Search
  • Avantia Threat Update

AMERICAN AIRLINES REVEALS THE FUTURE OF AIR TRAVEL



This Past Week: American Airlines just revealed the a future (you may feel uncomfortable with); Apple releases emergency update for iPhones, iPads, and Apple Watch; Switching it up: How companies managed remote working during a pandemic; Microsoft Teams displays are getting a set of handy new features; UK emphasises cyber security in new foreign policy strategy; More Than a Quarter of Cyber Threats Never Seen Before; How to avoid a spear-phishing attack. 4 tips to keep you safe from timeless scams; Beat phishing by calling the sender; Know the basic signs of phishing scams; Acer gets hit for a massive ransom; Chinese hackers meddle in Western Australia’s Parliament; School is out at two hacked colleges and Major breaches in UNITED KINGDOM; AUSTRALIA; UNITED STATES and TAIWAN.

_________________________________________________________________________


American Airlines just revealed the a future (you may feel uncomfortable with)

So, now that the Corona Virus vaccine is starting to have effect you're thinking of flying again. If your American then perhaps just within America. With interesting timing, American Airlines shows just how much is about to change, with technology at the heart of everything. Delta, United, and Alaska all made noises about soon breaking even. Gary Kelly, Southwest's CEO chirped that this "feels like the beginning of the end." So along came American Airlines to helpfully prepare customers for what the end might really look like. It offered ABC's Good Morning America a glimpse at all the tech innovations it's bringing to the passenger experience. Some of them may seem a little chilling, even if the intention -- officially-- is to make passengers feel good. This is the new normal. A normal where you go to the airport and are encouraged to touch nothing at all. Instead, your face is your passport to everything but another country. You check in by staring into a camera. You drop your bag off by staring into another camera. It's surely the most glorious experience for all those who have obsessively taken selfies since toddlerhood. "Everything you see at our airports today didn't exist a year ago," said Julie Rath, American's VP of customer experience. Oh, I don't know about that. Almost two years ago, I was at Minneapolis Airport watching Delta's international passengers being boarded via facial recognition. This was supposed to be optional. It didn't seem very optional at all. American, too, has been testing the new technology on some of its international flights. Easy to do, when they're not exactly full. The intention now, though, is to install these systems for all domestic flights. Some might mutter that it's interesting how disasters often lead to greater intrusions. And it's not as if facial recognition has an exemplary reputation thus far. Yet here was Wrath's answer on being asked if the future of air travel is your phone and your face: "In the future, you may not even need your phone. Just literally facial recognition can get you through the airport." I fancy one or two people will just literally feel uncomfortable about that.

It's all very well instituting COVID-19-inspired innovations such as touchless payment on board or QR codes that allow you to have a video chat with a customer service robot -- I'm sorry, I mean a real, live customer service person. But when your face is your whole, your identity is surely disseminated even further and wider than it is now. Ah, says, American. Please don't worry about that. All the data is completely disappeared from its systems within 24 hours. "Oh, that's OK then," say customers who have lived a while. Here is where your desperation to fly again meets your concerns about privacy. Do you even stop to think about any privacy risks if you can finally -- and, perhaps, safely -- get on a plane and disappear for a little while? Well, when you've already had your whole body being intimately photographed by the X-Ray machine every time you fly, why worry about whether your face might be floating in some distant ether? This is the future. You don't need to embrace it. It's far too busy embracing you, and never letting go.


Apple releases emergency update for iPhones, iPads, and Apple Watch

Apple has released an emergency update to patch a serious vulnerability found in iOS, iPadOS, and watchOS. The patches are iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.3.3, respectively. The vulnerability, discovered by Google's Threat Analysis Group, affects Apple's WebKit browser engine, and what makes this an urgent update is the fact that Apple claims the vulnerability is being actively exploited. Underlining the seriousness of this vulnerability is the fact that Apple has pushed out iOS 12.5.2 for older devices: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). The bottom line: This patch is important. Install it now. On the iPhone and iPad, fire up Settings and head over to General > Software Update. For the Apple Watch, go into the Apple Watch app.


