Critical Security Update (2024 April 11)
Critical Security Update
Apple Devices Targeted, Windows Vulnerabilities Patched, AI Malware
Risk 1: HIGH
Issue: Apple has announced that iPhone devices are currently under a large scale attack, across 92 countries. They are calling this a mercenary spyware attack allowing remote data access. Apple is notifying individuals directly via their Apple ID e-mail.
Resolution: This is a huge concern, which can be clearly validated by the fact that Apple is notifying people directly. Please monitor your Apple ID e-mail for a possible notification from Apple. Given this is a targeted attack, Apples does not have a timeline for when it is expected to stop.
Risk 2: Low
Issue: The first globally recognized AI-written and deployed malware was detected and verified in Germany. The e-mail passed both grammar and content scanners for validity and was permitted through all malware scanners.
Resolution: This is a small, new-age new that is rising in concern. The resolution at the moment is to take ongoing precaution with e-mail usage and only open and reference e-mails you are expecting.
Risk 3: HIGH
Issue: Microsoft has released two security updates for Windows that are urgent in nature. The update was pushed out over the last 2 days but was mislabeled as non-urgent. This was connected to to a Windows update earlier this week of 26 total changes; 2 were not categorized correctly.
Resolution: Given the mis-labelling, it is important to go in and force a Windows update as some of the current urgent updates may have been delayed.
Announced Data Breaches
AT&T Data Breach Expanded
Group Health Cooperative (South Wisconsin)
LG (Particularly their TVs)