In Other News:Alarming News A hacker warned an unsuspecting homeowner of his ability to hack the man’s home security system by speaking to him through it. In a circumstance that could only be described as ‘alarming’, a hacker who claimed to be with anonymous told the Arizona man, through the Nest security system he had installed, that he had been hacked. The hacker then listed passwords the man had on other sites. If you have a Nest security system, you may want to consider contacting the manufacturer about this incident.
Sunday, February 10, 2019
Saturday, February 9, 2019
Brazil - Cadastro de Pessoas Físicas Database - BREACH
Brazil - Cadastro de Pessoas Físicas Databasehttps://cyware.com/news/misconfigured-cloud-server-exposed-taxpayer-id-numbers-of-120-million-brazilians-91298892
Exploit: Exposed database.
Cadastro de Pessoas Físicas (CFP) Database: CFP is a Brazilian national identifying number attributed by the Brazilian Federal Revenue, that must be issued before opening a bank account, creating a business, paying taxes, or getting a loan.
Cadastro de Pessoas Físicas (CFP) Database: CFP is a Brazilian national identifying number attributed by the Brazilian Federal Revenue, that must be issued before opening a bank account, creating a business, paying taxes, or getting a loan.
 | Risk to Small Business: 1.777= Severe: The breach only contained user’s subscription status, but it is believed that this could be the first part of a more extreme breach. Because the bad actor knows if user’s subscriptions are active, inactive, or paused, they could send out spear-phishing emails about the subscriptions that would trick users into clicking. |
| Individual Risk: 1.857= Severe: There is a significant amount of personal information that was exposed during this breach that would be highly useful to a bad actor wishing to engage in a spear phishing campaign. |
Friday, February 8, 2019
China - Boomoji
China - Boomoji https://techcrunch.com/2018/12/13/popular-boomoji-app-exposed-millions-contact-lists-location-data/
Exploit: Exposed database.
Boomoji: A Chinese company that makes personalized animated avatar to be sent over text and other various apps.
Exploit: Exposed database.
Boomoji: A Chinese company that makes personalized animated avatar to be sent over text and other various apps.
|
Risk to Small Business: 2.111 = Severe: Exposed databases can be very embarrassing for a company because there is no excuse for leaving the database where customer information is stored unsecured. Customers are unlikely to return to the service, and if they do could be hesitant to enter in credit card information or reveal more of their data because they figure it could be at risk as well.
|
|
Individual Risk: 2.111 = Severe: Those affected by this breach are at an increased risk of phishing attacks. This is made a severe risk in this case because the exposed information included the contact books of the users who gave the app permission to access it.
|
How it Could Affect Your Customers’ Business: Not only is the exposed database embarrassing for the organization, but the company lied about the extent of the breach by stating the databases were for testing purposes only. Not being upfront about the breach can result in a further loss of trust in the company by the customer.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type. Learn more: https://www.idagent.com/identity-monitoring-programsRisk Levels:1 - Extreme Risk2 - Severe Risk3 - Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.
Thursday, February 7, 2019
Receiving endless robocalls on your cell phone? You’re not alone.
Receiving endless robocalls on your cell phone? You’re not alone.
According to Hiya, US consumers received 26.3 billion robocalls in 2018, a 46% year-over-year increase. Estimates show that the average person receives 10 unwanted calls per month, with 25% of them being scams. Most consumer complaints can be categorized into general spam, fraud, and telemarketing.
According to Hiya, US consumers received 26.3 billion robocalls in 2018, a 46% year-over-year increase. Estimates show that the average person receives 10 unwanted calls per month, with 25% of them being scams. Most consumer complaints can be categorized into general spam, fraud, and telemarketing.
However, this year holds the promise of significantly reducing robocalls, with the Federal Communications Commission (FCC) calling for the implementation of a call-authentication system by the end of the year. This approach would combat caller ID spoofing by requiring carriers to author a signature on calls from their network that would then be validated by other carriers.
Currently, robocalls are the leading source of consumer complaints according to both the FCC and Federal Trade Commission (FTC). In 2017, the FTC received 71 million unique grievances even though 200 million US consumers were registered to a Do Not Call list.
Breaches - France, New Zealand, Australia, Canada US and UK
 |
Exploit: User data exposure.
Houzz: Home improvement and interior decorating startup Risk to Small Business: 1.555 = SevereCustomers Impacted: To be determined >> Read full details on our blog. |
|
Exploit: Employee phishing attack.
Colorado CCPSA: Private physician practice in Lakewood, CO. Risk to Small Business: 1.333 = Severe Customers Impacted: 23,377 patients. >> Read full details on our blog. |
|
Exploit: Privacy breach by rogue employee.
Quinte Health Care: Health care services provider for Prince Edward and Hastings Counties as well as the southeast portion of Northumberland County. Risk to Small Business: 1.555 = SevereCustomers Impacted: To be determined. >> Read full details on our blog. |
| Exploit: Privacy breach by rogue tax workers Canada Revenue Agency: Tax law administrator for the government of Canada Risk to Small Business: 1.777 = Severe Customers Impacted: 41,631 Canadians >> Read full details on our blog. |
|
Exploit: Malware attack
Kwik Fit: Car service specialist Risk to Small Business: 1.777 = Severe Customers Impacted: Unknown >> Read full details on our blog. |
|
Exploit: Breach of business information systems
Airbus: Aircraft manufacturer and world's second largest aerospace group Risk to Small Business: 2.111 = SevereCustomers Impacted: To be determined >> Read full details on our blog. |
 |
Exploit: "Manic Menagerie" malware attack
Web Hosting Providers: Australian companies that provide web hosting services Risk to Small Business: 2.000 = SevereCustomers Impacted: Unknown >> Read full details on our blog. |
|
Exploit: Payment fraud
Cryptopia: Online cryptocurrency exchange. Risk to Small Business: 1.555 = Severe Customers Impacted: 17,000 cryptocurrency wallets >> Read full details on our blog. |
Dark Web ID Trends:
Dark Web ID Trends:Top Source Hits: ID Theft Forum (100%)
Top Compromise Type: Domain (99%)
Top Industry: High-Tech / IT
Top Employee Count: 11 - 50 Employees (43%)
Top Compromise Type: Domain (99%)
Top Industry: High-Tech / IT
Top Employee Count: 11 - 50 Employees (43%)
Subscribe to:
Posts (Atom)
-
Windows 10 End-of-Life: Why You Must Upgrade Now to Stay Secure and Compliant Microsoft has officially announced the end of support for Win...
-
What is SOC-as-a-Service? By Robert Blake Having a Security Operations Center (SOC) in-house is expensive for the average business. Large ...
-
In today’s digital-first world, non-profit organizations are under increasing pressure to secure sensitive data, streamline operations, and ...
