Perhaps a little later than usual, it is time for us to take a look at cyber security news Sep 2021. Last month yielded yet more cyber criminal activity and IoT attacks caused particular concern following the release of a report on their growth during Q1 & Q2. Apple issued a new software patch against ‘zero-click’ spyware and we also heard about an increase in attempts to steal OTPs…
IoT attacks double in 6 months
This story from Threatpost reveals that there were 1.5 billion attacks on smart devices during the first half of 2021. There were 639 million in the preceding 6-month period, meaning that IoT cyber-attacks grew by over 100%. As we all use more and more devices it is only natural then that cyber-criminals turn their attentions towards them. Working from home has also contributed to the upward trend, as has the fact that there are many more vulnerabilities emerging.
Apple issues software patch against spyware
This BBC News report looks at Apple’s efforts to combat potential ‘zero click’ spyware attempts against iPhones and iPads. A software update was rushed through in response to a ‘maliciously crafted PDF file’. The file allows hackers to access devices via iMessage even if users do not click on anything.
To all iOS users, the risk of being targeted by this skilled method is low for the majority of you. However, we still recommend that you update the security software of your device(s). Do this as soon as possible to patch up the security hole.
OTPs targeted by Telegram bots
This is an interesting read from ZD Net. It appears that telegram-powered bots are being deployed to steal one-time passwords. Required in two-factor authentication (2FA), OTPs offer a robust security solution. However, cyber-criminals are increasingly finding ways around them using methods such as social engineering or malware. Since June, they have been using a number of 2FA-circumventing services to abuse the Telegram messaging service…
That is all for your cyber security news Sep 2021. Did we pick the most interesting stories or were there others you feel should have appeared? Let us know in the comments below and do reach out if you need advice on cyber security…