Switching it up: How companies managed remote working during a pandemic

Unless you worked for a company that endorsed some form of flexible working arrangement -- and many increasingly were -- remote working would have been a foreign concept at the start of last year. That is, of course, until the COVID-19 pandemic hit. It was then that we saw organisations across most sectors scramble to figure out how they were going to continue to operate, while balancing the health and safety of staff. The solution was obvious: Remote working. As staff traded working in open-planned, hot-desking-style office environments for their kitchen tables, in a quiet corner, or the spare room in their home, management was forced to come up with solutions to facilitate the shift and do it in a way that caused as few disruptions as possible. Introducing video conferencing applications, online collaboration tools, and equipping staff with laptops were just a few of those solutions that organisations, such as Services Australia, turned to. "The number of staff working from home at the height of COVID required the rapid mobilisation of resources to support a remote work environment and minimise disruption for our staff and customers," Services Australia CIO Michael McNamara told ZDNet. He explained that the Australian Government Department which was responsible for providing welfare support to millions of Australians during the height of the pandemic -- including 1.5 million new customers which didn't go quite as planned -- had to deliver around 9,000 "office-in-a-box" kits to staff over five weeks. "This included phones and PCs with the ability to connect to our network and hold virtual meetings from home," McNamara said. "In this same period, we had around 2,000 additional staff join us from across the APS (Australian Public Service) who, within a matter of weeks, were trained and on-boarded with the tools they needed to assist us to take calls and process claims from both home and office environments. This required the fit out and testing of new workstations across six sites in less than two weeks." During that same period, McNamara said the department experienced unprecedented demand on myGov, which caused widespread access issues and forced the department to make upgrades so that the system was fit to handle the demand. "We quickly scaled up, simplified policy, and re-designed our digital services so we could help Centrelink customers online from the safety of their homes. In just 55 days, we processed 1.3 million JobSeeker claims, a claim volume normally processed in two and a half years. Our flexible IT capability enabled us to bolster myGov and, as a result, it now has the largest capacity of any authenticated online platform in Australia," he said. For others, such as Telstra and National Australia Bank (NAB), transitioning to remote working was much easier. Partly because flexible working arrangements were already in place and staff were accustomed to working with other team members who resided interstate. Prior to COVID-19, Telstra staff, for instance, were already working 1.7 days a week from home. Plus, in August 2019, parts of the company were rolling out Microsoft Teams to enable video calling, which was just accelerated once COVID-19 hit."People at Telstra have enjoyed flexible working for almost a decade, and this made the transition to full working from home arrangements relatively seamless for our 25,000 office-based people when COVID first hit," Telstra boss Andy Penn said."Flexible working has become critically important to business over these past 12 months … we are in a new era of hybrid work, where someone lives should no longer be a limitation to the work they undertake. "At Telstra we are moving to a 'location agnostic' approach for all office and contact centre-based roles, opening up the talent pool beyond the typical CBD, meaning we can advertise roles with no fixed address attached. As an example, we already have 80% of our contact centre consultants in Australia choosing to work from home on any given day -- and 100% are now able to do so."As a workaround to ensuring all staff were well-equipped with the necessary tools for remote working, Telstra began standardising its technology equipment by taking what Julian Clarke, Telstra's group owner for Next Gen People Practices, described as a "human-centric design approach". "We looked at various personas of people across the company, so tech tribe, sales savvy, and said, 'Right, for that type of work what things do you need?'. Something like a tablet if they go and see customers a lot. "We've been surprised ourselves. We thought that most people would need one monitor, but some people have said they need two, so we've allowed for multiple monitors at home as part of our standard offering now." In addition, Telstra started to look at the design aspect when it came to helping staff with working remotely full time by giving people the option to choose the size of their desks so it could fit in their homes or providing alternative solutions. "Most people at home before didn't have a camera. And if they did, it was a camera on their laptop and because they were already working one day from home, they were managing with that. But when you're working from home all of the time, people were saying, 'I want a camera built into my monitor because it's just easier that way'," Clarke explained."To save space, we're actually trialling a monitor that has a camera and a docking station in-built to help people minimise space in their home because some have said it's just taking up all the space on my dining room table." Like Telstra, NAB was already adopting new technologies, such as a public multi-cloud strategy pre-pandemic. This fortuitously worked in its favour and enabled the company to scale quickly when the pandemic hit."Our ongoing investment in technology prior to COVID-19 put us in a great position to be able to rapidly respond to this crisis. It has given us greater resilience in our systems, and the ability to continue serving customers remotely," NAB Enterprise technology executive Steve Day said. "In March 2020, we went from approximately 5,000 remote workers to 30,000 in just three weeks, with 98% of operations staff working remotely in just five days." "Our technology team moved quickly and through secure remote access for both cloud-based and on-premise applications we were able to ensure our colleagues, including our 1400-strong contact centre team -- which are all Australian-based -- could continue serving our customers. "In the past year, we switched on new communication options for customers including live chat and chatbot functions. They're options that will remain available for NAB's millions of customers." In addition, NAB's workplace technology team rolled out Windows 10 to all head office staff, with upgrades for branch staff still underway, and introduced collaboration platforms such as Microsoft 365 Teams, OneDrive, and Zoom into its environment. The black and red bank has also opted to move away from legacy token-based remote access to avoid any potential delivery delays of virtual private networking equipment to staff. Instead, the bank has supplied staff with Zscaler cloud-based private access and internet access to enable them a secure connection to corporate applications.


