Transcript
Claire Aird (0:04)
Android looks set to get its own lockdown mode, China overhauls cybersecurity and privacy laws, A crypto platform gets hacked for $70 million and Greece's intel Agency is set to hire more hackers. This is the risky bulletin prepared by Catalyn Kimpanu and read by me, Claire aird. Today is the 4th of April and this podcast episode is brought to you by Kroll. Find them@kroll.com cyber Google is working on an extra secure mode for Android that will mimic Apple's lockdown mode. The Android Advanced Protection Mode will disable 2G connections, block app sideloading and harden the operating system against memory corruption attacks. The feature will also reboot devices if they've been locked for more than three days. Google is expected to announce the feature at its annual developer conference and will likely launch it with the release of Android 16 later this year. The UK government is planning to expand its definition of critical infrastructure to include more data centres and managed service providers. The provision is part of a new cybersecurity bill to be voted on later this year. The bill will increase the cybersecurity compliance requirements for critical sectors and organisations that support them. Companies that fail to comply risk fines of up to £100,000 per day. The Chinese government is amending its cybersecurity law to increase fines and liability for non compliant companies. Fines will increase for organisations that fail to report security breaches, collect personal data without consent and sell products that don't meet security standards. Fines may be reduced for first time violations, small breaches or responding quickly to minimise harm. As part of the overhaul, China's Cyberspace Administration is also updating the country's privacy law. This includes new rules for the design of apps, apps, the use of SDKs and use of collected data. Greece's intelligence service will hire 30 agents this year to help bolster its cybersecurity capability. The hiring is part of a larger plan to add 300 total roles in 2025. The intelligence agency has a controversial public image in Greece because of the 2022 Predator gate surveillance scandal. The agency used commercial SP spyware to hack journalists and political opponents at the direction of the ruling party. Hackers have breached the IT systems of Poland's pro EU ruling party Civic Platform. Polish Prime Minister Donald Tusk described the attack as having an eastern footprint and called it election interference. Poland will hold its presidential election next month. Avanti has released security updates to fix an actively exploited zero day in its Connect Secure, Policy Secure and ZTA enterprise gateways. The patch fixes a buffer overflow that attackers were exploiting for pre auth remote code execution. Google has linked the attacks to a Chinese APT group with a history of targeting Ivanti products, including campaigns in January 2024 and 2025. A hacker has leaked 144 gigabytes of data from the UK's Royal Mail. The leak allegedly contains customers personal information, zoom recordings, mailing lists and delivery locations. Royal Mail has confirmed the breach and said it originated from Spectos, a German company that provides postal and logistics software. A glitch in T Mobile's sync up tracking service resulted in customers being shown the locations of other users. The service is commonly used by families to track children and the elderly. One parent reported being able to see the location of eight random children, but not her own. T Mobile said the incident resulted from a planned technology update and the issue has been resolved. A hacker has stolen more than $70 million in crypto assets from cryptocurrency payment platform UPCX. The company suspended operations to investigate the hack, but said that all user funds were safe. Blockchain security firm Cyvis said the hack occurred after the attacker gained access to one of the platform's smart contracts. The incident is this year's second largest crypto heist, but still a lot smaller than Bybit's $1.5 billion mega hack. Microsoft has launched a new feature for Windows 11 that applies security updates without the need to immediately restart. The new hot patch feature will mean customers only have to reboot once per quarter. It's only available for enterprise users. Apple has turned on Automatic updates for macOS and iOS users. The change rolled out in this week's updates. The move may surprise some sysadmins who want to control when updates are applied to their whole fleet. Taiwanese company Draytek has said that a recent wave of router disconnects and reboot loops was caused by the exploitation of a vulnerability that was patched in 2020. The company said only routers that ran outdated firmware were affected. And finally, Internet tunneling service Ngrok has blocked users from Russia, citing US Sanctions. Ngrok joins a growing list of Western companies blocking Russian users. The service is often abused by Russian cybercrime groups to disguise their intrus. And that is all for this podcast edition. Today's show was brought to you by our sponsor Kroll. Find them@kroll.com cyber thanks for your company.