Brief Summary of September 2020

Written By David Palmer OBE

UK NSA and European agencies report that the proliferation of COVID-19 ‘Track and Trace’ apps and emails have caused a sharp spike in cyber-attacks. A victim is warned that he has been ‘in contact’ and clicks on a fake link, which enables malware insertion or data harvesting. This is in addition to the increase in fake websites, offering medical advice or help contacts, for the same reason. With universities and colleges re-opening, they have been warned that they are prime targets for cyber-attacks. Already, 2 major UK universities have had their IT systems shut down by ransomware attacks. Following similar attacks on Canon and Honda, the latest major private sector ransomware attack has been on US data centre provider Equinix. Flightradar24 struck by 3 major cyber-attacks in 2 days. Business Insider reports that WhatsApp users’ personal data is exposed to dozens of third-party apps. This follows a June report that 300,000 users’ phone numbers were released through public Google searches. Kaspersky reports that 23% of desktops and 17% of laptops in UK businesses lack security software, and this is likely to be similar across Europe. 6.5TB of Bing data leaked online in Sep. US CISA ordered all government agencies to patch against ‘Zerologon’ Windows Server flaw. Flaw in MS MFA protocols could allow cyber criminals to infiltrate MS 365 cloud services.MS Sep patch includes 129 flaws, 23 critical. Latest update has caused Windows 10 users’ Lenovo laptops to crash. Android users told to be on high alert after ’Cerberus’ authentication-breaking malware now available free. Apple delays IOS 14 privacy changes after Facebook pressure. WIRED reports that common malware slipped past the macOS notarisation process twice (since remedied)

Add a comment

Email again: