In the month of spooky happenings, we've rounded up the scariest topics you need to know about for cyber security risk, plus we've thrown in some good news too...
National Cyber Security Centre publishes annual review
The UK's National Cyber Security Centre (NCSC) released its annual report last month, highlighting its activity for the year, in its mission to make the UK the safest place to live and work online. The report highlights work on 658 attacks across 900 organisations including schools, airports and the emergency services. You can read the full report here...
Phorpiex Botnet gets renewed purpose
As a bot that is over a decade old, you might think that Phorpiex is old news, but it turns out this longstanding crawler has been given a new lease of life. The bot was originally used to distribute malware to convert PCs for cryptomining (a process whereby a PCs processing power is diverted to mine for cryptocurrency), but is now being used to send over 30,000 sextortion emails an hour threatening to expose the user to their contacts. It is believed the scams have already earned criminals thousands of pounds,
Apple on the malware case
It's often believed that Apple products are not at risk of malware, but that's a definite myth. In October the brand removed 17 malicious apps from the app store, most containing Trojan clickware designed to inflate website traffic and generate pay-per-click income. The apps have now been removed from sale, but users who have already downloaded them are still at risk. All of the apps were published by the same developer - India-based AppAspect Technologies (who also have a live profile on the Play Store) including: RTO Vehicle Information, EMI Calculator & Loan Planner, File Manager - Documents, Smart GPS Speedometer, CrickOne - Live Cricket Scores, Daily Fitness - Yoga Poses, FM Radio - Internet Radio, My Train Info - IRCTC & PNR (not listed under developer profile), Around Me Place Finder, Easy Contacts Backup Manager, Ramadan Times 2019, Restaurant Finder - Find Food, BMI Calculator - BMR Calc, Dual Accounts, Video Editor - Mute Video, Islamic World - Qibla and Smart Video Compressor. This is the reason that mobile antivirus is so important, protecting your phone from malicious content...
Old Amazon devices at risk
Anyone with a first generation Echo or an eighth generation Kindle or lower is being encouraged to patch their devices asap through the official Amazon device updates. These older devices have been found to have a flaw which exposes any data transmitted via WiFi from the device. Affected users won't even know they've been hit as the data is read before forwarding to the original destination.
Amazon Web Services down for several hours followed DDoS attack
A large volume of fake traffic to servers disrupted the Amazon Web Services Domain Name System, preventing legitimate traffic getting through. It meant that a number of the websites which use the system were down for a few hours on the 22 October.
Google Alerts flawed
If you've not used it before, Google Alerts is a clever tool which enables a user to set up an email alert for a specific term or phrase. A lot of people use it to track their own brand activity or competitor brand activity as well as industry content to keep an eye what's going on. The emails are auto-generated from new content crawled by Google, but unfortunately cyber-criminals have cottoned on and have been setting up fake content to target specific terms and download malware when users click onto the links. Word of warning: check you trust the content source before clicking on the link!
Pixel 4 Facial Recognition is not secure
You're the only person with your face, so using it to unlock your devices seems safe, right? Wrong. It turns out that the latest generation of Pixel 4 is totally flawed and will open your device with a short wave in front of your face, even if your eyes are closed or you're asleep! We suggest opting for a strong password instead!
UK Data Centres some of the greenest
Provisional results from the report on the Climate Change Agreement (CCA) for data centres has found that the UK data centres have successfully met their energy efficiency targets two years ahead of schedule. “Collectively, UK operators have performed so well that they have fulfilled the final scheme target two years ahead of schedule,” said Emma Fryer, Associate Director Data Centres, Techuk. She continues “However, at an individual facility level the picture is more mixed, so the sector is not complacent and will be working harder than ever to build on these improvements in the final stage.”