Cyber Security Bulletin – June 2022
Here are our top cyber security news items and information for your attention. These bulletin articles have been specially selected by our in-house Security Operations Centre (SOC) team.
1. Cyber Essentials – The Government backed scheme to help businesses to implement effective cyber security measures
Let’s start off with a cyber fact:
Up to 88% of businesses have suffered data breaches in the last 12 months. Take the important first step to securing your valuable IT infrastructure against hackers and cybercriminals by gaining a Cyber Essentials accreditation.
What is Cyber Essentials?
Cyber Essentials is an effective, Government-backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks. Cyber Essentials represents a minimum baseline standard for cyber security in the UK.
Why get a Cyber Essentials accreditation?
- It is the best place to start if you are unsure or confused where to start with protecting your IT infrastructure from cyber attacks
- Fits with a wide range of businesses and organisations
- Prioritising cyber security wins new business
CLICK HERE to find out how our industry-leading cyber security experts can help you to become fully certificated
2. New zero-day vulnerability impacts all versions of Microsoft Office
Dubbed ‘Follina’ – this exploit takes advantage of a vulnerability within Microsoft Word whereby a remote attacker can execute malicious Powershell commands. The delivery vector will likely be a phishing email / drive-by malicious website. Once successful, an attacker can install programs, run scripts, view, exfiltrate and delete data and create new user accounts. It is likely this will be used to execute ransomware and serve as an entry point to gain access to the wider network. A patch is now available and everyone is recommended to patch ASAP.
3. Yodel Cyber Attack
It is reported that Yodel has been a victim of a ransomware attack which has taken their systems offline, and services made inaccessible. A statement on their website reads that an investigation is underway and a digital forensics organisation is assisting with the attack. There are no further details about whether or not data has been stolen but a few days after the incident started they are still offline and customer service teams inaccessible.
4. Ransomware – Do you have insurance? Have you checked the exclusions?
With cyberattacks on the rise and cyber insurance providers unable to keep up with the number of claims, businesses have seen insurance premiums skyrocket in the last year. The majority of providers are now refusing premiums unless your technical controls meet minimum criteria. More and more claims are also being rejected on the basis of certain exclusions such as ‘war clauses and organisations are needing to prove that they’ve made minimum efforts to try and project assets against ransomware.
Contact us to find out more about our Cyber Security services