Microsoft Teams displays are getting a set of handy new features

Microsoft is rolling out new improvements for its Teams displays, including Cortana search for meetings, swappable backgrounds for Teams, and quick replies in chat. The features are rolling out as part of Microsoft's March 2021 update for Teams displays, which focuses Teams through devices like Lenovo's Thinksmart View, a dedicated screen just for Teams collaboration. The idea is that having Teams on a second display means that separating out team work and individual work can make focus easier. The Teams display experience is gaining some assistance from Cortana and Microsoft's Bing search engine to help users find information with voice while collaborating with colleagues. For example, the time in New York. This feature for Teams displays follows Microsoft's recent roll out of natural-language queries in English in the US for Teams mobile and Office mobile. That allowed people to use voice commands for Cortana to find messages, chats, and meetings. Teams on Macs and Windows PCs have let users swap out backgrounds for a while now. That same capability, including blurry backgrounds, is now coming to Teams displays like the Thinksmart View. Additionally, Microsoft is enabling access to Cortana and the Bing skills to users of these devices in Australia, Canada, India and the UK. Users can ask Cortana to show a schedule, send messages, and make calls. This update also brings live reactions to meetings on Teams displays with a range of emoticons to show support, applause, love and laughter during a meeting. For Teams on the desktop, the next feature Microsoft is lining up is a new file-sharing experience that lets users create a link to files stored in Teams. Users will be able to set permissions for files stored in SharePoint or OneDrive.


Three billion phishing emails are sent every day. But one change could make life much harder for scammers

