Wednesday, November 18, 2020

Ransomware Risks Highest for Remote Workers

Ransomware Risks Highest for Remote Workers  


The global pandemic has changed the way that we work, and that’s been good news for cybercriminals. Remote workers are a juicy target for ransomware attacks since they’re more likely to be drawn in by common lures and less likely to be up to date on current phishing scams. So how can you protect your business from ransomware while your staffers are still working remotely?

While we wish there was a magic bullet, the closest we’ve come is a magical solution: phishing resistance and security awareness training. Companies that engage in regular security awareness training that includes information about the latest phishing threats have up to 70% fewer cybersecurity incidents.

The biggest cybersecurity threat of 2020 is phishing, and ransomware almost always arrives on your doorstep paired up with a phishing email. More than 65% of ransomware is delivered through phishing, which has boomed during the global pandemic – Google reports that it’s measured phishing email as up by more than 600% in 2020.

Regular, easy-to-understand phishing training is essential for protecting your business from dangers like spear phishing attacks designed to deliver ransomware. BullPhish ID delivers just what you need with plug-and-play phishing simulation kits to test your staff and engaging video lessons to demonstrate today’s phishing lures, including COVID-19 bait.

Protect your business from phishing-based cybersecurity disasters with simple, sensible tools like security awareness and phishing resistance training using BullPhish ID to transform your staff from cybercriminal targets to defensive assets fast at a price you’ll love.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

o Inside the Ink to Get the Inside Scoop on Cybercrime


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

The Week in Breach News – United States

The Week in Breach News – United States 


United States –  Delaware Division of Public Health

https://news.delaware.gov/2020/11/15/delaware-division-of-public-health-announces-data-breach-incident/

Exploit: Accidental Data Sharing

Delaware Division of Public Health: State Health Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.311 = Severe

The Delaware Division of Public Health announced that in mid-September, a temp sent two emails containing COVID-19 test results for approximately 10,000 individuals to the wrong party. The August 13, 2020, email included test results for individuals tested between July 16, 2020, and August 10, 2020. The August 20, 2020, email included test results for individuals tested on August 15, 2020. Investigators have determined that these emails were sent by mistake, as the information was supposed to be sent to a member of the call center staff to assist individuals in obtaining their test results.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.824 = Moderate

The information mistakenly released in this foul-up included the date of the test, test location, patient name, patient date of birth, phone number if provided, and test result.

Customers Impacted: 10,000

How it Could Affect Your Customers’ Business: Human error remains the number one cause of a data breach. Security awareness training is the most effective way to prevent unfortunate employee errors.

ID Agent to the Rescue: No business can afford to overlook regular cybersecurity awareness training and risk mitigation. Our digital risk protection platform has the solutions that you need to provide strong security for your business at a great price. LEARN MORE>>


United States – Vertafore Inc.

https://siliconangle.com/2020/11/15/data-belonging-27-7m-texas-drivers-stolen-latest-case-unsecured-storage/

Exploit: Unsecured Database

Vertafore Inc.: Insurance Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.702 = Severe

Information about 27.7 million Texas drivers has been exposed online and stolen from an unsecured database belonging to insurance company Vertafore Inc. after someone put three major company files on an unsecured storage server.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.662 = Moderate

The company says that no identification misuse has been determined, but they’re also offering free credit monitoring and identity restoration services to all Texas driver’s license holders potentially affected by the data breach.

Customers Impacted: $27.7 million

How it Could Affect Your Customers’ Business Bad data handling is a symptom of poor cybersecurity hygiene, and it can easily lead to bigger problems like ransomware and password compromise.

ID Agent to the Rescue: Ransomware is typically delivered as the nasty cargo of a phishing attack. Improve your staff’s phishing resistance to fight back against ransomware threats. LEARN MORE>>


United States – X-Cart

http://www.digitaljournal.com/tech-and-science/technology/x-cart-suffers-from-ransomware-attack/article/580881

Exploit: Third Party Software

X-Cart: eCommerce Platform Creator  

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.003 = Severe

X-cart discovered the danger of vetting errors when attackers exploited a vulnerability in a third-party software tool to gain access to X-Cart’s store hosting systems. Some stores went down completely, while others reported issues with sending email alerts. The incident is under investigation and service has been restored for clients.

