Monday, November 30, 2020

To Err is Human, But Preventing Expensive Disasters is Divine.



Making mistakes is part of being human. Even your most conscientious employees are bound to screw up at some point. But employee mistakes don’t have to be a gateway to cybersecurity disaster. Putting fail safes in place between your data and cybercriminals can mitigate the risk of employee errors.

While errors like misconfiguration and failure to patch software are dangerous, one particular source of employee error definitely tops the trouble list: passwords. In a recent survey, an outrageous 91% of employees admitted to reusing nor recycling passwords at work and between their work and home accounts, and password sharing is endemic.

Password compromise is by far the fastest, easiest way for cybercriminals to gain access to your systems and data. A password alone, even if it is updated regularly, will not provide strong protection for your systems and data – over 80% of breaches can be attributed to password hacking or password compromise.

Put extra protection between your business and employee errors like poorly made passwords by adding a secure identity and access management solution like Passly to your security plan. An expert-endorsed best practice and a requirement for compliance in many industries, multifactor authentication is your strongest shield against these types of brute force hacking attacks.

Passly also includes other highly recommended security tools like simple remote access control for IT staffers, secure shared password vaults, and single sign-on LaunchPads for every user to boost your endpoint security. This multifunctional dynamo can dramatically reduce your threat risk from employee cybersecurity errors at a price that fits any budget. 

Securing the access gateways to your company’s systems and data is the fastest, most effective way to prevent a small mistake from becoming an expensive cybersecurity disaster. Streamline access, improve endpoint security, and add the fail safes that you need to make sure that only the right people are accessing your systems and data in a flash with Passly.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Social Engineering is a Bigger Problem Than Ever in 2020. Here’s How to Fight Back.

Social Engineering is a Bigger Problem Than Ever in 2020. Here’s How to Fight Back. 


Cybercriminals these days are a lot smarter than you might think. Just like any other business, cybercrime gangs are always looking for ways to break through with a slick new attack style that scores them a big payday before cybersecurity professionals even have it on their radar. One of the most successful areas of expansion for cybercrime in 2020 has been social engineering. 

A major component of phishing-related cybercrime, the premise behind social engineering is very simple: to influence the target to take an action. Whether that action is to buy a certain brand of coffee, share a news story, or click on a link in a phishing email, social engineering is a common tactic in all sorts of business operations for one simple reason: it works. 

Recent examples illustrate some of today’s craftiest social engineering tactics. For example, take a dull, routine subject like compliance. It’s both complicated and constantly changing, with huge penalties for violations. Cybercriminals know that GDPR fines are a specter that haunts most European businesses – and detailed information about many businesses is an easy score on the Dark Web.

So why not try out a cleverly disguised social engineering trick by creating an email that’s designed to look like it’s from a consultancy helpfully informing you that there are new regulations about email security that you might not be compliant with. Of course, their company can help. They may “already be working with you to resolve the problem”, and they just need a little bit more information. You know the rest of this story. 




Or, at larger companies, the classic access scam. A contractor or service for your corporation contacts you, maybe even by phone. He is trying to repair something crucial that’s just broken fast. It’s a big problem, the bosses are mad, and they have a quick fix to temporarily patch it until they can fix it. They just need a password that gives them access to a certain system, and they were told that you’re the person to talk to. Password sharing is so endemic, most staffers will hand theirs right over. 

This may not sound like a plausible scenario to you, and you’d probably be inclined to ask for more proof – and you’d be right, it’s a scam. But many employees won’t recognize it, even at big tech companies where you’d expect them to know better. After all, this sequence of events is exactly what happened to cause the giant Twitter breach earlier this year.

Fighting back against social engineering means fighting back against cybercriminal trickery with education. Security awareness training, especially phishing resistance training, is every company’s best bet for teaching employees to spot and stop social engineering attacks. Companies that engage in regular security awarenesstraining have up to 70% fewer cybersecurity flubs.

BullPhish ID is the answer for your clients. Not only can it be easily configured for companies and test groups of any size, but it’s also ideal for both in-office and remote workforce training. It’s easy to manage and easy to use. Plus, phishing resistance training doesn’t just help companies defend against phishing – it increases overall security awareness too. 