Cyber criminals are sending over three billion emails a day as part of phishing attacks designed to look like they come from trusted senders. By spoofing the sender identity used in the 'from' field in messages, cyber criminals attempt to lure potential victims into opening emails from names they trust. This could be the name of a trusted brand like a retailer or delivery company, or even, in more sophisticated attacks, Cyber criminals are sending over three billion emails a day as part of phishing attacks designed to look like they come from trusted senders. By spoofing the sender identity used in the 'from' field in messages, cyber criminals attempt to lure potential victims into opening emails from names they trust. This could be the name of a trusted brand like a retailer or delivery company, or even, in more sophisticated attacks, the name of their CEO or a colleague. These phishing attacks might sound simple, but they work – and that's why so many of these messages are distributed by cyber criminals. And according to a report by email security company Valimail, over three billion spoofing messages are sent every day, accounting for 1% of all email traffic. One of the reasons why email remains such a common attack vector is Cyber criminals are sending over three billion emails a day as part of phishing attacks designed to look like they come from trusted senders. By spoofing the sender identity used in the 'from' field in messages, cyber criminals attempt to lure potential victims into opening emails from names they trust. This could be the name of a trusted brand like a retailer or delivery company, or even, in more sophisticated attacks, the name of their CEO or a colleague. These phishing attacks might sound simple, but they work – and that's why so many of these messages are distributed by cyber criminals. And according to a report by email security company Valimail, over three billion spoofing messages are sent every day, accounting for 1% of all email traffic. One of the reasons why email remains such a common attack vector is because of the rise of remote working. Employees are dealing with an increase in corporate communications being conducted over email, while the reality of working from home means that it's harder for people to ask if an email is legitimate. All of this combined means that phishing emails are putting people and organisations at risk of cyberattacks, including credential theft, malware and ransomware. However, it's possible for organisations to help defend against spoofed emails by applying DMARC (Domain-based Message Authentication, Reporting & Conformance), which is an email authentication protocol that, when implemented, means only authorized senders can send email using the domain, preventing spam emails being sent. It also contains a reporting function for ongoing improvement and protection. DMARC enforcement helps prevent spoofed emails from being delivered in the first place, with analysis by Valimail finding that 1.9% of email from domains without DMARC enforcement is suspicious, while just 0.4% of email from domains with DMARC enforcement is suspicious. Ultimately, domains without DMARC applied are almost five times more likely to be the target of phishing emails than domains that do have it applied, so organisations can help make the internet a safer place by protecting domains with it. "Privacy laws already exist in Europe and parts of the United States, and if a company does any business in those areas, a DMARC policy at enforcement is essential," said Alexander García-Tobar, CEO and co-founder of Valimail. "By having valid email authentication in place, companies protect themselves and their customers from privacy violations. Without it, emails are sent without permission, fines are issued, confidential information is obtained and reputations sink."


UK emphasises cyber security in new foreign policy strategy

The UK government plans to invest £24 billion in cyber security and the armed forces as part of a major shake-up of its defence policy. Called Global Britain in a Competitive Age: the Integrated Review of Security, Defence, Development and Foreign Policy includes a new “full-spectrum” approach to the UK’s cyber security capabilities, which are designed to improve the country’s defences and deter potential attackers. “In strengthening our homeland security, we will build on the firm foundations in counter-terrorism, intelligence, cyber security and countering the proliferation of chemical, biological, radiological and nuclear […] weapons,” the report says. One way it’s doing that is through an amendment of its nuclear missile policy. Under the new strategy, the government says it’s prepared to launch nuclear attacks if the country faced an exceptional threat that used cyber weapons or other “emerging technologies”. This marks a change from existing UK policy, which states that the Trident nuclear programme could only be used against another nuclear power or in response to extreme chemical or biological threats. A central part of this review is the NCF (National Cyber Force), which uses “offensive cyber tools” to detect, disrupt and deter adversaries. Formed in 2020, the NCF is a partnership between the Ministry of Defence and GCHQ. The exact nature of its work is highly secretive, although GCHQ has given its assurance that its operations do not violate any laws. This suggests that the NCF focuses on techniques to prevent adversaries from operating rather than attacking them or breaching their systems. This is in line with what little we know about the tools at the NCF’s disposal. For example, it is authorised to interfere with mobile phones to stop terrorists communicating with their contacts, and can implement defences to protect military aircraft from weapons systems. The report proposes that these changes should be part of a “whole-of-cyber” approach to both offensive and defensive capabilities. It recommends looking at a range of capabilities, including creating a way to make the Internet safer for users, as well as ways in which the UK can take the lead in technologies vital to cyber power, such as microprocessors, quantum technologies and new forms of data transmission. Commenting on the proposed cyber security policy, Prime Minister Boris Johnson said: “Cyber power is revolutionising the way we live our lives and fight our wars, just as air power did 100 years ago. We need to build up our cyber capability so we can grasp the opportunities it presents while ensuring those who seek to use its powers to attack us and our way of life are thwarted at every turn.” He added: “Our new, full-spectrum approach to cyber will transform our ability to protect our people, promote our interests around the world and make the lives of British people better every day.”


