With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. Because of this, cybersecurity remains a critical concern for organisations, governments, and individuals. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.
This week it was revealed that millions of AT&T customers were affected by a potential data exposure, news surfaced that Google had patched exploited vulnerabilities, and a new study found that the UK’s cyber preparedness is lower than the global average.
Google Patches Exploited Pixel Vulnerabilities
In a recent security update, Google addressed 28 vulnerabilities in the Android operating system and 25 additional bugs specific to Pixel devices. Two of the patched vulnerabilities were being actively exploited in the wild, impacting Pixel's bootloader and firmware (CVE-2024-29745, CVE-2024-29748).
Vulnerability detection and management is a crucial part of securing an organisation’s attack surface.
Millions of AT&T Customers Affected by Potential Data Exposure
AT&T recently confirmed the exposure of personal information belonging to an estimated 73 million current and former customers. This data, found on the dark web, included sensitive details like addresses, Social Security numbers, and passcodes.
While AT&T claims no evidence of a direct data breach from their systems, they've engaged cybersecurity experts for a thorough investigation. As a precaution, the company has already reset customer passcodes.
UK Cyber Preparedness Lower Than Global Average, Report Finds
A new study paints a concerning picture of cybersecurity preparedness in the UK. Only 2% of organisations are considered truly resilient against modern cyber threats, falling far short of the already low global average of 3%.
The analysis reveals a significant gap, with nearly 75% of UK businesses in the early stages of cybersecurity readiness. Just a mere 2% have achieved the necessary "Mature" level of protection.
Despite this concerning reality, there seems to be an awareness of the growing threat. A significant 96% of companies surveyed plan to increase their cybersecurity budgets in the coming year. This urgency likely stems from the high number of businesses (70%) anticipating a security incident to disrupt their operations within the next two years.
Not sure where to start with protecting your organisation? Our experts have provided these tips.
Millions of SurveyLama users have data exposed in major breach
SurveyLama, a popular online survey platform, revealed a data breach impacting over four million users. This breach, confirmed in February 2024, exposed sensitive personal information including names, birthdays, email addresses, IP addresses, phone numbers, and even home addresses.
The attackers gained access to user passwords as well. While these passwords were encrypted using various hashing methods, some, particularly those with weaker SHA-1 encryption, could be vulnerable to cracking attempts. This puts users at risk of common cyber threats, like phishing scams.
City council says confidential documents shared online after cyberattack
Leicester City Council recently confirmed the online publication of confidential documents following a cyberattack last month. The attack forced the council to shut down its IT systems.
According to the council, a ransomware group has released approximately 25 sensitive documents. This leaked data includes rent statements, applications for council housing, and identification documents containing passport information.
At least a dozen Westminster insiders targeted in WhatsApp phishing attack
Cybersecurity experts raised concerns about a recent phishing campaign targeting individuals in Westminster. Over a dozen individuals, including a government minister, reported receiving suspicious WhatsApp messages in the past six months. These messages, believed to be part of a phishing attempt, originated from two unknown mobile numbers.
Remaining well-informed about the latest developments in the industry is paramount in combating cybercrime. By staying abreast of relevant news, leaders can make informed decisions, proactively implement security measures, and effectively protect their organisations from cyberattacks. Maintaining a vigilant mindset, adhering to best practices, and leveraging cutting-edge technologies are all essential elements in constructing a secure digital future.