ISA is committed to keeping the security community up to date with the latest cybersecurity news.
Record number of girls apply for CyberFirst courses
The National Cyber Security Centre (NCSC) in the U.K. has reported that its CyberFirst cybersecurity courses held over the summer attracted a record number of registrants, including a 60% increase in female attendees.
According to enrolment figures reported by the NCSC, the number of girls who applied for the virtual courses rose from 930 in 2019 to 1,492 this year. The number of boys who applied rose by 30%, from 1,824 in 2019 to 2,398 this year.
Executives at the NCSC were understandably enthusiastic about the results: earlier this year, the NCSC had pledged to take action to improve inclusion and diversity in the UK workforce in response to a report from the UK’s Department for Digital, Culture, Media & Sport indicating that a scant 15% of the cybersecurity workforce is female.
“I’m delighted to see that more young people are exploring the exciting world of cyber security, and it’s especially encouraging to see such a level of interest from girls,” said the NCSC’s deputy director for cyber growth, Mr. Chris Ensor.
CyberFirst (which was featured in ISA’s cybersecurity news bulletin on May 26, 2020) is a programme of opportunities designed to introduce young people aged 11-17 years to the world of cyber security. The programme features resources, courses, bursaries, apprenticeships, and an annual girls’ competition.
Warner Music suffers data breach affecting xxx
On September 3, Warner Music Group filed a breach notification sample with the California Department of Justice, disclosing that it had suffered a data breach affecting online transactions over the period between April 25, 2020 and August 5, 2020.
According to third party reports, several e-commerce websites owned by Warner Music – but hosted and supported by an unnamed external service provider – were found to have been compromised by malware. Hackers managed to install “data-skimming” code on the sites which intercepted and exfiltrated personal data including customer names, email addresses, telephone numbers, billing and shipping addresses, payment card numbers and expiry dates, and even CVV codes. Payments made through PayPal were reportedly not affected by this incident.
The data skimming malware used reportedly bears resemblance to the tools and tactics used by Magecart, a cybercrime syndicate specializing in compromising online payment forms.
The scope of the breach has not yet been confirmed, and the breach notification failed to identify which of the numerous e-commerce websites owned by Warner Music – which operates in over 70 countries globally – were affected. Warner owns some of the most popular recording labels in the world including Elektra, Warner Records, Atlantic, Warner Classics, Parlophone, and Warner Music Nashville.
As a precaution, Warner advised all customers who executed transactions during the affected window. “While we cannot definitively confirm that your personal information was affected, it is possible that it might have been as your transaction(s) occurred during the period of compromise. If it was, this might have exposed you to a risk of fraudulent transactions being carried out using your details,” read the mail-merge style breach announcement filed with the California DOJ.
The statement went on to advise customers that Warner had been quick to involve law enforcement and the payment card issuers involved, once the breach had been detected. Potentially affected customers have been provided resources on how to track and report suspicious activity on their payment cards, and have been offered a year of identity monitoring services free of charge through Kroll, a global security consulting firm.
WhatsApp launches security advisory page, reports six zero-day vulnerabilities
On September 3, WhatsApp – the world’s most popular messaging app with some two billion users worldwide – launched a new, dedicated security advisory page. The first iteration of the new page was populated with an archive of old reported bugs and a “2020 Updates” section that revealed a half dozen previously undisclosed zero-day vulnerabilities, all of which have been patched.
WhatsApp said five of the six vulnerabilities were fixed on the same day they were reported, while the sixth bug was somewhat more complicated, and took a couple of days to resolve and test. The company said it found no evidence that the bugs had been exploited in the wild.
Some of the vulnerabilities were report through Facebook’s so-called Bug Bounty Program which rewards external security researchers who detect and report vulnerabilities in any of Facebook’s products, including Instagram, WhatsApp, Messenger, and the flagship Facebook app and site. Five of the vulnerabilities were characterized as critical.
According to the introductory comments on the WhatsApp site, the new advisory page is intended to reflect WhatsApp’s commitment to transparency, and is a call-to-action for users to keep their apps current with the latest security patches and updates.