More Than a Quarter of Cyber Threats Never Seen Before

Over a quarter (29%) of threats spotted in Q4 2020 had never before been detected in-the-wild, giving attackers an advantage over their victims, according to HP Inc. The tech giant’s latest Quarterly Threat Insights Report was compiled from data gathered from its global customers’ Sure Click virtual machines from October to December 2020. While these isolated micro-VMs effectively segment malware from the endpoint and let it execute harmlessly, the widespread use of packers and obfuscation techniques would help malicious code bypass traditional detection-based filters, HP claimed. Some 88% of threats were delivered via email, and it took nearly nine days on average for AV engines to recognize their hash. Fake invoice attachments were the most common lure. Trojans accounted for 66% of malware in the period, driven by spam campaigns delivering banking malware Dridex. Malicious executables surged by 12%, with CVE-2017-11882 accounting for nearly three-quarters of detections. Another legacy bug, CVE-2017-0199, accounted for a 12% growth in malware designed to run malicious scripts when a victim opens an Office document. The two findings are a reminder that, despite the current focus on attacks exploiting zero-day vulnerabilities, many campaigns look to capitalize on the fact that organizations often overlook flaws left unpatched from years ago. Other trends spotted by HP include email thread-hijacking designed to distribute Emotet in government organizations in Central America, the return of the ZLoader banking Trojan and a new Office malware builder (APOMacroSploit) used to craft delivery themed spam campaigns to distribute BitRAT malware. “Opportunistic cybercrime does not show any signs of slowing. Low-cost malware-as-a-service kits are an attractive prospect to cyber-criminals and we have seen these continue to proliferate in underground forums. Kits like APOMacroSploit, which emerged in Q4 2020, can be bought for as little as $50 USD,” said Alex Holland, senior malware analyst at HP Inc. “We have also seen threat actors continue to experiment with malware delivery techniques to improve their chances of establishing footholds into networks. The most effective execution techniques we saw in Q4 2020 involved old technologies like Excel 4.0 macros that often offer little visibility to detection tools.”

How to avoid a spear-phishing attack. 4 tips to keep you safe from timeless scams.

Everyone has access to something a hacker wants. To get it, hackers might aim a targeted attack right at you. The goal might be stealing customer data that's useful for identity theft, your company's intellectual property or even your personal income data. The latter could help hackers steal your tax refund or file for Everyone has access to something a hacker wants. To get it, hackers might aim a targeted attack right at you. The goal might be stealing customer data that's useful for identity theft, your company's intellectual property or even your personal income data. The latter could help hackers steal your tax refund or file for unemployment benefits in your name. Targeted attacks, also called spear-phishing, aim to trick you into handing over login credentials or downloading malicious software. That's what happened at Twitter in July, where the company says hackers targeted employees on their phones. Spear-phishing attacks also often take place over email. Hackers usually send targets an "urgent" message and include credible-sounding information specific to you, like something that could have come from your own tax return, social media account or credit card bill. These scams aim to override any red flags you might notice about the email with details that make the sender sound legitimate. When Twitter employees fell for a spear-phishing trick, Democratic presidential candidate Joe Biden's Twitter account was compromised and pushed a cryptocurrency scam. CNET has blocked out the address that hackers included in the tweet.Bottom of Form Despite corporate training and stern warnings to be careful who you give your password to, people do fall for these tricks. In addition to the Twitter fiasco, there was the release of Hillary Clinton campaign chair John Podesta's emails, including his technique for making risotto (hint: keep stirring!). Podesta reportedly entered his personal username and password into a fake form designed by hackers specifically to capture his credentials. Another consequence of falling for a spear-phishing scam could be downloading malicious software, like ransomware. You could also be convinced to wire money to a cybercriminal's account. So how do you avoid falling for a spear-phishing scam? By taking these security habits to heart.

