SoftwareOne logo

4 min to readNews and UpdatesCloud ServicesDigital Workplace

Cyber security update, September

Ravi Bindra
Ravi BindraCISO
An image of a server room with blue lights.

SoftwareOne believes there is a need for additional information when it comes to cyber security, as organisations have made it clear that investment in a proper security strategy is paramount. SoftwareOne’s monthly "Cyber security update" provides information on the most recent threats, the latest breaches and how to react to them to stay on top of malware and ransomware threats.

As this month is Cyber Security Awareness Month we mark the 20th anniversary of the initiative, looking back at the threat landscape in 2003 and how this has evolved over the last two decades.

Latest security breaches

Airbus investigates data leak allegedly involving thousands of suppliers

The European aerospace giant Airbus said on Tuesday that it is investigating a cybersecurity incident following reports that a hacker posted information on 3,200 of the company’s vendors to the dark web.

A threat actor using the moniker "USDoD" posted Monday on BreachForums that they obtained access to an Airbus web portal after compromising the account of a Turkish airline employee. The hacker claimed to have details on thousands of Airbus vendors, including names, addresses, phone numbers and emails

European Telecommunications Standards Institute Discloses Data Breach

The European Telecommunications Standards Institute (ETSI) has disclosed a data breach following a cyberattack on its member portal. ETSI is a leading organisation in the development and testing of technical standards in the fields of information and communication, including technologies such as GSM, 3G, 4G, and 5G.

ETSI has over 900 member organizations from 65 countries across the globe, including academia, government, research entities, private organizations, and public bodies. The data breach is a serious concern for the telecommunications industry, as ETSI plays a vital role in setting the standards for telecommunications technologies.

More than 3.8 billion records exposed in DarkBeam data leak

A data leak at digital protection firm DarkBeam has exposed more than 3.8 billion records, including names, addresses, phone numbers, and email addresses. The leak was discovered on September 18 by CEO of cyber security news site SecurityDiscovery, Bob Diachenko, who alerted DarkBeam to the leak. The digital protection firm immediately addressed the vulnerability and closed the leak.

Cyber security awareness

Why evolving AI threats need AI-powered cyber security

In this highly insightful Forbes article, Gabriele Fiata, Head of Cybersecurity Market Strategy, SAP discusses the need for organisations to utilise AI as a means of combating threats which themselves have been developed using AI.

Between January and February 2023, Darktrace researchers have observed a 135% increase in “novel social engineering” attacks, corresponding with the widespread adoption of ChatGPT.

In the article, Gabriele Fiata talks about the solutions SAP are co-developing with Splunk to tackle the growing number of AI threats.

MOVEit cyber attacks: keeping tabs on the biggest data theft of 2023

A useful update about the highly damaging zer-day exploit of Progress Software’s MOVEit enterprise file transfer tool which took place in May 2023. More than 2,000 organisations have reported being attacked, with data thefts affecting more than 62 million people.

The perpetrators – a ransomware gang called Clop – stole data from government, public, and business organisations worldwide, including New York City’s public school system, a UK-based HR solutions and payroll company with clients like British Airways and BBC, and others.

The article explains the steps that Progress has taken to produce patches that mitigate the risk of a similar attack in the future.

Cybersecurity Awareness Month 2023

October is Cybersecurity Awareness Month. Now in its 20th year, this aims to bring the public and private sectors to work together to raise awareness about the importance of cyber security.

This year, the focus is on four key behaviors: enabling multi-factor authentication, using strong passwords and a password manager, updating software, and recognising and reporting phishing attempts -- all essential practices in safeguarding against cyberattacks.

Cybersecurity Awareness Month 2023: What has changed and what hasn’t over the past 20 years

President George W. Bush and the US Congress originally designated October as Cybersecurity Awareness Month 20 years ago following a series of destructive cyber attacks that surprised an America largely unaware of growing internet security threats.

This article compares the types of cyber threats that posed the greatest risks in 2003 to those that pose the greatest risks in 2023, as well as those that have emerged as a result of developments in mobile communications, AI, and digital payments.

A close up of a pink and blue flower.

Speak to us about your security needs

We help you find security solutions that work for your business and budget. Speak to one of our security specialists and protect your business and your employees.

Speak to us about your security needs

We help you find security solutions that work for your business and budget. Speak to one of our security specialists and protect your business and your employees.

Author

Ravi Bindra

Ravi Bindra
CISO

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.