Individual Risk: No personal or consumer information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cyberattacks can come from unexpected quarters, like a vulnerability in third-party software that you rely on.

ID Agent to the Rescue: Passly adds essential protection to your systems and data through secure identity and access management to place a strong shield between your business and cybercrime.  LEARN MORE>>


United States – Wildworks (Animal Jam)

https://www.informationsecuritybuzz.com/expert-comments/animal-jam-kids-virtual-world-hit-by-data-breach-impacting-46m-accounts-expert-commentary/ 

Exploit: Third Party Data Breach

Wildworks: Video Game Developer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.664 = Severe

Wildworks, the developer of the online kid’s playground Animal Jam, announced a data breach involving a third-party vendor that exposed the information of millions of children on the Dark Web. The information appeared on the Dark Web as the booty of cybercrime gang ShinyHunters.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.902 = Severe

Exposed information includes 46 million player usernames, which are human moderated to make sure they do not contain a child’s proper name, 46 million SHA1 hashed passwords and approximately 7 million email addresses of parents whose children registered for Animal Jam. 

Customers Impacted: 46 million

How it Could Affect Your Customers’ Business: Third-party service providers may not have the same commitment to data security as you do. It pays to do your homework to avoid these problems whenever possible.

ID Agent to the Rescue: Information like this can hang around for years after it hits the Dark Web. Make sure your staff’s credentials haven’t been exposed with Dark Web ID 24/7/365 monitoring. SEE HOW IT WORKS>>


United States – Pluto TV

https://www.bleepingcomputer.com/news/security/hacker-shares-32-million-pluto-tv-accounts-for-free-on-forum/

Exploit: Hacking

Pluto TV: Online Television Service 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.166 = Severe

Hackers from the cybercrime gang ShinyHunters have announced the acquisition of 3.2 million Pluto TV user records that were purportedly stolen during a data breach. The data appears to be somewhat out of date, and Pluto TV has not confirmed the breach.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.611 = Moderate

Exposed information includes a member’s display name, email address, bcrypt hashed password, birthday, device platform, and IP address. The data is estimated to be about two years old.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Protecting your client records and other sensitive data from thieves has to be a top priority, no matter how old it is. Customers expect that you’ll keep it safe with reasonable security precautions in place.

ID Agent to the Rescue: Passly helps keep data safer by providing strong protection against hacking with single sign-on to make it easy to control access exactly where you need it. LEARN MORE>>


United States – The North Face

https://chainstoreage.com/report-hackers-may-have-obtained-north-face-customer-data

Exploit: Credential Stuffing

The North Face: Outdoor Apparel Retailer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.322 = Severe

Hackers mounted a successful attack against outdoor retailer The North Face, capturing an unknown amount of client data in the process. While retail operations were not disrupted, the company has released a caution to customers about the incident.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.711 = Moderate

The company noted that the breach includes “products you have purchased on our website, products you have saved to your ‘favorites,’ your billing address, your shipping address(es), your VIPeak customer loyalty point total, your email preferences, your first and last name, your birthday (if you saved it to your account), and your telephone number (if you saved it to your account)”. Payment information was stored separately and more securely and not impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Credential stuffing attacks have gained new fuel from a bountiful harvest of Dark Web data dumps adding fresh ammo for cybercrime.