Know the basic signs of phishing scams Phishing emails, texts and phone calls try to trick you into visiting a malicious website, handing over a password or downloading a file. This works in email attacks because people often spend the whole day at work clicking on links and downloading files as part of their jobs. Hackers know this and try to take advantage of your propensity to click without thinking.

So the No. 1 defense against phishing emails is to pause before clicking. First, check for signs the sender is who they claim to be:


· Look at the "from" field. Is the person or business's name spelled correctly, and does the email address actually match the name of the sender? Or are there a bunch of random characters in the email address instead?

· While we're at it, does the email address seem close, but a little off? E.g. Microsft.net, or Microsoft.co.

· Hover your mouse over any links in the email to see the true URLs they will send you to. Do they look legitimate? Remember not to click!

· Check the greeting. Does the sender address you by name? "Customer" or "Sir" would be red flags.

· Read the email closely. Is it generally free from spelling errors or odd grammar?

· Think about the tone of the message. Is it overly urgent or trying to get you to do something you normally wouldn't?


Don't fall for more advanced phishing emails that use these techniques

Even if an email passes the initial smell test outlined above, it could still be a trap. A spear-phishing email might include your name, use more polished language and seem specific to you. It's just plain harder to notice. Then there are targeted phone calls, in which someone calls you and tries to manipulate you into handing over information or visiting a malicious website. Because spear-phishing scams can be so tricky, there's an extra layer of caution you should apply before acting on a request that comes over email or the phone. The most important of these extra steps: guard your password. Never follow a link from your email to a website and then enter your account password. Never give your password to anyone over the phone. Banks, email providers and social media platforms often make it policy to never ask for your password in an email or phone call. Instead, you can go to the company's website in your browser and log in there. You can also dial back to the company's call customer service department to see if the request is legit. Most financial institutions, like your bank, will send secure messages through a separate inbox you can access only after you've logged onto the website.

Beat phishing by calling the sender

If someone sends you something "important" to download, asks you to reset your account passwords or requests that you send a money order from company accounts, call the sender of the message -- like your boss, your bank or other financial institution, or the IRS -- and make sure they really sent it to you.

If the request came by phone call, you can still pause and double check. For example, if someone says they're calling from your bank, you can tell the caller you're going to hang up and call back on the company's main customer service line.

A phishing message will often try to make the request seem incredibly urgent, so you might not feel inclined to add an extra step by calling the sender to double-check. For example, an email might say that your account has been compromised and you need to reset your password ASAP, or that your account will expire unless you act by the end of the day.

Don't panic. You're always in the right if you take a few extra minutes to verify a request that could cost you or your company financially, or damage your reputation..

Know the basic signs of phishing scams

Phishing emails, texts and phone calls try to trick you into visiting a malicious website, handing over a password or downloading a file. This works in email attacks because people often spend the whole day at work clicking on links and downloading files as part of their jobs. Hackers know this and try to take advantage of your propensity to click without thinking. So the No. 1 defence against phishing emails is to pause before clicking. First, check for signs the sender is who they claim to be:


· Look at the "from" field. Is the person or business's name spelled correctly, and does the email address actually match the name of the sender? Or are there a bunch of random characters in the email address instead?

· While we're at it, does the email address seem close, but a little off? E.g. Microsft.net, or Microsoft.co.

· Hover your mouse over any links in the email to see the true URLs they will send you to. Do they look legitimate? Remember not to click!

· Check the greeting. Does the sender address you by name? "Customer" or "Sir" would be red flags.

· Read the email closely. Is it generally free from spelling errors or odd grammar?

