This week’s Knowledge Update talks about Forever 21 having confirmed security which exposed customer credit card details, the ‘worst ever’ CPU bugs that affect virtually all computers and 2017 being described as ‘cyber-geddon’.
Forever 21 Confirms Security Breach Exposed Customer Credit Card Details
Forever 21 has now confirmed that hackers stole credit card information from its stores throughout the country for several months during 2017. Forever 21 has not yet confirmed the total number of customers that were affected by the breach, but it did confirm that the malware was installed on some point of sale systems in stores across the USA between April and November (7 months). According to an ongoing investigation, the malware was designed to search for and steal customer credit card data such as numbers, expiration dates, verification code and even in some cases, cardholder names.
If your organisation handles credit card data then you need to comply with Payment Card Industry Security Standards, get started here.
Meltdown and Spectre: ‘worst ever’ CPU bugs affect virtually all computers
Everything from smartphones and PCs to cloud computing is affected by a major security flaw found in Intel and other processors – and the fix could slow devices! Meltdown is currently thought to primarily affect Intel processors manufactured since 1995, excluding the company’s Itanium server chips and Atom processors before 2013. It could allow hackers to bypass the hardware barrier between applications run by users and the computer’s core memory.
Apple and Microsoft have patches ready for users for desktop computers, while a patch is also available for Linux. Microsoft said it was in the process of patching its cloud services and had released security updates on the 3rd January for Windows customers.
The New Year starts with a fresh reminder of how important it is to ensure software updates are deployed across the devices in your organisation.
If 2017 could be described as ‘cyber-geddon’, what will 2018 bring?
2017 saw the proliferation of cyber attacks targeting public and private institutions alike, from the global ransomware attacks of Wannacry to targeted attacks against organisations like Equifax. The release of hacking scripts have placed widely used software at risk, increasing the vulnerabilities of businesses of all shapes and sizes.
As the reach of the internet expands and businesses and countries become increasingly reliant upon digital infrastructure the damage done by cyber attacks will only increase. In such an environment it is important for your organisation to be better protected. Cyber Essentials provides a framework, backed by the UK government, for businesses to improve their information security. More information can be found here.