ID Agent to the Rescue: Multifactor authentication with Passly is the perfect tool to guard your business against credential stuffing attacks. LEARN MORE>>


The Week in Breach News – Canada


Canada – The City of Saint John, N. B. 

https://www.itworldcanada.com/article/saint-john-n-b-shuts-it-systems-after-significant-cyber-attack/438315

Exploit: Ransomware

The City of Saint John, N. B.: Municipal Government

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.222 = Extreme

A massive cyberattack has ground many municipal operations to a halt in Saint John, New Brunswick. The suspected ransomware attack on the city government caused havoc. Government officials said in a statement that while its 911 communications network is open, the cyberattack has shut the city’s website, email, online payment system, and customer service applications.

Individual Risk: No personal or consumer information was reported as impacted in this incident so far, but it is still being remediated.

Customers Impacted: 68,000

How it Could Affect Your Customers’ Business: Ransomware isn’t just about capturing data anymore, it can also be intended to shut down your business. Security awareness training prevents up to 70% of cybersecurity incidents.

ID Agent to the Rescue: Phishing resistance training is one of the most important ways that any organization can protect their systems and data. Not only does it improve your staff’s phishing resistance, but it also boosts their overall cybersecurity awareness too. LEARN MORE>>



The Week in Breach News – United Kingdom & European Union


United Kingdom –  Sandcliffe Motor Group

https://www.am-online.com/news/dealer-news/2020/11/09/sandicliffe-customer-data-breach-could-affect-thousands

Exploit: Ransomware

 Sandcliffe Motor Group: Automobile Retailer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

A ransomware attack has exposed the information of employees and customers of Sandcliffe Motor Group. The chain of 10 dealerships around the UK has traced the source to an employee clicking a link in a phishing email.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.613 = Severe

The company noted that bank account details and medical histories may be included in the information that was snatched. Clients and employees should be aware of the possibility that their personally identifiable or financial data was compromised and be alert to spear phishing and identity theft attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Phishing never goes away, and it’s always the fastest, easiest way for cybercriminals to strike.

ID Agent to the Rescue: Don’t just hope that you’re not next – fight back against ransomware threats with our eBook “Ransomware 101”. See why you’re at risk and how to protect your business fast. GET THE BOOK>>


Germany – Miltenyi Biotec

https://www.securityweek.com/biotech-company-miltenyi-biotec-discloses-malware-attack

Exploit: Malware

Miltenyi Biotec: Cell and Therapy Research Solutions Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.322 = Severe

Malware is to blame for a recent spate of order processing snafus at Miltenyi Biotec, a major manufacturer and distributor of essential solutions used in scientific research and medical therapies. The company noted that it has been able to control the problem and does not anticipate a significant future impact.

Customers Impacted: Unknown

Individual Risk: No personal or consumer information was reported as impacted in this incident so far, but it is still being remediated.

How it Could Affect Your Customers’ Business: Malware can arrive on your doorstep in many ways, but it’s most likely to come attached to a phishing email.

ID Agent to the Rescue: Don’t wait until malware knocks on your door to update phishing resistance training for every staffer with easy, remote-friendly training using BullPhish ID. SEE BULLPHISH ID IN ACTION>>



The Week in Breach News – Australia & New Zealand


Australia – Nexia Australia and New Zealand

https://www.itwire.com/security/melbourne-firm-denies-data-stolen-during-ransomware-attack.html

Exploit: Ransomware

Nexia Australia and New Zealand: Accounting Firm 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.806 = Severe

REvil ransomware strikes again, this time at major accounting firm Nexia. The company informed regulators of an attack on November 3, 2020. While the REvil gang had up until recently boasted of the score on its website, the information has since disappeared, leading to speculation that the ransom was paid. The firm has not confirmed what if any data was stolen, although the REvil group did confirm that it had data in its initial posting.

Individual Impact: No information is available about any personal or financial data that was exposed in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is a menace that every company must be on guard for at every turn to avoid messy and damaging incidents like this, with correspondingly expensive results.

