Friday, September 18, 2020

Growing Dark Web Data Dumps Are Fueling New Cybercrime


Dark Web data dumps have always been a source of fodder for cybercriminals. However, a dramatic increase in the quantity and quality of data that is available inexpensively or for free on the Dark Web is a key contributor to an explosion of cybercrime in 2020 (like ransomware or credential stuffing attacks) that can devastate your business.  

It’s estimated that 65% of the data on the Dark Web now can damage businesses, and more is being added every day through the release of information obtained in previous cyberattacks and the addition of information that’s been gathered about companies and populations.

One of the most common ways that new information fuels cyberattacks is through a data dump. Dark Web data dumps are huge quantities of information added to the pool that cybercriminals can draw from to power cyberattacks like ransomware, credential stuffing, and phishing. Everything from reams of email addresses to sensitive employee and security information to driver’s license records from around the world is making its way into the slurry of Dark Web data dumps.

That’s why it pays to have constant, reliable Dark Web monitoring and analysis through a solution like Dark Web ID to watch for your company’s protected employee credentials to hit the Dark Web. You can also add additional protections for privileged administrator and executive credentials. 

Dark Web ID uses human and machine intelligence to keep an eye on every shady corner of the Dark Web 24/7/365. If your protected passwords or credentials are spotted entering a Dark Web marketplace, you’re alerted to the potential danger quickly, giving you time to take action against attacks.

With the constant stream of information flowing into Dark Web data markets growing every day, it makes sense to make sure that you’re watching for trouble so that you can stop cyberattacks before they start.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

As Students Go Back To School Virtually, Cybercriminals Are Logging In Too



Many school districts in the US and other countries are pursuing distance education this fall as the COVID-19 pandemic continues to impact in-person gatherings. As school systems rely on technology like email and video conferencing to teach classes, cybercriminals are making the most of this opportunity to score paydays and information from a sector that isn’t ready for them – considering the dismal state of cybersecurity education in the US, it stands to reason that schools’ cybersecurity isn’t much better. 

Traditionally, schools and universities aren’t major targets for cybercrime. Public school systems, individual private or religious schools, community colleges, and universities haven’t traditionally been worth the trouble, since few schools could offer a rich ransomware payoff or valuable research and development data to make it worth a cybercriminal’s time. 

That’s all changed in the new era of distance learning. Cybercriminals are regularly targeting school systems of every size and stripe to deploy ransomware and collect payments quickly as they disrupt distance learning. Incidents are popping up everywhere including: 

And the list goes on. An influx in cyberattacks on schools isn’t just bad news for school systems either. Businesses can be impacted by these incidents as well when parents and students share the same WiFi networks and devices

Add Protection to Prevent Intrusion

The fastest, easiest way for any business to immediately add a strong layer of protection between crucial systems and data and bad actors is to add a strong, fast-deploying secure identity and access management solution like Passly

The combined power of Multifactor Authentication and Single Sign-On with simple remote management means that IT staffers can more easily guard and control the gateways that give access to information – letting the right people have access to the right things, anytime, anywhere, and keeping cybercriminals out.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

The Stakes Are Rising As Breach Penalties Expand

The Stakes Are Rising As Breach Penalties Expand

The former CSO of Uber was charged with obstruction of justice and misprision of a felony this week for his role in an alleged coverup of the notorious 2016 data breach which impacted an estimated 57 million individuals. What does that mean for companies that suffer a breach now, and what can you do to reduce your breach risk?

Breach penalties have been steadily increasing worldwide as regulators and lawmakers respond to public pressure to hold executives and companies to account that play fast and loose with data protection or attempt to cover up incidents. and the penalties aren’t just monetary – legal implications for executives and companies are becoming more common, especially if companies are uncooperative in investigations. 

So what can you do right now to prevent a costly data breach? Add a secure identity and access management solution. A solution like Passly that combines multifactor authentication, secure shared password vaults, single sign-on, and simple remote management increases your company’s compliance with data safety best practices and protocols while also protecting your systems from cybercrime.

Adding better protection against hackers is essential for protecting not only your data, but it’s also essential for protecting your business. Between the exorbitant cost of recovery and the regulatory nightmares that can follow a sensitive data breach, investing in a secure identity and access management solution now to guard your gateways is a small price to pay for greater peace of mind.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Thursday, September 3, 2020

Growing Dark Web Data Dumps Are Fueling New Cybercrime

Growing Dark Web Data Dumps Are Fueling New Cybercrime

Dark Web data dumps have always been a source of fodder for cybercriminals. However, a dramatic increase in the quantity and quality of data that is available inexpensively or for free on the Dark Web is a key contributor to an explosion of cybercrime in 2020 (like ransomware or credential stuffing attacks) that can devastate your business.  