· Think about the tone of the message. Is it overly urgent or trying to get you to do something you normally wouldn't?


__________________________________________________________________________________



THREAT FOCUS: United States – Descartes Aljex Software

https://www.hackread.com/shipping-management-software-firm-data-online/


Exploit: Unsecured Database

Descartes Aljex Software: Shipping Software Developer

Risk to Business: 1.726 = Severe - An unsecured database is always trouble as Descartes Aljex Software discovered this week. 103 GB worth of data belonging to the New Jersey-based company was discovered by researchers after it was left exposed on a misconfigured AWS S3 Bucket. The exposed data contained corporate, client and employee information.

Risk to Individuals: 1.667 = Severe - An unsecured database is always trouble as Aljex clients’ account data that was exposed included full names, phone numbers, email addresses, Aljex usernames, and plaintext passwords. Carrier information, their full names and email addresses as well as their house addresses and phone numbers were compromised. Client shipment details, shipment information, recipient’s consignee name, shipment origin and destination, addresses, and phone numbers were included in the data that was exposed. Sales representative details were also exposed including full names, corporate emails, Aljex usernames, and sales representative IDs

Customers Impacted: 4,000

How it Could Affect Your Business: Third-party and supply chain risk is growing more dangerous for businesses as the ripple effect of breaches like this fuels cybercrime. Take precautions now to avoid headaches later.

Avantia Cyber Security to the Rescue: Read our eBook “Breaking Up With Third-Party & Supply Chain Risk” for tips to minimize the impact of this risk and defensive strategies. GET THIS BOOK>>


THREAT FOCUS: United States – Guns.com

https://www.hackread.com/hacker-dumps-guns-com-database-customers-admin-data/

Exploit: Hacking

Guns.com: Online Gun Marketplace

Risk to Business: 1.227 = Extreme = An enormous database from Guns.com made an appearance in a hacker forum this week and it’s a major trove of information. The abundant data contains both administrator and user information including user IDs, full names, an estimated 400,000 email addresses, password hashes, physical addresses, ZIPcodes, city, state, Magneto IDs, phone numbers, account creation date and other personal details. One of the folders in the leaked database includes customers’ bank account details including full name, bank name, account type and Dwolla IDs. To top it off, an Excel file in the database was exposed containing sensitive login details of Guns.com including its administrator’s WordPress, MYSQL, and Cloud (Azure) credentials, with all admin credentials including admin emails, passwords, login links, and server addresses in plain text format.

Individual Risk: 1.112 = Extreme - Users of Guns.com are significantly impacted, as extensive banking and personal information has been exposed. They should be wary of identity theft, spear phishing, and business email compromise/fraud risks as well as change any passwords shared with this account

Customers Impacted: 400,000

How it Could Affect Your Business Sensitive Personally Identifiable Information (PII) requires strong protection, especially when financial information for clients is at stake.

Avantia Cyber Security to the Rescue: Make sure that your systems and data have strong protection from hackers with multifactor authentication from Passly. SEE PASSLY IN ACTION>>


THREAT FOCUS: United States – Maricopa Community College

https://www.azcentral.com/story/news/local/arizona-education/2021/03/19/maricopa-community-college-students-without-tech-systems/4759189001/

Exploit: Ransomware

Maricopa Community College: Institution of Higher Learning

Risk to Business: 2.312 = Severe - Classes have been disrupted as a suspected ransomware attack has caused extensive IT outages at Maricopa Community College. Education tools including MyInfo, Canvas, RioLearn, Maricopa email, Maricopa Google Tools and the Student Information System/Student Center are unavailable. The 10 college system has extended the semester by at least a week and expects service to be restored this week.

Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: One small email handling mistake can have devastating consequences. Stop ransomware from clobbering your business by preventing employees from interacting with phishing emails.

