📨September was full of news, cyberattacks, awareness campaigns... So we're breaking down the last thirty days with the help of your trusted CSIRT.

Alerts
🏫At Elche City Hall, a ransomware group hijacked the municipality's data, demanding one million euros in exchange. For several days, the entity was blocked, unable to carry out any procedures.

📱WhatsApp, the world's largest online messaging company, was the victim of a zero-click attack. Users received links in their chats, and as soon as they accessed their inbox, they lost their data.

📱Samsung's zero-day vulnerability was caused by out-of-bounds writing resulting from arbitrary code. The tech giant had flaws in its systems, and cyberattackers exploited these vulnerabilities to gain access. ✈️35,000 passengers were affected by the cyberattack against Collins Aerospace by pro-Russian groups, paralyzing Europe's major airports. This attack highlighted the fragility of the system in the digital age, since a single direct attack on government agencies can paralyze the terminals of the largest airports on a continent.

📨Awareness

🕵️‍♂️With the wave of attacks this month, it was crucial to raise awareness about ransomware criminal groups. Currently, attackers are organized criminal groups with a business structure who also benefit from insurance to protect their operations, due to their profitability. These groups are also known as ransomware gangs.

🚌September is back-to-school season, so it is essential to protect the youngest students. We join INCIBE's initiative to promote a safe return to classrooms, following their guide for teachers and parents. 📱Apple released its most significant update to date, reminding us that it's crucial to keep our devices updated.

📨Highlights
🧓On October 2nd, we celebrated International Day of Older Persons. Seniors are the most vulnerable group to online scams, phishing, and other types of attacks that exploit their lack of knowledge to steal money or identity. By promoting cybersecurity practices among our seniors, we can protect their data and savings.

To stay up-to-date with our latest news, don't forget to follow us on X and LinkedIn. Also, visit our website where you'll find our training opportunities, cyber exercises, and a wealth of interesting content about the exciting world of cybersecurity.

See you next time!

Best regards,
CSIRT-CAN Team