Cyber Weekly Digest - Week #37




This week in cyber security has seen an increasing number of organisations affected by ransomware attacks, Microsoft's September Patch Tuesday and $5.4 million being stolen from a Slovakian cryptocurrency exchange firm. Keep reading to hear about the biggest cyber security stories from this week.


1. Newcastle University joins the growing list of organisations hit by ransomware.


This week it was announced that Newcastle university became a victim of a ransomware attack on August 30th which has affected most of the university’s systems. In an update, the university stated that the situation would take several weeks to address. The notorious DoppelPaymer group responsible has started to post some of the "stolen" documents to its dedicated “Doppel Leaks” site. The ransom demand is unknown, but the DoppelPaymer group has been ranked as one of the “greediest ransomware families with the highest pay-off.”


2. Microsoft Patch Tuesday is the 7th month in a row to fix over 100 vulnerabilities.


Microsoft released its September Patch Tuesday which saw 129 CVEs fixed. This month marks the 7th month in a row where over 100 flaws have been patched. None of the flaws this month are known to be actively exploited or publicly disclosed; however, 23 are rated as critical. Most of these critical vulnerabilities are issues with Windows OS and browsers, SharePoint accounts for 7 of them.


3. A sophisticated phishing scam has been targeting Lloyds bank customers.