Tuesday, September 7, 2021

Simple Protection Can Defeat Complex Cyberattacks

Simple Protection Can Defeat Complex Cyberattacks 


You may think that stopping complex cyberattacks by sophisticated gangs requires deploying complicated (and expensive) solutions. But that’s not always the case. It’s totally possible to protect your business from some of today’s most devastating cyberattacks without breaking the bank. In fact, you only need to use one resource to do it – yet an estimated 50% of businesses aren’t using it.

That magic tool is multifactor authentication (MFA). Microsoft has noted that multifactor authentication alone can stop up to 99% of password-based cyberattacks cold. That includes potentially damaging attacks like password-spraying, brute force hacking, systems intrusion and more – even malware like ransomware. MFA can also give you an edge against the impact of a phishing incident by making that phished password useless automatically.

MFA is an important part of secure identity and access management, a security category that empowers businesses to control who has access to what quickly and easily. It makes it simple for comianies to make sure that the right people have access to the right things – and only the right people. Keeping your data in and cybercriminals out.

Talk to your MSP about adding MFA to your security plan with an affordable, dynamic secure identity and access management solution like Passly and deploy this powerful weapon to secure your business.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

The Week in Breach News: 06/23/21 – 06/29/21

The Week in Breach News: 06/23/21 – 06/29/21

June 30, 2021

This week the cybercrime gangs were busy! Nobelium, the gang behind the SolarWinds hack, is giving Microsoft and others a world of trouble with unexpected attacks. REvil scores medical data, a new ransomware gang debuts with a hit on Altus Group and how to defend against complex threats with simple security moves. 


See how ransomware really works, who gets paid & what’s next in our NEW tell-all Ransomware Exposed! DOWNLOAD IT>> 



Mercedes Benz USA 

https://www.bleepingcomputer.com/news/security/mercedes-benz-data-breach-exposes-ssns-credit-card-numbers/

Exploit: Third Party Risk 

Mercedes Benz USA: Carmaker 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.611= Severe

Mercedes-Benz USA has disclosed a data breach impacting some of its US customers. The data breach exposed PII of under 1,000 Mercedes-Benz customers and potential buyers. This breach was announced after a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.802= Severe

According to the company, the breach affects some customers and potential vehicle buyers who had entered sensitive information on Mercedez-Benz company and dealer websites between 2014 and 2017. The vendor who notified Mercedez-Benz of the data breach states that the exposed information included: self-reported customer credit scores, driver license numbers, Social Security numbers (SSNs), credit card numbers and dates of birth.

Individual Impact: No sensitive personal or financial information for clients has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: 1,000

How It Could Affect Your Customers’ Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.

ID Agent to the Rescue: Third-party and supply chain risk growing exponentially. Learn strategies to fight back in our eBook Breaking Up with Third-Party and Supply Chain RiskDOWNLOAD IT>>


Washington Suburban Sanitary Commission (WSSC) 

https://baltimore.cbslocal.com/2021/06/27/wssc-water-investigating-ransomware-attack/

Exploit: Ransomware

Washington Suburban Sanitary Commission (WSSC): Utility 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.116 = Severe 

Washington Suburban Sanitary Commission (WSSC) has disclosed a ransomware attack that impacted some of its systems. The utility noted that the incident impacted a portion of their network that operates non-essential business systems. The company has admitted that cybercriminals were able to gain access to internal files but no more information has been provided. The incident is still under investigation. WSSC is the utility that provides water and sewer services to the Washington, DC metropolitan area.

Individual Impact: No sensitive personal or financial information for clients has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware attacks against strategic targets like utilities and infrastructure targets as ransomware gangs try to score a big payday fast from targets that can’t afford downtime. 

ID Agent to the Rescue:   NEW! Go behind the scenes of ransomware to see who gets attacked, who gets paid and what’s next on the hit list in Ransomware Exposed! DOWNLOAD NOW>>


DreamHost 

https://www.infosecurity-magazine.com/news/cloud-database-exposes-800m/

Exploit: Unsecured Database

DreamHost: WordPress Hosting Service 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.823=Severe

A misconfigured cloud database exposed over 800 million records linked to WordPress users through hosting provider DreamHost. The 814 million records came from the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In this 86GB database, researchers noted admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps and configuration and security information, some linked to users with .gov and .edu email addresses. The database was purportedly secured within hours but the damage had already been done. 

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business There’s no excuse for making basic security blunders, and clients may be less likely to want to work with those who do. A strong security culture prevents these blunders from happening.

