Transcript
A (0:04)
European users will get free Windows 10 Extended Security Updates Cisco patches three zero days Microsoft drops an Israeli intel surveillance contract and a UK man is arrested for the EU airport disruptions. This is the risky bulletin prepared by Catalyn Kimpanu and read by me, Claire Aird today. Today is the 26th of September and this podcast episode is brought to you by Spectrops, the experts in attack path management. In today's top story, most European users are set to receive Windows 10 Extended Security Updates for free. Windows 10 reaches end of life on October 14th. The security updates for the operating system would only have been free if users linked their PCs to their Microsoft accounts. Otherwise they would have cost $30. Following pressure from a consumer protection organ organisation in Luxembourg, Microsoft has removed the conditions for free updates. This will apply to users living in EU member states along with Iceland, Norway and Liechtenstein. Windows 10 Extended Security Updates are still free for users globally if they link their PCs to their Microsoft accounts. In other news, Microsoft has dropped a contract with the Israeli intelligence service unit 8200. The contract allowed 8200 access to use as your server infrastructure to process and analyze phone call and message data intercepted across Palestine. The contract was revealed by the Guardian in August. The so called Predator Gate spyware trial will begin in Greece next week. Two Israeli and two Greek employees of surveillance provider Intellexa are facing misdemeanor charges over marketing the Predator spyware. This the Predator Gate scandal broke in 2022 when the ruling conservative Mitsotakis government was accused of using the Predator spyware to spy on judges, senior military officers, journalists and the opposition. No Greek officials have been indicted. A controversial Greek supreme court ruling in 2024 absolved the government of any blame. An arrest has been made in the UK over the recent cyber attack that disrupted airports across Europe in A man in his 40s was arrested in West Sussex on Tuesday. He's accused of deploying ransomware on the network of Collins Aerospace. The company operates self check in kiosks installed in airports. A 17 year old who turned himself in over the 2023 Las Vegas casino hacks has been released to his parents. His next court date is in November. Conditions of his release include restrictions of cell phone and Internet use and he's unable to leave Las Vegas Clark County. He's believed to be a member of the Scattered Spider hacking group. Cisco has patched and actively exploited zero day in its iOS and iOS XE operating systems. The zero day allows authenticated attackers to elevate privileges and gain root access. Exploitation takes place via a specially crafted SNMP packet. Cisco has patched another two zero days in its ASA firewalls. The zero days were used by a suspected Chinese espionage group to target US organisations. The group is tracked as Storm 1849 and has been targeting Cisco firewalls since last year. CISA has ordered federal agencies to deploy patches by the end of the week. Two US senators have introduced a bill aimed at boosting cybersecurity in the agriculture sector. The Cybersecurity in Agriculture act would establish five regional agriculture cybersecurity centres. The centres would develop security tools for the sector, run training programs and prioritise the detection of foreign adversaries. Targeting the industry British retailer co OP lost 206 million pounds in revenue due to a ransomware attack in April. The incident took out its IT systems for weeks and exposed the data of 6.5 million customers. Co Op also expects to lose another 40 million pounds in revenue in the second half of the year. Volvo's North America division has been impacted by a breach at the company's headquarters in Sweden. Hackers stole current and former employee data from a third party IT company, Miladata, which provides HR software for Swedish companies. The same hack disrupted the activities of more than 200 Swedish municipalities in late August. Canada is investigating TikTok for collecting the personal data of Canadian children. The country's privacy watchdog says TikTok failed to prevent children under 13 from registering accounts, despite its policy stating otherwise. TikTok responded by blocking advertisers on the app from targeting anyone under the age of 18. Amazon has been fined $2.5 billion by the FTC for subscribing millions of customers to the company's prime service without their consent. $1.5 billion will be disbursed to affected customers. The remaining $1 billion is a civil penalty and around 35 million Amazon customers were affected. The settlement is the largest civil penalty in the FTC's history. The EU has opened an antitrust investigation into German software giant SAP. Officials claim the company prevented customers from using third party support services for its ERP software platform. Customers were also not permitted to cancel their SAP support service even for unused software licenses. The company is also accused of charging returning customers with reinstated statement or back support fees. Eight open source organisations are seeking financial support for managing package repositories. In an open letter, the organisation said package repositories had become free CDNs for hosting and delivering code. Repositories that rely on donations, sponsorships or grants are asking large vendors to contribute more. Signees included Pypi Maven Central Crates and OpenVSX new AI tools helped the UK government stop more than 480 million pounds in fraud during the last financial year. 186 million pounds came from recovering loan fraud committed during the COVID 19 pandemic. The technology cross references multiple government databases to detect anomalies. An Interpol operation has seized almost $440 million from cybercrime gangs this year. The funds were seized from more than 68,000 bank accounts and 400 cryptocurrency wallets. Operation HE6 targeted seven types of cyber enabled crimes from voice phishing to BEC and investment scams. And finally Google Mandiant has released a tool designed to locate Chinese backdoor malware on networking devices. The tool scans for Brickstorm, which is a backdoor used by the UNC5221APT group. The malware is typically installed on NICS based enterprise gear where EDR software isn't installed. Google says the group often targets companies in the legal and tech sectors and that is all for this podcast edition. Today's show was brought to you by our sponsor Spectrops. Find them@Spectropsio. Thanks for your company.