|
It's spring now in the UK, the days are brighter and the air is warmer - not to mention Easter is just round the corner which bares chocolate eggs and hot cross buns for all!
You may have seen on various social media channels, Sophia and Sarah have now joined their friends at the Ladies of Cheltenham Hacking Society and are now admin members for the chapter! Have no fear, they'll still be Security Queen-ing too - so keep an eye out for blogs and content in the months to come.
Earlier in the month we celebrated International Women's Day - we would like to take a moment to highlight the brilliance of women in our industry, and a shoutout to all the women doing amazing things across the globe.
The next Cyber House Party event is coming up on April 1st (5pm BST) - it's free to attend and a great opportunity to virtually meetup with fellow security peers. Even better, it also supports UK charities too!
Moving onto industry news, it's been a little quieter this month. Recently a selection of high severity Linux network security holes were found by Linux security develoiper Alexander Popov. Several security holes in the Linux kernel virtual socket implementation were discovered, that could grant root access or be leveraged to knock out servers, but thankfully promptly fixed to prevent exploitation.
At the start of the month Malaysia Airlines revealed it had been a victim of a nine-year security breach. The incident started in March 2010 an reportedly ended in June 2019. Personal data of frequent flyers, including names, date of birth and contact information, were compromised - although Malaysia Airlines have said that there is no evidence of misused personal data.
It was recently reported that 21 million free VPN users' data was exposed, including credentials and payment information. The VPN services affected include SuperVPN, GeckoVPN and ChatVPN.
Police in Bournemouth have urged local residents to turn off Bluetooth due to a rise of Bluebugging in the area. Bluebugging is a hacking technique that allows attackers to obtain control of a device via. Bluetooth, and often involves dropping malicious files to victims.
In the age of e-learning in a COVID world, 15 schools in the United Kingdom were unable to provide online learning due to a cyberattack. The schools were all based in the Nottinghamshire area and reportedly had to shut down IT systems due to the attack. 23 schools in Bristol fell victim to a ransomware attack, forcing schools to similarly cancel live lessons and postpone parent teacher evenings.
Microsoft recently had to issue an emergency patch for a series of exploited 0-days in Exchange. The 0-days identified by Microsoft effect Microsoft Exchange Server 2013, 2016 and 2019 and have supposedly been exploited by nation-state actors based in China.
As we move towards a connected future, there are growing concerns about the security of connected devices and the Internet-of-Things. Recently hacktivists breached a security company to gain access to 150,000 camera feeds for a timeline of approximately 48 hours. Attackers supposedly did not cause any damage, but rather accessed the company servers to raise the awareness of mass surveillance.
Technology giant Acer suffered a cyber attack last week, with hackers demanding a $50 million ransom. Acer fell victim to a REvil ransomware attack that reportedly exploited vulnerabilities in Microsoft Exchange which was previously mentioned in the newsletter.
We hope everyone has a well-deserved Easter break, thank you once again for supporting us and subscribing to our newsletter.
You can find our most recent blogs below!
Lots of love,
The Security Queens xxx
 
|
