As February ends, we reflect on key cyber security events – from major breaches to government cyber operations – highlighting ongoing digital threats and the need for strong security, as Marketing Co-ordinator Abbey Wright found. Here’s what made the cyber headlines:
Apple limits encrypted backup removal for UK users
Apple has quietly removed the option for UK users to delete encrypted iOS backups. While this change aligns with regulatory pressures, it raises concerns about user control over their data. Some speculate that workarounds, such as tweaking device location settings, might emerge, however, it’s still early days for testing potential bypass methods.
FBI turns the tables on Chinese-backed PlugX malware
A significant win for cyber security came this month as US and French authorities successfully neutralised the notorious PlugX malware. The FBI leveraged the malware’s own self-delete feature, wiping thousands of infections from US systems without disrupting legitimate functions. This unprecedented move showcases how law enforcement is becoming more proactive in cyber security defence, using adversaries’ own tactics against them.
Scholastic data breach exposes over 8 million users
Scholastic, the publisher behind household names like Harry Potter and Goosebumps, fell victim to a major data breach, compromising sensitive details of over 8 million individuals. The breach, orchestrated by hacker “Parasocial,” exploited weak security protocols, specifically the absence of multi-factor authentication (MFA). This incident highlights the need for MFA to defend against credential attacks, especially for those pursuing Cyber Essentials Plus certification and it shows the importance of ensuring all cloud services and accounts are secured with MFA.
Zero-click WhatsApp hack targets high-risk users
Meta confirmed that a zero-click exploit compromised WhatsApp users, specifically targeting journalists. The attack, facilitated by spyware, allowed intruders to access encrypted messages and private data without any user interaction. While such targeted attacks remain rare for the average user, they serve as a stark warning about the evolving sophistication of cyber threats.
UK’s ransomware proposals & recent cyber incidents
The UK’s National Cyber Security Centre (NCSC) is actively seeking public input on new proposals to counter ransomware threats. Given the rising number of attacks on businesses and critical infrastructure, these proposals could shape future cyber security policies. February also saw multiple cyber incidents across the UK, further emphasizing the need for businesses to adopt stronger security measures. Share your views here.
How we can help –
These recent events underline the importance of proactive cyber security measures. We help businesses stay ahead of threats through:
- Cyber Essentials & Cyber Essentials Plus Certification – Ensuring your systems have fundamental security measures in place.
- Penetration Testing & Vulnerability Assessments – Identifying weaknesses before attackers do.
- Cyber Security Awareness Training – Equipping your team with the essential knowledge and skills to recognise and prevent cyber threats, fostering a strong security culture within your organisation.
February’s cyber security incidents serve as a crucial reminder – staying ahead of threats requires continuous vigilance, proactive defence strategies, and adherence to best security practices. If you need assistance securing your business, get in touch with us today.
Stay cyber safe!
/-3.5042587517567103,%2054.70635734010168,15.5/300X450@2X?access_token=pk.eyJ1Ijoid29tYmF0Y2hyaXMiLCJhIjoiY2pqaGEyd2lzMDQ3ZDN2bWQ4OTBsa2pmayJ9.ksVq6arM13qYhr76pco33w)