APPLE WANTS TO SEE ALL YOUR PHOTOS AND RANSOMWARE STILL A CONSTANT THREAT

Term of the month: Phishing

Is a type of social engineering attack with the goal of stealing data from the victim or inserting malware into the targeted system. The usual attack vector is through e-mail, instant messaging or SMS. The target is prompted to click a malicious link by the attacker posing as a trusted entity such as a bank, credit card company, store etc

BRIEF UPDATE

One of the most talked about stories this month has been the announcement that Apple made regarding their tool to scan all user photos for Child Sexual Abuse Materials. While it is a good cause to combat the tool poses a threat since it can be easily repurposed for surveillance and censorship. Privacy advocates have criticised the move by pointing out how it can be used by authoritarian states to silence critics, journalist and political opponents. With many questioning why the company would want to sabotage it’s privacy-respecting reputation. NSO has come under scrutiny after Pegasus spyware was found on nine Bahraini political activist phones. Ragnarok ransomware gang decided to close down their operations and as a parting gift to their victims they released decryptor tools. The tools are currently analysed and will be made available through the Europol’s NoMoreRansom portal. In other ransomware news the average pay out has doubled in a year with attacks becoming more intrusive to force victims to pay. Like in the case of Accenture the global consulting firm that has become the most recent victim of a ransomware attack with a threat of publishing of files if the unknown ransom isn’t met. Another worrying record has been set with the massive Denial of Service attack that was meant to take down a financial website at the peak reaching 17.2 Million request per second with Cloudflare commenting that the average legitimate traffic is 25 Million request per second.

CYBER SECURITY IN THE NEWS

•Researchers Label Apple’s CSAM Detection System ‘Dangerous’

•Apple shifts stance on CSAM scanning following widespread criticism

•Unsurprisingly, the NSO Group's Malware Is Targeting Activists Again

•Most employees put their workplace at risk by taking cyber security shortcuts

•Botnet Generates One of the Largest DDoS Attacks on Record

•Average ransomware payouts nearly double in a year

•Accenture hit by a ransomware attack

•Ragnarok Ransomware Gang Bites the Dust, Releases Decrypter

•Microsoft Exchange Vulnerabilities Hacked By Ransomware Criminals