The best training is training that people remember. BullPhish ID delivers on that front, with information presented in bite-sized pieces that are easy to understand no matter how tech-savvy your staffers are in 8 languages. Engaging video lessons make BullPhish ID the perfect tool to use when training employees and online testing enables you to quickly determine who needs extra help.

Research indicates that employees retain the skills that they gain from training for about 4 months before they disappear, but don’t lose skills if their training is regularly updated. BullPhish ID has the content you need, with over 80 complete phishing simulation kits are ready to go, with 4 new kits added every month. Plus we add training on all the latest threats, including COVID-19 lures.


Contact us to see how we can help you combat these threats!

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

This Week in Breach News:

This Week in Breach News: Ransomware scores at Manchester United and chills Americold, Managed.com gets rocked by REvil, Luxottica’s data breach nightmare continues, how social engineering sneaks up on remote workers, and TWO new eBooks on security awareness training and phishing (and they’re really cool!).


The Week in Breach News: Dark Web ID’s Top Threats This Week 


  • Top Source Hits: ID Theft Forum
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 501+

The Week in Breach News – United States 


United States – Managed.com 

https://securityaffairs.co/wordpress/111154/cyber-crime/managed-com-revil-ransomware.html

Exploit: Ransomware

Managed.com: Web Hosting Provider

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.402 = Extreme 

REvil has had a nasty impact at this web hosting provider, causing a complete shutdown of company systems. The company says that a “limited number” of customer sites have been affected. Impacted functions included WordPress and DotNetNuke managed hosting platforms, online databases, email servers, DNS servers, RDP access points, and FTP servers.

Individual Risk: Managed.com has not released any information about potential client impact, although the company did note that they’d taken measures to secure client data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Third party risk is a growing problem for every business, especially as cybercriminals target more centralized service and infrastructure companies.

ID Agent to the Rescue: Your customers need solutions that protect their data from risks like this. Our solutions can help in two ways: securing their data and securing your MRR with Goal Assist to close more deals! LEARN MORE>>


United States – Mercy Iowa City

https://www.kcrg.com/2020/11/18/mercy-iowa-city-reports-data-breach-over-60000-iowans-affected/

Exploit: Unauthorized Access

 Mercy Iowa City: Medical Center

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.631 = Moderate

An unauthorized user gained access to an employee email account at this Iowa hospital, leading to the potential exposure of sensitive data for thousands of patients. There’s no confirmation that data was stolen, but the hospital is warning patients of the possibility The incident was discovered after the compromised account began sending out spam and phishing messages. 

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.502 = Moderate

The hospital has not yet confirmed that any data was actually accessed or stolen, but they sent out a letter warning patients of the potential breach. Information that may have been compromised includes patient names, Social Security numbers, driver’s license numbers, dates of birth, medical treatment information and health insurance information.

Customers Impacted: 60,000

How it Could Affect Your Customers’ Business Password compromise leads to major trouble. Even small incidents like this can quickly turn into huge problems if access to sensitive data isn’t carefully controlled. 

ID Agent to the Rescue:  Passly gives you more control over access points to systems and data with Single Sign-on and individual user LaunchPads that enable IT staff to quickly add and remove access. BOOK A DEMO>>


United States – TronicsXchange

https://www.infosecurity-magazine.com/news/80000-id-cards-fingerprint-exposed/

Exploit: Misconfiguration

TronicsXchange = Used Electronics Dealer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.992 = Severe 

A big error at TronicsXchange has led to a big problem, as sensitive customer data was exposed on a misconfigured database. Over 2.6 million files, including ID cards and biometric images, were left open and leaking in a misconfigured AWS S3 bucket. The data appears to be older and is primarily comprised of California residents.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.222 = Extreme 

The data that was exposed was seriously sensitive and has the potential for massive troublemaking. Millions of files were leaked including extremely sensitive information like approximately 80,000 images of personal identification cards such as driver’s licenses, and 10,000 fingerprint scans. The leaked driver’s license photos expose even more information about that individual, including license number, full name, birthdate, home address, gender, hair and eye color, height and weight, and a photo of the individual, among other things.

