Skip to main content

Week 8

 Most recent Cybersecurity attacks: 2022  

 

British Council data breach 


The British Council, which provides English language courses to students worldwide, experienced a third-party data breach revealing more than 10,000 records. Researchers discovered an unprotected Microsoft Azure blob repository and reported the incident on the 5th of December 2021. 

  

The blob container (a group of data held in the cloud) was indexed by a public search engine. Clario Tech reported in a Mackeeper blog that the blob contained at least 144k xls, xlsx, xml, and Json files. 

  

The datasets held students’ personal data worldwide, including student IDs, full names, study duration, email addresses, and enrolment dates. 

  

Any student or individual that may have been affected by the data breach should change their password straight away. They should also watch out for suspicious-looking emails and links.

 

The NHS Trust data breach 


The NHS trust, which provides healthcare services in Birmingham and Sandwell, experienced a ‘significant IT data loss incident’ that impacted patient care and staff. The data loss incident disrupted more than twenty systems and was caused by a ‘recommended update.’ Fortunately, no patient data was accessed or exposed. 


Apple 'zero-click' malware

 

Apple became aware of a software flaw that allowed attackers to introduce spyware. The spyware has been attributed to Israel’s NSO Group. Apple recently issued an emergency software fix as part of the iOS 14.8 update. 

  

The most worrisome part of this malware threat was that an iPhone, Mac computer or Apple Watch could be infected without the user clicking on anything. Known as a zero-click exploit, the attacker can hack into the user’s device, and because no click is required, the victim has no opportunity to spot the attack. 

Zero-click exploits are costly and highly sophisticated. So, they are usually leveraged to attack specific individuals rather than the population. 


Health workers phishing fraud 


Coronavirus awareness has become the latest tactic of cybercriminal gangs targeting healthcare professionals. In this instance, the cybercriminal sends an authoritative-looking phishing email to healthcare professionals, with the subject line ‘ALL STAFF: CORONA VIRUS AWARENESS.’ 

  

The email instructs the reader to register for a compulsory survey and seminar about the deadly virus. Any healthcare team member that clicks the link and completes the registration form ends up giving their personal information to the hackers. 

This article attracted my interest because it displays various kinds of Cybersecurity attacks and helps educate me to stay safe by knowing what risks to look out for. I learned not to click on links in emails to do any registration.  

 

Source: OmniCyber 

Web Address: www.omnicybersecurity.com 

 

Comments

Post a Comment

Popular posts from this blog

System Hardening Week 12.

  Network automation offers several compelling benefits, and its impact on IT professionals is significant. Below are some advantages.   Benefits of Network Automation: It eliminates manual tasks by automating network processes. This boosts IT productivity, allowing professionals to focus on strategic initiatives that drive business growth. Network automation enables faster provisioning of critical data services, optimizes network performance, and speeds up the rollout of new services and applications. Previously infrequent network changes have become more frequent due to automation, reducing manual adjustments' time-consuming and resource-intensive nature. It helps build a reliable network for an infrastructure-as-code approach that consistently maintains network state and configuration, enhancing reliability from data centers to edge location...
Post a Comment
Read more

System hardening and networking week 5

  A Virtual Local Area Network (VLAN) is a logical network that groups devices based on their functionality, location, or security requirements. Here are some advantages of VLANs: Advantages: Improved network performance: VLANs can reduce congestion by segmenting the network into smaller broadcast domains. This reduces the amount of traffic that needs to be processed by each device, leading to faster network speeds. Enhanced network security: VLANs can isolate sensitive data and restrict access to it. This helps prevent unauthorized access to confidential information and reduces the risk of data breaches. Simplified network management: VLANs can simplify network management by allowing administrators to manage groups of devices as a single entity. This reduces the complexity of network management and makes it easier to troubleshoot network issues. Flexibility: VLANs can be easily reconfigured to meet changi...
Post a Comment
Read more