ID Agent to the Rescue:   Building a strong security culture is vital to maintaining a high level of security. The Security Awareness Champion’s Guide shows you how to make good security choices and avoid trouble. GET IT>>


phishing email imitating famous brands dangers represented by a cartoon hacker in a hoodie at a laptop with an eye mask on done in shades of blue, Batman style.




Altus Group 

https://securityaffairs.co/wordpress/119418/cyber-crime/new-ransomware-group-hive-leaks-altus-group-sample-files.html

Exploit: Ransomware

Altus Group: Real Estate Software 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.775 = Severe

Altus Group, a commercial real estate software solutions company, has announced that its data was breached. The company initially said that no data was stolen, a new ransomware group begs to differ. New cybercrime gang Hive has published samples of data allegedly stolen from Altus Group on its new dark website. The provided sample of exfiltrated files includes business data and documents, as well as Argus certificates and development files. No ransom amount has been confirmed and the incident is under investigation.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business In this economy, ransomware groups are only going to keep cropping up and that means your clients are facing new danger every day.

ID Agent to the Rescue:   Make sure you’re protecting the access points to your clients’ assets with strong security, including strong passwords with our Build Better Passwords eBook. GET IT>>


malicious insider threats represented by a crime comic style blue eye looking through a peephole.




United Kingdom – French Connection UK (FCUK) 

https://www.techtimes.com/articles/262039/20210626/revil-ransomware-gang-strikes-again-attacking-fcuk-fashion-label.htm

Exploit: Ransomware

French Connection UK (FCUK): Clothing Brand

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.351= Severe 

United Kingdom-based clothing company French Connection UK has been hit by a major cybercrime gang: REvil. The ransomware gang was able to get away with a plethora of internal company data after taking control of the company’s back-end servers. The type of data has not been specified, but both business and employee data is at risk.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is everywhere these days and every business is at risk. Companies in every industry of every size are in cybercriminals’ sights as they hunt for big paydays.

ID Agent to the Rescue: Are you ready for the next risk? Find useful data to inform security decisions including our predictions for the biggest risks of 2021 in The Global Year in Breach 2021READ IT NOW>>


Sweden – InfoSolutions 

https://cybernews.com/news/swedish-covid-19-lab-with-millions-of-test-results-breached/

Exploit: Hacking

InfoSolutions: Medical IT Solutions 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.661 = Severe

InfoSolutions, a company that provides IT services to Swedish Public Health Agency including maintaining journals and COVID-19 databases in Sweden, published a statement claiming that it detected an intrusion to a database employed by 15 of 21 Sweden’s regions. The company says that there is no indication that any information has been passed on and that the databases were locked quickly. The internal investigation is ongoing.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Medical data is catnip for hackers because it’s worth its weight in gold in dark web data markets, and healthcare targets worldwide have been under siege throughout the pandemic.

ID Agent to the Rescue: Increase the chance of speeding past pitfalls to victory when you boost cyber resilience for every customer using the tips in our eBook The Road to Cyber ResilienceDOWNLOAD IT NOW>





Brazil – Grupo Fleury 

https://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/

Exploit: Ransomware

Grupo Fleury: Medical Diagnostics Laboratory 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.702 = Severe

REvil had a busy week. They also struck medical services company Grupo Fleury, Brazil’s largest laboratory operator. The REvil gang is demanding $5 million to receive a decryptor and not leak allegedly stolen files, and it has published a sample according to its usual protocol. Grupo Fleury’s data could potentially contain enormous amounts of personal and medical data of patients, but no specifics of what was stolen have been made available.

Individual Impact: No sensitive personal or financial information has been confirmed as stolen in this incident but it is highly likely that will be the case as the incident progresses..

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Phishing and ransomware are today’s cybercriminal’s favorite tools to get the job done, and no matter how big or small, no organization is safe.

ID Agent to the Rescue: Are all of your clients dotting all the “I”s and crossing the “T”s to avoid risk? Use our Cybersecurity Risk Protection Checklist to make sure. DOWNLOAD IT>>


get cyber resilient to avoid healthcare ransomware attacks




1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.




Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Now More Than Ever, Getting the Right Advice on Cybersecurity is Critical

Now More Than Ever, Getting the Right Advice on Cybersecurity is Critical


These days, stories of devastating cyberattacks are in the news every day. From frightening attacks on infrastructure targets by nation-state threat actors to ransomware threats from small-time operators looking to make a quick buck, cybersecurity threats are around every corner for businesses in 2021. Last year, more than 80% of businesses saw an increase in cyber threats in a record-breaking year for cybercrime – and damaging attacks like ransomware are already up by more than 40% in 2021. How can your business stay safe from cyberattacks in this volatile atmosphere?

