As November comes to an end and the festive period is just around the corner, we look for the positives in the news such as the COVID-19 vaccine, Black Friday sales and a potential Christmas proposal allowing households to mix for five days around holidays. However, in the Tech and I.T. industry headlines have mostly been dominated by cyber threats, but it’s not all bad news.
This week we delve into the security flaw that may have put users of dating app Bumble at risk, coronavirus vaccine manufacturers becoming targets for cyberattacks, how cybercriminals are taking advantage of digital shoppers this Christmas and Vodafone offering free connectivity to 250,000 school children.
Let’s bring you up to date.
Bumble fixes security issue and denies cyberattack
Bumble is one of many online dating apps that has gained in popularity in recent months, with many people turning to internet dating during the second COVID-19 lockdown.
Research, conducted by the Independent Security Evaluators (ISE) in California, found that sensitive information about Bumble users could have been easily stolen by cybercriminals.
Bumble’s API reportedly failed to perform necessary checks to determine whether a request issuer was authorised to perform specific actions, and limits were not set on the number of requests that could be sent, putting users at risk and making it possible for attackers to access data from Bumble’s servers.
In addition, if the Bumble user’s profile was also connected to Facebook, hackers had opportunity to gain access to more sensitive data, including images uploaded to the app and the user’s location.
Bumble reassured users saying no cyberattack had occurred, they had fixed the security issues and users were safe to continue enjoying the app. Sanjana Sarda, a security analyst at ISE commented,
“When retesting for the following issues on November 11, 2020, certain issues had been partially mitigated. Bumble is no longer using sequential user IDs and has updated its previous encryption scheme. This means that an attacker cannot dump Bumble’s entire user base anymore using the attack as described here.”
Read more here.
Pharmaceutical companies developing COVID-19 vaccine become targets for cyber attacks
Pharmaceutical companies currently manufacturing the COVID-19 vaccines have been warned that they may become targets for cyberattacks, including intellectual property theft as well as attacks that would target production in order to reverse economic advantage.
Rami Efrati, former head of the National Cyber Bureau commented
“The threat of stealing the vaccine and then selling it on is very real, but so is deliberate interference with the production line itself.”
As the world waits for a vaccine, if cybercriminals were able to get a hold of the vaccine they would then be able to change the ingredients and quantities, which could result in the wrong formula being released or for production to halt.
Explore more here.
Cybercriminals taking advantage of rise in digital Christmas shoppers
Cybersecurity specialists, McAfee, released findings from its 2020 Festive Season: State of Today’s e-Shopper survey, revealing that more consumers are at risk of scams via the internet whilst online shopping.
With online shopping being a safe and easy way to purchase gifts for Christmas, many people may not be aware of the potential threats that lie within their favourite websites.
Of those surveyed 40% said they were planning on doing Christmas shopping online this year but many worried about falling for online scams¬. Almost half of 18 to 24 year olds asked claimed they had already been the victim of a Christmas shopping scam, many of them losing money as a result. However, the threat is not just with shopping as nearly a third (31%) of consumers expect to spend more time online during the Christmas period, whether that be working remotely, playing online or connecting with family.
Raj Samani, McAfee Fellow and Chief Scientist commented
“Many are wondering what this year’s Christmas will look like as consumers’ shopping behaviours continue to evolve and adapt to the challenges faced throughout 2020. With results showing the growing prevalence of online shopping, consumers need to be aware of how cybercriminals are looking to take advantage and take the necessary steps to protect themselves, and their loved ones, this festive season.”
Read more about McAfee’s tips to stay safe this Christmas here.
250,000 school children to be given free connectivity by Vodafone
And finally, some good news! Vodafone UK has created a scheme in which 250,000 school children across the UK will be given data SIMs to help them access school work from home, catch up on lost learning during school holidays and, if they are required to isolate, to continue their education.
The launch of this emergency package follows consultations by the company with head teachers and education trusts. Consultations showed that many children are finding it difficult to access educational support from home due to the lack of connectivity.
Nick Jeffery, CEO of Vodafone UK says
“Our focus throughout this crisis has been keeping the UK connected. We know many hundreds of thousands of children in the UK can’t access education from home because they don’t have the right connectivity – this means children already at a disadvantage could fall further behind.”
Due to the COVID-19 pandemic, the need to keep children connected to education has never been more essential as it is estimated that children in England are around three months behind their studies due to current restrictions.
Discover more here.
Those were just some of this week’s top stories but if you want more content, follow us across our four social media channels: