Take a look at this week's Cyber Weekly Digest where we dive into the latest cyber security news. This week has seen some major data breaches in the UK and Northern Ireland, which could leave NI police officers at risk. Keep reading to stay up to date on the biggest stories from around the world.
The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the UK between 2014 and 2022. The most concerning part of the breach is that the disclosure comes ten months after the Commission first detected the breach and two years after the initial breach occurred. As part of this attack, the threat actors accessed the government agency’s servers holding its email, control systems, and copies of electoral registers. The Commission says that the cyber attack had no impact on any elections or an individual’s voter registration. However, it did expose personal information, including full names, email addresses, home addresses, and contact numbers.
Microsoft has patched a total of 74 vulnerabilities as part of the company’s Patch Tuesday updates for August 2023. This is almost half the flaws patched last month. The update fixes six Critical, 67 Important, and one Moderate severity vulnerabilities. Two defence-in-depth updates for Microsoft Office (ADV230003) and the Memory Integrity System Readiness Scan Tool (ADV230004) are released, along with the security improvements. ADV230003 concerns an already known security flaw tracked as CVE-2023-36884, a remote code execution vulnerability in Office and Windows HTML that is actively exploited. Microsoft said installing the latest update “stops the attack chain,” leading to the remote code execution bug.
Another concerning data breach was announced this week, with all of the Northern Ireland Police Service’s employees being exposed due to “human error”. The data was exposed in response to a Freedom of Information (FOI) request where the PSNI had shared the names of all police and civilian personnel, where they were based and their roles. The details were then published online before being removed. The concerning part of this data breach is the impact it could have on the staff following the recent targeting of Northern Ireland police in attacks. Especially as many staff keep their employment secret, in some cases even from many family members.
A leading Spanish research institute has become the latest organisation in the country to come under attack from Russian hacktivists after a weeks-long geopolitically motivated DDoS attack. Local reports claimed that hacktivist group NoName057 is responsible for the DDoS attacks, which impacted at least 72 websites between July 19 and 30. The attacks follow the Spanish Prime Minister’s visit to Kyiv, expressing support for Ukraine. NoName057 has been linked to previous attacks on organisations in Ukraine allies Poland and Lithuania and presidential candidates competing in the Czech Republic.
Research has discovered that threat actors are increasingly abusing the legitimate Cloudflare Tunnels feature to create stealthy HTTPS connections from compromised devices, bypass firewalls, and maintain long-term persistence. Cloudflare Tunnels provide a range of access controls, gateway configurations, team management, and user analytics, giving users a high degree of control over the tunnel and the exposed compromised services. Researchers noted that by exploiting the Tunnels, attackers could remain undetected and conduct activities on the victim’s devices.
Comments