Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
The Week in Breach: Featured – What are Deepfakes and how do you spot them?
So the first question that comes to mind is: What IS a Deepfake? Well, a deepfake is an AI (Artificial Intelligence) generated fake video or photo. The ever increasing sophistication of AI generated videos; voice and photo manipulation have made it easier (for hackers/nefarious characters) and harder (for us) to tell what is ‘REAL’ and what is fake.
If you have ever seen a video of Jon Snow apologizing for the ending of Game of Thrones, or of Mark Zuckberg bragging about having “total control of billion’s of people’s stolen data“: then you have seen a deepfake video. (For more examples – click here for an in-depth article on deepfakes)
With that being said; how are deepfakes impacting businesses? With the detection of deepfakes becoming harder to decipher, and the sharing of media content more prevalent, deepfakes will start to become a ‘go-to’ for causing political, business and social unrest. Imagine a ‘press conference’ with a CEO stating a major business decision that will impact the stock market. The havoc that would create, as well as the PR nightmare to negate the deepfake, clearly shows how dangerous they can be.
With Covid-19, the sharing of important information through webinars has allowed the wider public to gain valuable information about cybersecurity concerns. Infosec is hosting a free, virtual seminar today (11/13/20) on strategies to combat deepfakes and more generalized attack patterns. Find out more information or register for the event here
The Week in Breach News – United States
United States – JM Bullion
https://www.bankinfosecurity.com/precious-metal-trader-jm-bullion-admits-to-data-breach-a-15294
Exploit: Skimming (Magecart)
JM Bullion: Precious Metals Dealer
Risk to Business: 1.772 = Severe
This Texas precious metals trader discovered that someone was cashing in on their clients’ transactions and it wasn’t them. In a recent regulatory filing, the company disclosed that malicious payment skimming code was present and active on their website from February 18, 2020, to July 17, 2020.
Individual Risk: 1.624 = Severe
The information stolen in this attack includes customers’ names, addresses, and payment card information, including the account number, expiration date, and security codes. Customers should be alert to potential identity theft and spear phishing attempts.
Customers Impacted: Unknown
How it Could Affect Your Business: Failing to notice a payment card skimmer operating on your site for 6 months does not speak well to your company’s commitment to keeping client data secure.
IntegraMSP to the Rescue: No business can afford to overlook regular cybersecurity awareness training and risk mitigation. Our digital risk protection platform has the solutions that you need to provide strong security for your business at a great price. LEARN MORE>>
United States – University of Vermont Medical Center
https://www.idagent.com/passly-digital-risk-protection
Exploit: Ransomware
University of Vermont Medical Center: Hospital System
Risk to Business: 1.402 = Extreme
In the wake of recent warnings from US government agencies about increased ransomware risk for healthcare targets, University of Vermont Medical Center (UVM) has landed in that trap. A ransomware attack has led to significant, ongoing tech problems for the University of Vermont Health Network, affecting its six hospitals in Vermont and New York. The Vermont National Guard and the FBI have been working with the tech team at UVM to restore service since the attack first began affecting systems on October 30th. Damage assessment and recovery are ongoing, and some systems are still offline. The hospital says that urgent patient care was not impacted.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business Healthcare targets are in increasing danger from money-hungry cybercriminals who know that medical targets don’t have time for a long, complex recovery procedure, but they do have money.
IntegraMSP to the Rescue: Ransomware is typically delivered as the nasty cargo of a phishing attack. Improve your staff’s phishing resistance to fight back against ransomware threats. LEARN MORE>>
United States – GrowDiaries
Exploit: Misconfiguration
GrowDiaries: Industry Blogging Platform
Risk to Business: 2.237 = Severe
Leading cannabis industry blogging platform GrowDiaries may need to clear its head after a configuration error in Kibana apps left two Elasticsearch databases unlocked and leaking data. Those open gates allowed attackers to dive into two sets of Elasticsearch databases, with one storing 1.4 million user records and the second holding more than two million user data points.
Individual Risk: 2.612 = Moderate
One open database exposed usernames, email addresses, and IP addresses for platform users, and the other exposed user articles posted on the GrowDiaries site and users’ account passwords. Users should be aware of spear phishing and blackmail risks.
Customers Impacted: 1.4 million
How it Could Affect Your Business: Cyberattacks can have cascading consequences, with information stolen in cyberattacks coming back to haunt businesses months or years later. Data like login credentials can live on in Dark Web data dumps to haunt you later.
IntegraMSP to the Rescue: Dark Web ID helps keep credentials safe with 24/7/365 human and machine monitoring using real-time data analysis. to find compromised credentials and alert you fast. LEARN MORE>>
United States – Mattel
https://www.bleepingcomputer.com/news/security/leading-toy-maker-mattel-hit-by-ransomware/
Exploit: Ransomware
Mattel: Toymaker
Risk to Business: 2.327 = Severe
In a recent regulatory filing, Mattel told regulators that it suffered a ransomware attack in July 2020 that shut down some systems but did not include a significant data loss. Only business systems were impacted, production and distribution were not affected. Experts believe that TrickBot ransomware was used in the incident.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybersecurity awareness starts with phishing resistance. It’s the most likely delivery system for ransomware, but training only sticks if it’s refreshed at least every 4 months.
IntegraMSP to the Rescue: Don’t get caught in cybercriminal nets by ransomware lures. BullPhish ID had more than 80 plug-and-play phishing simulation campaigns ready to train your staff to spot and stop phishing now, with 4 new ones added every month. SEE HOW IT WORKS>>
United States – GEO Group
https://www.natlawreview.com/article/geo-group-hit-ransomware-attack
Exploit: Ransomware
GEO Group: Private Prison Developer
Risk to Business: 2.066 = Severe
GEO Group has begun informing impacted individuals and facilities that the Florida-based prison developer was struck by ransomware in July 2020. The company notes that some personally identifiable information and protected health information for some inmates and residents was exposed in the incident. The impacted people connected to the South Bay Correctional and Rehabilitation Facility in Florida, a youth facility in Marienville Pennsylvania, and an unnamed defunct facility in California. Employee data was also obtained in the incident.
Individual Risk: 2.221 = Severe
Residents and former residents of the impacted facilities should be alert to spear phishing, identity theft, or blackmail attempts using the stolen data. Employees of GEO group should also be on the lookout for similar activity.
Customers Impacted: Unknown
How it Could Affect Your Business: failure to stop ransomware attacks from landing on your business is a fast track to a long, messy, and expensive recovery.
IntegraMSP to the Rescue: Don’t set yourself up for disaster by failing to train everyone in your organization. From interns to the C-suite, everyone’s a potential phishing target. BullPhish Id uses fast, effective training tools like engaging videos to make sure everyone is up to speed. LEARN MORE>>
The Week in Breach Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.