CORONAVIRUS ‘TRACK AND TRACE’ GENERATES SHARP INCREASE IN CYBER ATTACKS

Term of the month: Keylogger Keyloggers are one of the oldest threats still used today. It is a type of malicious spyware designed to record all the keystrokes of the infected device and send that information back to a third party. They are used extensively to steal financial and personal information, but can also be used legitimately to troubleshoot or monitor users.

BRIEF UPDATE UK NSA and European agencies report that the proliferation of COVID-19 ‘Track and Trace’ apps and emails have caused a sharp spike in cyber- attacks. A victim is warned that he has been ‘in contact’ and clicks on a fake link, which enables malware insertion or data harvesting. This is in addition to the increase in fake websites, offering medical advice or help contacts, for the same reason. With universities and colleges re-opening, they have been warned that they are prime targets for cyber-attacks. Already, 2 major UK universities have had their IT systems shut down by ransomware attacks. Following similar attacks on Canon and Honda, the latest major private sector ransomware attack has been on US data centre provider Equinix. Flightradar24 struck by 3 major cyber-attacks in 2 days. Business Insider reports that WhatsApp users’ personal data is exposed to dozens of third-party apps. This follows a June report that 300,000 users’ phone numbers were released through public Google searches. Kaspersky reports that 23% of desktops and 17% of laptops in UK businesses lack security software, and this is likely to be similar across Europe. 6.5TB of Bing data leaked online in Sep. US CISA ordered all government agencies to patch against ‘Zerologon’ Windows Server flaw. Flaw in MS MFA protocols could allow cyber criminals to infiltrate MS 365 cloud services.MS Sep patch includes 129 flaws, 23 critical. Latest update has caused Windows 10 users’ Lenovo laptops to crash. Android users told to be on high alert after ’Cerberus’ authentication-breaking malware now available free. Apple delays IOS 14 privacy changes after Facebook pressure. WIRED reports that common malware slipped past the macOS notarisation process twice (remedied).

CYBER SECURITY IN THE NEWS

• Chinese database details 2.4 million influential people and how to press their buttons

• Woman dies during a ransomware attack on a German hospital

• 75% of CEOs Will be Personally Liable for Cyberattacks by 2024

• Iranian hacker group developed Android malware to steal 2FA SMS codes

• Apple Certifies the Most Prevalent macOS Malware Through Its Notarisation Process – Twice

• Luxottica Suffers Major Ransomware Attack

• Ransomware gang targets Russian businesses in rare coordinated attacks

• Shopify says two support staff stole customer data from sellers

• European ISPs report mysterious wave of DDoS attacks

• New 'Alien' malware can steal passwords from 226 Android apps

• Instagram bug opened a path for hackers to turn smartphones into spies