An assortment of variables can impact your company’s safety, from the industry that you’re in to the desirability of your data. Even the location of your company can play a part in your likelihood of experiencing cybercrime. Your employees’ habits and your staff makeup can also impact your security calculus in good and bad ways. Don’t forget to consider the conditions of the world economy and the dark web economy as factors. Plus, the way that technology is changing and potentially providing cybercriminals with new avenues of attack.

The size of your business won’t keep you safe from cybercrime either. Many small and medium-sized businesses (SMB) have value as strategic targets that enable cybercriminals to gain access to larger operations. Even without that aspect, SMBs aren’t a potential profit center that cybercriminals are going to overlook. Not only can they provide valuable data and other assets, but they can also be profitable sources for making a quick profit from ransoms. Two in five SMBs were the victims of a ransomware attack in 2020.

An estimated 47% of small businesses aren’t adequately prepared for a cyberattack. Are you? Make sure that you’re ready for trouble by making the right cybersecurity moves with expert guidance from a trusted partner like an MSP. to give your business an edge against cybercrime as the threat level continues to rise.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

The Week in Breach News: 06/16/21 – 06/22/21

The Week in Breach News: 06/16/21 – 06/22/21

June 23, 2021

Misconfiguration is the name of the game this week, as errors abound Carnival leaked data again (and Wegman’s joined them), nation-state cybercrime hits South Korea and insights into leading MSPs from the MSP Benchmark Report.





Cognyte

https://beta.darkreading.com/attacks-breaches/cyber-analytics-database-exposed-5-billion-records-online

Exploit: Unsecured Database

Cognyte: Data Analytics Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802= Severe

Data analytics company Cognyte warns folks about data exposure from third-party sources, and it had to send one out for itself this week. Researchers discovered an unsecured database operated by Cognyte that left some 5 billion records collected from a range of data incidents exposed online. The stored data is part of Cognyte’s cyber intelligence service, which is used to alert customers to third-party data exposures. The incident is under investigation.

Individual Impact: No sensitive personal or financial information for clients has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Proprietary like this is catnip for hackers. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.

ID Agent to the Rescue: Are you ready for the next risk? Find useful data to inform security decisions including our predictions for the biggest risks of 2021 in The Global Year in Breach 2021READ IT NOW>>


Invenergy LLC 

https://www.infosecurity-magazine.com/news/revil-claims-responsibility-for/

Exploit: Ransomware

Invenergy LLC: Energy Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.916 = Severe 

REvil has claimed responsibility for a recent cyberattack on renewable energy company Invenergy. The gang claims to have compromised the company’s computer systems and exfiltrated four terabytes of data. Among the information allegedly taken by REvil are contracts and project data. In a bizarre twist, REvil also claims to have obtained “very personal and spicy” information regarding Invenergy’s chief executive officer, Michael Polsky.

Individual Impact: No sensitive personal or financial information for clients has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware attacks against strategic targets are hot right now as ransomware gangs try to score a big payday fast from targets that can’t afford downtime. 

ID Agent to the Rescue:   NEW! Go behind the scenes of ransomware to see who gets attacked, who gets paid and what’s next on the hit list in Ransomware Exposed! DOWNLOAD NOW>>


CVS

https://www.zdnet.com/article/billions-of-records-belonging-to-cvs-health-exposed-online/#ftag=RSSbaffb68

Exploit: Thitd-Party Threat (Misconfiguration)

CVS: Drug Store Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.416= Extreme 

CVS is in hot water after researchers discovered a trove of over one billion records online that were connected to the US healthcare and pharmaceutical giant. The unsecured databasewas extimated to be 204GB in size. According to reports, the databases contained an astonishing assortment of sensitive data like event and configuration data, visitor IDs, session IDs, device access information and details on how the logging system operated from the backend. Search records exposed also included queries for medications, COVID-19 vaccines and a variety of CVS products, referencing both CVS Health and CVS.com.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Every company needs to make it a priority to be certain that their contractors and partners are handling and storing sensitive data correctly. Poor cyber hygiene at a service provider can become an expensive disaster fast. 