It’s estimated that 65% of the data on the Dark Web now can damage businesses, and more is being added every day through the release of information obtained in previous cyberattacks and the addition of information that’s been gathered about companies and populations.

One of the most common ways that new information fuels cyberattacks is through a data dump. Dark Web data dumps are huge quantities of information added to the pool that cybercriminals can draw from to power cyberattacks like ransomware, credential stuffing, and phishing. Everything from reams of email addresses to sensitive employee and security information to driver’s license records from around the world is making its way into the slurry of Dark Web data dumps.

That’s why it pays to have constant, reliable Dark Web monitoring and analysis through a solution like Dark Web ID to watch for your company’s protected employee credentials to hit the Dark Web. You can also add additional protections for privileged administrator and executive credentials. 

Dark Web ID uses human and machine intelligence to keep an eye on every shady corner of the Dark Web 24/7/365. If your protected passwords or credentials are spotted entering a Dark Web marketplace, you’re alerted to the potential danger quickly, giving you time to take action against attacks.

With the constant stream of information flowing into Dark Web data markets growing every day, it makes sense to make sure that you’re watching for trouble so that you can stop cyberattacks before they start.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

As Students Go Back To School Virtually, Cybercriminals Are Logging In Too

As Students Go Back To School Virtually, Cybercriminals Are Logging In Too


Many school districts in the US and other countries are pursuing distance education this fall as the COVID-19 pandemic continues to impact in-person gatherings. As school systems rely on technology like email and video conferencing to teach classes, cybercriminals are making the most of this opportunity to score paydays and information from a sector that isn’t ready for them – considering the dismal state of cybersecurity education in the US, it stands to reason that schools’ cybersecurity isn’t much better. 

Traditionally, schools and universities aren’t major targets for cybercrime. Public school systems, individual private or religious schools, community colleges, and universities haven’t traditionally been worth the trouble, since few schools could offer a rich ransomware payoff or valuable research and development data to make it worth a cybercriminal’s time. 

That’s all changed in the new era of distance learning. Cybercriminals are regularly targeting school systems of every size and stripe to deploy ransomware and collect payments quickly as they disrupt distance learning. Incidents are popping up everywhere including: 

And the list goes on. An influx in cyberattacks on schools isn’t just bad news for school systems either. Businesses can be impacted by these incidents as well when parents and students share the same WiFi networks and devices. 

Add Protection to Prevent Intrusion

The fastest, easiest way for any business to immediately add a strong layer of protection between crucial systems and data and bad actors is to add a strong, fast-deploying secure identity and access management solution like Passly. 

The combined power of Multifactor Authentication and Single Sign-On with simple remote management means that IT staffers can more easily guard and control the gateways that give access to information – letting the right people have access to the right things, anytime, anywhere, and keeping cybercriminals out.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Breach News This Week – United States

Breach News This Week – United States 


United States –  Southeastern Pennsylvania Transit Authority

https://www.govtech.com/public-safety/Malware-Attack-Stifles-Philadelphia-Area-Transit-Agency.html?&web_view=true

Exploit: Ransomware

Southeastern Pennsylvania Transit Authority: Municipal Transportation Agency 

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

Risk to Business: 1.802 = Severe 

An attack on its servers brought many operations at the Southeastern Pennsylvania Transit Authority to a screeching halt. Starting Aug. 10, SEPTA was unable to provide real-time updates to riders. At the same time, SEPTA staffers were unable to access basic business applications like email and project files. The agency has already been having difficulty with operations and morale internally, and this has not helped the cause. 

Individual Risk: No personal or financial information was reported as compromised in this incident, including SEPTA Key cards.

Customers Impacted: 308K + riders and 9,200 employees

How it Could Affect Your Customers’ Business: Not only are customers inconvenienced, ongoing technology troubles with no definite cause, poor communication on all fronts, and no end in sight doesn’t just impact your customers, it also destroys your employees’ morale, leading to hiring and retention problems as well as malicious insider threats. 