Customers Impacted: 80,000

How it Could Affect Your Customers’ Business: Leaving a database unsecured or misconfigured is a symptom of a lax cybersecurity culture. Leaving a database unsecured that has this kind of incredibly sensitive data inside is a disaster that will send customers running for the exits.

ID Agent to the Rescue: Passly adds essential security tools like multifactor authentication and simple remote management to ensure that only the right people have access to your sensitive client data. LEARN MORE>>


United States – American Bank Systems 

https://securityreport.com/american-bank-systems-hit-by-ransomware-attack-full-53-gb-data-dump-leaked/

Exploit: Ransomware

American Bank Systems: Software Services Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.864 = Severe

Avaddon ransomware made an unwelcome deposit at American Bank Systems, unleashing a ransomware attack that led to the capture and partial publishing of 53 GB of all sorts of highly confidential data. The banking software services company had data snatched from banks around the world including banking names and mortgage companies, such First Federal Community Bank, Rio Bank, Citizens Bank of Swainsboro, First Bank & Trust, and many more. The leaked data in the dump includes files such as loan documents, business contracts, private emails, invoices, credentials for network shares, and other confidential information. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.516 = Severe

Many of the stolen banking records also contain information about the clients of affected banks including, personally identifying information, loan amounts, and Tax ID or Social Security numbers. Some data on employees of banks was also exposed. Clients of impacted backs should be alert to identity theft and fraud possibilities. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Third-party service providers may not have the same commitment to data security as you do. It pays to do your homework to avoid these problems whenever possible. 

ID Agent to the Rescue: Information like this can hang around for years after it hits the Dark Web. Make sure your staff’s credentials haven’t been exposed with Dark Web ID 24/7/365 monitoring. SEE HOW IT WORKS>>


United States – Americold

https://www.bleepingcomputer.com/news/security/cold-storage-giant-americold-hit-by-cyberattack-services-impacted/

Exploit: Ransomware

Americold: Cold Storage and Logistics 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.236 = Severe

Ransomware definitely chilled business at Americold, causing major disruptions to operations. The cyberattack impacted their operations across the board, causing partial or complete shutdowns in phone systems, email, inventory management, and order fulfillment. This attack may be related to a recent spate of attacks against healthcare targets. Cold storage and temperature-controlled transportation will be a huge component in the distribution of any COVID-19 vaccine. 

Individual Risk: No personal or consumer information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware isn’t just stealing data anymore. Its also being used as a tool to disrupt infrastructure and logistics to devastating effect. 

ID Agent to the Rescue: Protect your systems and data from ransomware with BullPhish ID. Consistent phishing resistance and security awareness training can reduce cybersecurity incidents by up to 70%.  LEARN MORE>> 


United States – Port of Kennewick

https://www.nbcrightnow.com/news/port-of-kennewick-now-victim-of-cyber-attack/article_2da5b29c-2936-11eb-a2e4-0f3e16c73589.html

Exploit: Ransomware

Port of Kennewick: Municipal Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.322 = Severe

Ransomware severely impacted operations at this inland port in Washington. Cybercriminals encrypted the port’s systems and demanded $200,000 in ransom to restore access to the port’s servers and files. The port authority, FBI, and an outside contractor have been working to restore full operations. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is a huge threat to infrastructure targets as well as businesses, and nation-state actors are most likely to use ransomware in their attacks. 

ID Agent to the Rescue: Don’t let phishing shut your operations down. Train staffers to spot and stop phishing before an attack becomes a disaster.  LEARN MORE>> 


United States – Kenneth Copeland Ministries 

https://www.dailymail.co.uk/news/article-8966623/Russian-hacker-group-REvil-claims-massive-attack-televangelist-Kenneth-Copeland.html

Exploit: Ransomware

Kenneth Copeland Ministries: Televangelism

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.306 = Severe

The REvil ransomware gang strikes again, this time at televangelist Kenneth Copeland’s operations. The gang is threatening to release 1.2 terrabytes of sensitive data if he fails to pay their unspecified ransom demands. Evidence of the hack has been displayed on REvil’s information website.

Individual Risk: No personal or consumer information was reported as impacted in this incident so far, but it is still being remediated.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware gangs like REvil can see juicy paydays in targeting prominent people in any industry – or releasing potentially embarrassing stolen data if those people decide not o pay the ransom.

