than the recent Heartbleed bug, and could affect hundreds of millions of computers worldwide…

Read more on CTVNews.ca

Forget intelligence gathering. Financially motivated cybercrime is booming behind the Great Wall.

China has become infamous for politically motivated intelligence gathering, but new research from Trend Micro shows that a financially motivated, politically independent cybercrime underground is alive and growing behind the Great Wall, as well…

Read more on DarkReading.com

Canada Revenue Agency says Canadians will not face penalties if they’re late in filing their 2013 tax returns as a result of the ‘Heartbleed’ bug that forced the shutdown of the agency’s website…

Read more on CTVNews.ca

The odds of having a lost cellphone returned are just a little better than 50/50, while the chances of it being probed by its finder are close to 100 per cent, according to the results of an experiment conducted in six Canadian cities…

Read more on CBC.ca

Thanks to the NSA, everyone all of a sudden cares about their privacy more than they used to. But most of us aren’t doing a good job of locking it down. Here are just a few of the things we all tend to do that leak private information to friends, strangers, businesses, and ad companies…

Read more on LifeHacker.com