ID Agent to the Rescue: Having a solid digital risk protection plan in place helps companies maintain a clear plan of attack if they have a cybersecurity incident. Our digital risk protection platform helps guard against digital risk and supports business continuity. LEARN MORE>>


United States – Valley Health Systems

 https://securityaffairs.co/wordpress/107580/cyber-crime/valley-health-systems-revil-ransomware.html?web_view=true  

Exploit: Ransomware

Valley Health Systems: Healthcare Organization 

cybersecurity & breach news represented by a gauge showing severe risk  & Breach News This Week

Risk to Business: 2.177 = Severe 

Netwalker ransomware appears to be the culprit in a data breach at the University of Utah. The school reportedly paid a ransomware gang $457,059 in order to avoid having student information released online. The hack occurred on July 19, and the cybercriminals gained access to the network of the university’s College of Social and Behavioral Science [CSBS]. 

cybersecurity news represented by a gauge showing severe risk  &Breach News This Week

Individual Risk: 2.224 = Severe 

Even when a ransom is paid, there’s never proof that the gang really did destroy the stolen data, instead of copying it or selling it. Students should be aware of this data being used in spear phishing attempts. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is everywhere and it’s most commonly delivered through a phishing email, and this gang has been particularly active lately, especially against healthcare targets as COVID-19 research and treatment data remains a hot commodity in Dark Web markets. 

ID Agent to the Rescue: Graphus is a smart AI-driven automated phishing defense solution so unique that it uses a patented algorithm to learn how businesses communicate for exactly the protection they need to put three layers of protection between a phishing email and an employee inbox. LEARN MORE>>


United States – Utah Pathology

https://kutv.com/news/local/breach-exposes-critical-patient-data-of-more-than-100k-at-utah-pathology-services?&web_view=true

Exploit: Unauthorized Access to Data

Utah Pathology: Healthcare Service Provider 

cybersecurity news represented by a gauge showing severe risk  Breach News This Week

Risk to Business: 1.775 = Severe

A breach was uncovered when an unknown party attempted to redirect funds from within Utah Pathology, revealing an intrusion that exposed sensitive data and PII including date of birth, gender phone number, mailing address, email address, insurance information including ID and group numbers, and clinical and diagnostic information related to pathology services and for a smaller percentage of patients, their Social Security number.

cybersecurity news represented by a gauge showing severe risk Breach News This Week

Individual Risk: 1.774 = Severe

Letters have been mailed to those patients whose information was impacted and the practice has made the services of security company Cyberscout available to those with exposed data free for 12 months.

Customers Impacted: 112,000

How it Could Affect Your Customers’ Business: Health care information is at a premium right now because it is a hot seller on the Dark Web. But a healthcare data breach doesn’t just expose information, it also exposes you to regulatory scrutiny and data privacy violation fines. 

ID Agent to the Rescue:  Information like this often ends up in a Dark Web data dump, waiting to fuel future cyberattacks. Keep an eye on your protected credentials 24/7/365 with Dark Web ID. SEE A DEMO>>


United States – Houston United Memorial Medical Center

https://www.databreaches.net/already-in-the-midst-of-a-crisis-a-houston-hospital-was-attacked-by-ransomware/

Exploit: Ransomware

Houston United Memorial Medical Center: Regional Hospital  

cybersecurity news represented by a gauge showing severe risk  &  Breach News This Week

Risk to Business: 1.612 = Severe 

Althouth the gang had previously said that they were not attacking medical targets during the pandemic, on or about August 3, Maze ransomware was unleashed on Houston United Memorial Medical Center, and the gang added UMMC to their leak site. Maze posted as proof of the claimed UMMC hack some general files from the center, and one folder containing some identifiable (but unconfirmed) patient records. The hospital has made no announcement regarding the impact or severity of the hack. 

cybersecurity news represented by a gauge indicating moderate risk Breach News This Week

Individual Risk: 2.782 = Moderate

So far, there’s limited evidence that a significant amount of patient data was exposed in this incident. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware isn’t going away anytime soon. In fact, updated varieties like double extortion ransomware are entering the scene to cause more damage to businesses that fail to guard against the most likely infection vector: phishing. 

ID Agent to the Rescue: BullPhish ID turns staffers into your strongest line of defense against phishing by training them to spot and stop potential phishing attacks with constantly updates plug-and-play phishing awareness training in 8 languages. LEARN MORE>>


Breach News This Week- Canada


Canada – Brookfield Residential

https://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/?&web_view=true

Exploit: Ransomware

Brookfield Residential: Home Builder

cybersecurity news represented by a gauge showing severe risk  & Breach News This Week

Risk to Business: 2.033 = Severe 

DarkSide ransomware is the culprit in an attack on North American home builder and community developer Brookfield Residential. The company acknowledged that a limited subset of files had been impacted containing employee records and that the files had been restored from backup and incident reported to the appropriate authorities. Initial confusion about the scope of the incident was quickly cleared up: the ransomware gang initially claimed to have hacked Brookfield Asset Management, of which Brookfield Residential is a division, but later confirmed that it was just the builder affected. 

cybersecurity news represented by a gauge indicating moderate risk Breach News This Week

Individual Risk: 2.801 = Moderate

The company has only indicated that a limited amount of employee records were impacted and has not specified the nature of that data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is continuing to trip up businesses of every size. In a challenging economy, even cybercriminals have to work a little harder, which means ransomware attack rates and breach risks are rising every day. 