ID Agent to the Rescue: Phishing resistance training is one of the most important ways that any organization can protect their systems and data from ransomware. Not only does it improve your staff’s phishing resistance, but it also boosts their overall cybersecurity awareness too.  LEARN MORE>> 



The Week in Breach News – United Kingdom & European Union


United Kingdom – Manchester United 

https://securityaffairs.co/wordpress/111231/hacking/manchester-united-cyber-attack.html

Exploit: Ransomware

Manchester United: Football (Soccer) Club

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.122 = Severe 

A ransomware attack briefly shut down business operations at Manchester United. The team reports “Club media channels, including our website and app, are unaffected and we are not currently aware of any breach of personal data associated with our fans and customers.” The cyberattack is not expected to impact play and matches will remain ongoing as scheduled. 

Customers Impacted: Unknown 

How it Could Affect Your Customers’ Business: Ransomware and phishing go hand in hand and as social engineering tactics improve it’s always going to be the fastest, easiest way for cybercriminals to strike.

ID Agent to the Rescue: Don’t just hope that you’re not next – fight back against ransomware threats with our eBook “Ransomware 101”. See why you’re at risk and how to protect your business fast. GET THE BOOK>>


Italy – Luxottica

https://healthitsecurity.com/news/luxottica-data-leaked-by-hackers-after-ransomware-attack-breach

Exploit: Ransomware

Luxottica: Eyewear Manufacturer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.237 = Severe 

After suffering a nasty cyberattack a few months ago that severely impacted operations, eyewear giant Luxottica is in hot water again. Newly uncovered data from Dark Web sources that protected health information and PII for thousands of consumers who patronize common eyewear retailers. Sensitive company data was also stolen including contract information, financial information, and human resource documents. hackers have already begun releasing this data.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.379 = Severe 

The leaked data contained customer contact details, health insurance policy numbers, and appointment notes related to treatment, such as health conditions, procedures, and prescriptions, as well as other sensitive data, including the credit card information and Social Security information of some patients that patronize major eyewear retailers including LensCrafters, Sunglass Hut, and Pearle Vision, along with users of the EyeMed vision care plan. Consumers stay alert to identity theft and spear phishing possibilities.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Failure to adequately protect medical data is an expensive proposition and will undoubtedly draw the wrath of regulators in the US and EU. It pays to remember that one employee interacting with one phishing email can always be a recipe for disaster.

ID Agent to the Rescue:  Don’t wait until ransomware creates an expensive compliance nightmare to update phishing resistance and security awareness training for every staffer BullPhish ID.  SEE BULLPHISH ID IN ACTION>>



The Week in Breach News – Asia Pacific


South Korea – E-Land

https://www.koreatimes.co.kr/www/tech/2020/11/694_299692.html

Exploit: Ransomware

Press Trust of India: News Reporting Service

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.169 = Severe 

A cyberattack walloped Korean retail giant E-Land, forcing it to suspend operations at 23 of its 50 branches of NC Department Store and NewCore Outlet stores. Some stores have reopened, but they’re still facing significant operational delays Investigation and recovery is ongoing.

Individual Impact: No personal data was reported as exposed in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Operational impacts from ransomware can be devastating even if bad actors don’t steal your data, especially for daily goods and services businesses like retail stores.

ID Agent to the Rescue: Don’t let ransomware shut you down. Phishing resistance training with BullPhish ID transforms your staffers from your largest attack surface to your largest defensive asset. LEARN MORE>>


Japan – Mitsubishi Electric

http://www.asahi.com/ajw/articles/13948123

Exploit: Hacking

Mitsubishi Electric: Electrical Equipment Manufacturer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.470 = Severe 

Security improvements at Mitsubishi Electric didn’t go far enough, because bad actors have penetrated security again. This time, instead of machine and operations data, client data impacting more than 8,500 corporate accounts was stolen. This is the second successful attack on Mitsubishi in the last 6 months.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.474 = Severe 

Information for 8,653 business accounts has been exposed. The company is working to determine if information related to bank accounts of the other parties as well as other information leaked. No personal or consumer data has been reported as affected in this incident.

Customers Impacted: 8,653


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

What is SOC-as-a-Service?