ID Agent to the Rescue:   Third-party and supply chain risk growing exponentially. Learn strategies to fight back in our eBook Breaking Up with Third-Party and Supply Chain RiskDOWNLOAD IT>>


Wegman’s

https://www.bleepingcomputer.com/news/security/us-supermarket-chain-wegmans-notifies-customers-of-data-breach/

Exploit: Third-Party Threat (Misconfiguration)

Wegman’s: Grocery Store Chain 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.227= Severe 

East Coast gourmet grocer Wegmans issued a release announcing that a service provider had failed to correctly configure two of its databases, exposing a large quantity of customer data. According to Wegmans, the databases that the contractor maintained contained customer identity and shopping habit information as well as an assortment of client PII. The company says the issue is resolved.

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.776 = Moderate

The release says that customer information exposed in the data breach included names, addresses, phone numbers, birth dates, Shoppers Club numbers, Wegmans.com account e-mail addresses and passwords. No Social Security, financial or medical information was stolen and only salted password hashes were stored in the databases maintained by the negligent contractor. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Clients expect a high level of information security from companies that they trust with their personal information and excuses about errors by contractors aren’t going to get businesses off the hook if there’s trouble. 

ID Agent to the Rescue:   Make sure you’re protecting the access points to your clients’ assets with strong security, including strong passwords with our Build Better Passwords eBook. GET IT>>


Carnival Cruise Line 

https://www.scmagazine.com/home/email-security/carnival-discloses-new-data-breach-on-email-accounts/

Exploit: Hacking

Carnival Cruise Lines: Cruise Ship Operator 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.651= Severe 

Perennially cybersecurity challenged cruise line Carnival issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees. The company said that the data snatched was collected during the travel booking process, through the course of employment or from providing services to the company, including COVID or other safety testing.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802= Severe 

The poassenger data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers. No clear information was provided about the employee information that was exposed. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business This is the third major cybersecurity blunder for Carnival in just one year, and that is likely to create a great deal of mistrust with consumers just as the travel industry is getting back on it’s feet. 

ID Agent to the Rescue: Building a strong security culture is vital to maintaining a high level of security. The Security Awareness Champion’s Guide shows you how to make good security choices and avoid trouble. GET IT>>





United Kingdom – Cake Box

https://www.bleepingcomputer.com/news/security/eggfree-cake-box-suffer-data-breach-exposing-credit-card-numbers/

Exploit: Hacking

Cake Box: Bakery Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.661 = Severe

UK celebration cake chain Cake Box isn’t celebrating this week. The company has disclosed a data breach after threat actors hacked their website and obtained credit card numbers. According to the release, the breach occurred way back in April 2020 and they’re just informing consumers. Payment skimming malware is to blame. Experts suspect that this breach is the result of a Magecart attack. 

cybersecurity news represented by agauge showing severe risk

Individual Risk 2.802 = Severe

When customers made purchases on the site while it was infected malicious scripts sent the first name and surname, email address, postal address, and payment card information including the three-digit CVV code to a remote server controlled by the attackers. This is an ancient breach in terms of the time it took for consumers to be informed, and the damage has definitely already been done. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: There is no excuse for waiting more than a year to inform customers that their data has been stolen, especially financial data like credit card numbers. This incident will shake consumer confidence in the brand. 

ID Agent to the Rescue: Increase the chance of speeding past pitfalls to victory when you boost cyber resilience for every customer using the tips in our eBook The Road to Cyber ResilienceDOWNLOAD IT NOW>






South Korea – Korea Atomic Energy Research Institute (KAERI) 

https://www.theregister.com/2021/06/21/south_koreas_nuclear_think_tank/

Exploit: Nation-State Cybercrime

 Korea Atomic Energy Research Institute (KAERI): Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.633 = Severe

South Korean officials have admitted that the government nuclear think tank Korea Atomic Energy Research Institute (KAERI) was hacked by nation-state threat actors in May 2021 after the incident was brought to light by reporters. The Korean media is accusing the agency of perpetrating a cover-up. According to experts, the North Korean Kimusky cybercrime gang is to blame. This group often uses phishing to mimic websites like Gmail, Outlook, Telegram and more. The group then installs Android and Windows backdoor “AppleSeed” to collect information and frequently makes use of ransomware. The extent of the data theft is unknown. 

Individual Impact: No sensitive personal or financial information has been confirmed as compromised in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Nation-state threat actors frequently use phishing and ransomware to get the job done, and no matter how big or small, no organization is safe.

ID Agent to the Rescue: Are all of your clients doing everything that they can to avoid risk? Use our Cybersecurity Risk Protection Checklist to make sure you’ve dotted the “I”s and crossed the “T”s. DOWNLOAD IT>>






1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.





Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831