Avantia Cyber Security to the Rescue: Ransomware risks are up by more than 100%. learn how to fight back in Ransomware 101. GET THIS BOOK>>


THREAT FOCUS: United Kingdom – South and City College Birmingham

https://feweek.co.uk/2021/03/15/college-group-closes-all-campuses-for-a-week-following-major-cyber-attack/

Exploit: Ransomware

South and City College Birmingham: Institution of Higher Learning

Risk to Business: 1.102 = Extreme - The eight sites of South and City College Birmingham closed down in-person learning again this week after a purported ransomware attack wreaked havoc. Students will be back to learning online until systems can be restored, which may take weeks. An investigation is underway.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: 13,000

How it Could Affect Your Business: Even without data theft, ransomware can cause a massive disruption that cripples your business. Scenarios like this are also ripe for exploitation with double extortion ransomware.

AVANTIA CYBER SECURITY TO THE RESCUE: The new BullPhish ID removes training pain points for employees and trainers, making better (and more frequent) training a snap. SEE IT IN ACTION>>


THREAT FOCUS: United Kingdom – The Defence Academy of the United Kingdom

https://securityaffairs.co/wordpress/115870/hacking/ministry-of-defence-hacked.html

Exploit: Nation-State Hacking

The Defence Academy of the United Kingdom: Specialty Graduate School

Risk to Business: 2.775 = Moderate - A nation-state hacking incident took the website and IT system of the UK Ministry of Defence training school offline this week. Systems at the academy were extensively compromised and it will take time to completely restore the impacted computers and servers. Russian and Chinese state-sponsored hackers are suspected to be behind the offensive. IT at the school is run separately by a contractor and no systems at the Ministry of Defence were impacted.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: Human error is the top cause of cybersecurity incidents. Improve security awareness training for everyone in the organization to reduce it.

AVANTIA CYBER SECURITY to the Rescue: BullPhish ID now features customizable “set it and forget it” phishing simulation kits that include attachments, enabling you to simulate the real threats employees face every day. LEARN ABOUT THE NEW BULLPHISH ID>>



THREAT FOCUS: Australia – The Parliament of Western Australia

https://www.abc.net.au/news/2021-03-17/wa-parliament-targeted-cyber-attack/13253926

Exploit: Nation-State Hacking

Parliament of Western Australia: Regional Legislative Body

Risk to Business: 1.603 = Severe - Western Australia’s parliamentary email network was infiltrated by suspected Chinese hackers in the fallout of the recent massive Microsoft Exchange incident. The intrusion was detected on 03/04 in the middle of the state election campaign and led to intervention from Australia’s cybersecurity watchdog. Email service was disrupted but an investigation by Western Australia’s Parliamentary Services Department concluded that no sensitive data was stolen in the attack.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: Nation-state hacking is a menace that doesn’t show signs of slowing down. Couple that with a massive third party breach at a major technology vendor and danger escalates

AVANTIA CYBER SECURITY to the Rescue: Get The Road to Cyber Resilience to learn strategies and solutions that can make your business bounce back faster from cybersecurity disasters. READ THE BOOK>>


THREAT FOCUS: Taiwan – Acer

https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/

Exploit: Ransomware

Acer: Computer Manufacturer

Risk to Business: 2.020= Severe - Acer has the dubious honor of setting a new record this year. The REvil cybercrime gang has executed a massive ransomware attack and they’re demanding the largest known ransom to date, $50,000,000. The audacious threat actors offered a 20% discount if payment was made by this past Wednesday. Data to prove the hit including samples of leaked images are for documents that include financial spreadsheets, bank balances, and bank communications has been posted as proof to hacker forums. The incident is ongoing.

Individual Impact: No sensitive personal or financial information was declared as compromised immediately but the investigation is ongoing and more details may emerge.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware doesn’t discriminate, and even a narrow impact can have big consequences for operations, causing delays and dissatisfaction for clients.

AVANTIA CYBER SECURITY to the Rescue: Look at the ascension of this menace in 2020 to see where we think it’s headed in 2021. GET THE GLOBAL YEAR IN BREACH 2021 NOW>>

________________________________________________________________________


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk