Skip to main content

Week 8

 Most recent Cybersecurity attacks: 2022  

 

British Council data breach 


The British Council, which provides English language courses to students worldwide, experienced a third-party data breach revealing more than 10,000 records. Researchers discovered an unprotected Microsoft Azure blob repository and reported the incident on the 5th of December 2021. 

  

The blob container (a group of data held in the cloud) was indexed by a public search engine. Clario Tech reported in a Mackeeper blog that the blob contained at least 144k xls, xlsx, xml, and Json files. 

  

The datasets held students’ personal data worldwide, including student IDs, full names, study duration, email addresses, and enrolment dates. 

  

Any student or individual that may have been affected by the data breach should change their password straight away. They should also watch out for suspicious-looking emails and links.

 

The NHS Trust data breach 


The NHS trust, which provides healthcare services in Birmingham and Sandwell, experienced a ‘significant IT data loss incident’ that impacted patient care and staff. The data loss incident disrupted more than twenty systems and was caused by a ‘recommended update.’ Fortunately, no patient data was accessed or exposed. 


Apple 'zero-click' malware

 

Apple became aware of a software flaw that allowed attackers to introduce spyware. The spyware has been attributed to Israel’s NSO Group. Apple recently issued an emergency software fix as part of the iOS 14.8 update. 

  

The most worrisome part of this malware threat was that an iPhone, Mac computer or Apple Watch could be infected without the user clicking on anything. Known as a zero-click exploit, the attacker can hack into the user’s device, and because no click is required, the victim has no opportunity to spot the attack. 

Zero-click exploits are costly and highly sophisticated. So, they are usually leveraged to attack specific individuals rather than the population. 


Health workers phishing fraud 


Coronavirus awareness has become the latest tactic of cybercriminal gangs targeting healthcare professionals. In this instance, the cybercriminal sends an authoritative-looking phishing email to healthcare professionals, with the subject line ‘ALL STAFF: CORONA VIRUS AWARENESS.’ 

  

The email instructs the reader to register for a compulsory survey and seminar about the deadly virus. Any healthcare team member that clicks the link and completes the registration form ends up giving their personal information to the hackers. 

This article attracted my interest because it displays various kinds of Cybersecurity attacks and helps educate me to stay safe by knowing what risks to look out for. I learned not to click on links in emails to do any registration.  

 

Source: OmniCyber 

Web Address: www.omnicybersecurity.com 

 

Comments

Post a Comment

Popular posts from this blog

Week 6 Cloud Computing

     Key Features of Azure DNS DNS Hosting : Azure DNS allows you to host your DNS domains in Azure. You can manage your DNS records using the same credentials, APIs, tools, and billing as your other Azure services. Public and Private DNS Zones : Public DNS Zones : These are used for hosting domains accessible over the internet. You can manage DNS records for your public domains using Azure DNS. Private DNS Zones : These are used for managing and resolving domain names within your virtual network without configuring a custom DNS solution. This is useful for internal name resolution within your Azure environment. DNS Resolution : Azure DNS provides fast and reliable DNS resolution using a global network of name servers. Anycast networking allows DNS queries to automatically route to the closest name servers for the best possible performance.   DNS Private Resolver : This service enables you to query Azure DNS private zones from an on-premises...
Post a Comment
Read more

System Hardening Week 2

  The  Application layer  is the seventh and highest layer of the OSI and TCP/IP models. It specifies the shared communication protocols and interface methods hosts use in a communications network. The protocols in the Application layer are responsible for providing services to the user, such as file transfer, email, and web browsing.
Post a Comment
Read more

System Hardening Week 12.

  Network automation offers several compelling benefits, and its impact on IT professionals is significant. Below are some advantages.   Benefits of Network Automation: It eliminates manual tasks by automating network processes. This boosts IT productivity, allowing professionals to focus on strategic initiatives that drive business growth. Network automation enables faster provisioning of critical data services, optimizes network performance, and speeds up the rollout of new services and applications. Previously infrequent network changes have become more frequent due to automation, reducing manual adjustments' time-consuming and resource-intensive nature. It helps build a reliable network for an infrastructure-as-code approach that consistently maintains network state and configuration, enhancing reliability from data centers to edge location...
Post a Comment
Read more