Welcome to Friday’s news overview – this is the place where we keep you up to date on the latest technology updates, cybersecurity news, and more. Here’s what’s going on in the tech world today:

leaky cloud apps

Misconfigured cloud services are causing mobile apps to leak data

Thousands of iOS and Android applications have been caught leaking user data, due to developers not implementing the correct security controls. Huge amounts of mobile users’ personal information was up for grabs: a transport app was found to be leaking payment data, a mobile wallet app was accidentally releasing session data and financial info, and medical apps were exposing test results alongside profile pictures of the people those results belonged to. Not ideal.

Around 14% of the 1.3+ million public cloud service-reliant apps that were scanned didn’t have the right security settings in place. Network credentials, system configuration files, and server architecture keys were discovered online, and were relatively easy to access.

Security researchers who found the problem had this to say: “A lot of these apps have cloud storage that was not configured properly by the developer or whoever set things up and, because of that, data is visible to just about anyone. And most of us have some of these apps right now,” Read more here.

Star Alliance experiences a data breach

The aviation sector just can’t catch a break this week. First it was Malaysia airlines suffering a cyber attack, now Star Alliance has also fallen victim to a data breach of its own.

The breach was the result of a “highly sophisticated” attack on Sita, Star Alliance’s IT provider – and also a provider to Malaysia Airlines, New Zealand Air, Jeju Air (South Korea), as well as 90% of the global aviation industry. The breach resulted in vast amounts of frequent flyer data being exposed.

Sita had this to say: “We recognise that the Covid-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.


Person typing on keyboard

Improving Critical Infrastructure Cybersecurity

There are almost no aspects of our modern lives that are not supported by some form of critical infr...

Virtual Information Security Manager

IoT Cybersecurity Challenges and Solutions

In this latest article, we will explore the challenges IoT Cybersecurity challenges the industry fac...

Colonial Pipeline tech news infosec hackers ransomware

Cyber Essentials Guide Summary

Organisations rely heavily on digital infrastructure and technology; therefore, the importance of cy...