ID Agent to the Rescue: Phishing resistance training with BullPhish ID is the key to guarding against ransomware with 80+ plug and play phishing simulation campaigns just waiting to transform your staffers from your largest attack surface to your largest defensive asset. LEARN MORE>>



The Week in Breach News – Asia Pacific


India – Press Trust of India

https://www.nationalheraldindia.com/national/massive-ransomware-attack-hits-news-agaency-pti-services-resume

Exploit: Ransomware

Press Trust of India: News Reporting Service

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.169 = Severe

Major Indian news agency Press Trust of India was shut down for several hours over the weekend after a ransomware attack disrupted its operations, leaving millions of subscribers including major news sources in the dark. Service was restored by the next day and an investigation is underway, but the suspected culprit is ransomware.

Individual Impact: No personal data was exposed in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Snarling systems and impacting production are two goals that we’re seeing on the rise on cybercriminal hit lists, and frequently ransomware is the tool that they prefer to shut down businesses.

ID Agent to the Rescue: Don’t get locked out of your business by ransomware. Phishing resistance training with BullPhish ID transforms your staffers from your largest attack surface to your largest defensive asset. LEARN MORE>>


Singapore – RedDoorz

https://www.bleepingcomputer.com/news/security/58-million-reddoorz-user-records-for-sale-on-hacking-forum/

Exploit: Unauthorized Database Access

RedDoorz: Hotel Management and Booking Platform 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.070 = Severe

The bad guys slipped through the door at the hotel and travel booking platform RedDoorz, and they took home some souvenirs. A threat actor is selling a RedDoorz database containing 5.8 million user records on a Dark Web forum.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.037 = Severe

In the information exposed on the Dark Web, cybercriminals showed that they had obtained user records that included the member’s email, bcrypt hashed passwords, full name, gender, link to profile photo, phone number, secondary phone number, date of birth, and occupation as well as miscellaneous personal details. Users of the platform should be wary of spear phishing attempts using this data.

Customers Impacted: 5.9 million

How it Could Affect Your Customers’ Business: Putting extra security between your client records and hackers is a smart move to avoid becoming part of the booming Dark Web data economy.

ID Agent to the Rescue: Information from attacks like this frequently makes its way to Dark Web data markets and dumps, including stolen password lists. Make sure your employee credentials are protected from unexpected risk when you have them monitored with Dark Web ID SEE DARK WEB ID AT WORK>>


Malaysia – 123RF

https://www.hackread.com/ransomware-attack-brazil-top-court-encrypts-backups/

Exploit: Unauthorized Database Access 

123RF: Stock Photo Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.233 = Severe

Popular stock photo source 123RF discovered that someone had stopped by or more than just some free art this week after 8.3 million of its client records appeared on the Dark Web. Based on the dates listed, the information is likely a year or so old.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.427 = Severe

The pilfered data includes user records showing 123RF members’ full name, email address, MD5 hashed passwords, company name, phone number, address, PayPal email if used, and IP address. There is no financial information stored in the database. Users should be on the lookout for possible spear phishing emails like fake PayPal notices using this data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Guarding user records is essential in today’s business world because savvy users are likely to take their business elsewhere after a breach.

ID Agent to the Rescue: How strong are the passwords that you’re using to protect your data and systems. Find out how bad passwords are born, and how they help hackers steal your data in our eBook “Is That Your Password?“. GET THE BOOK>>


The Week in Breach – South America


Chile – Cencosud

https://www.bleepingcomputer.com/news/security/retail-giant-cencosud-hit-by-egregor-ransomware-attack-stores-impacted/

Exploit: Malware

Cencosud: Retail Conglomerate

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.342 = Severe

Cencosud was hit with a ransomware attack that encrypted devices throughout their retail outlets and impacted the company’s operations. Most retail locations of the South American retail giant are operational, but other services including its in-house credit cards have been impacted. Egregor ransomware is suspected as the culprit. Cencosud manages a wide variety of stores in Argentina, Brazil, Chile, Colombia, and Peru.

Individual Risk: While it’s clear that a great deal of information and major systems were encrypted, there are no specifics on any data stolen.

Customers Impacted: Unknown



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863