A month of heightened security alerts
October was National Cybersecurity Awareness Month. Its an annual campaign to raise awareness about cybersecurity.
Core objective is building resilience in critical infrastructure been crucial to national security. The essential infrastructure systems that support the nation daily lives—such as electricity, financial institutions, and transportation—must be protected from cyber threat.
Such awareness affects all Zambian users of the internet as the products from Microsoft Windows to Apple Safari, Google Chrome and macOS come from America.
And so as the month of October concluded some security concerns were addressed that affected all users of Apple and all internet users all over Zambia. Issues ranging from CMS platform to the use of mobile devices.
Apple has released multiple security updates
The updates are to fix vulnerabilities that can allow a hacker easily get get into system with remote execution of code.
The security updates include
- Cloud for Windows 7.1 – Multiple memory corruption issues were addressed with improved memory handling.
- iOS 11.1 – This iOS was expected and if you had not upgraded to 11.0.2 or 11.0.3 this is the time to do it. 11.1 addresses a lot of issues in the Wifi module, Siri and many more
- Itunes 12.7.1 for Windows
- Safari 11.1
- tvOS 11.1
- watchOS 4.1 and
- macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan(link is external)
WordPress Releases Security Update
WordPress 4.8.3 is rolled out for update. WordPress versions prior to 4.8.3 are affected by a vulnerability. A remote attacker could exploit this vulnerability to obtain sensitive information.
“WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability.” Reports WordPress
Google also had some stable channel updates to Android, macOS, iOS and Windows
Zambia must also look to certain dates that should be assigned to make aware the Zambian citizens issues affecting the national cyber security. Issue authoritative updates and guidance to incidences and advisory source of information.
I know ZICTA is mandated but are they doing enough to alert the nation about these isues