Security agencies in the UK and USA have issued advice to organisations involved in the coronavirus response, after it was revealed that they are being targeted by malicious cyber campaigns.

The report, jointly published by the NCSC and the US Cybersecurity and Infrastructure Security Agency (CISA), exposed a large-scale ‘password spraying’ campaign by advanced persistent threat (APT) groups against international healthcare, pharmaceutical, and research organisations.

APT groups target such organisations to gather bulk personal information, intellectual property, and intelligence that aligns with national priorities.

Organisations that have been targeted are advised to change any passwords that could be reasonably guessed to one created with three random words, and to implement two-factor authentication to mitigate the risk of compromise. 

You can read the full advisory here, but you may also find the following guidance for businesses useful:

The recently launched Cyber Aware campaign also provides actionable advice for individuals and their families on how to stay secure online, including how to protect passwords, accounts and devices. 

Microsoft flags known issues ahead of May 2020 Update

In a blog post, Microsoft has detailed the known issues with its upcoming Windows 10 May 2020 update. It does say that these will only affect a small group of users and be fixed in future servicing releases.

The Windows 10 update was planned to be generally released on the 12 May. Windows Latest and other outlets are reporting that this will now be pushed back to the 28 to allow more time for bug fixing.

Support for those organisations running the new update will be available for select Windows 10 Enterprise and Pro editions customers. 

Our advice on evaluating the security impact of IT resources can be found in our Secure development and deployment guidance. We recommend organisations apply feature updates at the earliest opportunity, once sufficiently tested as per our Windows 10 EUD guidance. Organisations should consider if any changes are required to their normal update procedures as a result of increased remote working where support and recovery may be more difficult.