ID Agent to the Rescue: Protect your systems and data from phishing threats through the combined power of a 1 -2 punch with BullPhish ID and Graphus to reduce phishing risk and increase cybercrime awareness. SEE HOW IT WORKS>>


Breach News This Week – United Kingdom & European Union


United Kingdom – Southern Water

https://www.theregister.com/2020/08/28/southern_water_sharepoint_shenanigans/?&web_view=true

Exploit: Accidental Data Sharing (Human Error)

Southern Water: Utility Company

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.201 = Severe 

A user at the utility company’s website discovered some Sharepoint settings shenanigans. Southern Water had set up Sharepoint to host customer information as a “your account” style section of their website exposed URLs that could be tweaked to view other people’s account information. Customers who knew how to tweak Sharepoint were able to quickly access the full name, address, customer account number, payment reference number, bill and payment dates, account balance, payment amount, bill amount, meter details, and meter readings of other customers.

cybersecurity news represented by a gauge indicating moderate risk  & New Breach News Week in BreachNew This Week in  Cybersecurity News Breach News This Week

Individual Risk: 2.810 = Moderate 

No financial data was exposed, and the incident only affected general publically available data accessed through the Sharepoint site by someone who already had a system ID.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Controlling who has access to what, and who needs to have access to what, can be a time-consuming process for IT support, but failing to secure information correctly can have dangerous consequences including an expensive data breach.

ID Agent to the Rescue: Make it easy on your IT team to give and remove access to essential business applications quickly and safely with Passly’s individual user LaunchPads and Single Sign-on tools. SEE PASSLY IN ACTION>>


Breach News This Week – Asia


India – Paytm 

https://ciso.economictimes.indiatimes.com/news/paytm-mall-suffers-massive-data-breach-ransom-demanded-report/77843648

Exploit: Ransomware

Paytm: Payment Processing Service

cybersecurity news represented by agauge showing severe risk & New Breach News Week in Breach New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.291 = Severe 

Cybersecurity researchers have confirmed that a hacker group using the name John Wick has claimed responsibility for a ransomware attack on the payment processing giant. The hackers are demanding 11 Etherium in cryptocurrency as payment, but the company denies that it has suffered a breach, although experts find the claim and evidence presented by the hackers credible. 

Individual Risk: This hack appears to be related to merchant card batch processing and not individual credit card transaction data. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Having a data breach at all is a huge problem that shouldn’t be compounded by denying an incident that credible experts believe occurred. 2020 is shaping up to be a banner year for data breaches, and joining that list is both unpleasant and expensive.

ID Agent to the Rescue:. Security awareness training helps prevent companies from suffering incidents like ransomware attacks, and strong protections on access and communications with Passly and Graphus help stem the tide of potentially damaging incidents. LEARN MORE>>


New This Week in Cybersecurity News – Australia & New Zealand


New Zealand – New Zealand Stock Exchange (NZX)

https://www.scmagazine.com/home/security-news/phishing/hackers-hijack-design-platform-to-go-phishing/ 

Exploit: DDoS/Hacking Attack

New Zealand Stock Exchange – Commercial and Financial Trading

cybersecurity news gauge indicating extreme risk Breach News This Week

Risk to Business: 1.113 = Extreme 

It has been a wild week for businesses, investor, and stock traders in New Zealand ad a series of cybersecurity incidents in rapid succession caused trading to stop and start several times. The market faced disruptions for four days last week when it was hit repeatedly by distributed denial of service (DDoS) attacks, affecting both cash trading and other transactions while taking down its internet capabilities. Officials claim that the attacks are coming from an “offshore” source, and may be connected to recent hacking troubles in Australia. As of 8/30 the problem was still reoccurring and being addressed by NZX, the Financial Markets Authority (FMA), Spark, and a U.S.-based cybersecurity firm Akamai Technologies

Individual Risk: No personal information or consumer financial data has been reported compromised in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Nation-state cyberattacks are growing in frequency and scale as hacking ramps up into a formidable weapon to use to interrupt a country’s business and financial systems. backing up data and controlling access points helps guard against these attacks.

ID Agent to the Rescue: Multifactor Authentication with Passly helps put an additional barrier between bad actors and your data and systems by requiring additional proof of identity before allowing user access.  SEE A DEMO>>


The Week in Breach Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863