Search
  • Avantia Threat Update

WORKING FROM HOME? - PROTECT YOUR DATA - PROTECT YOUR BUSINESS

Updated: Apr 24



This Past Week: The World’s first Integrated Access Management program for ‘Home workers’ launched; Tesla shaves wage packets as “shared sacrifice’; Skype/Zoom hide a raft of Malware; COVID - 19 goes Mobile; A new Marriott Hotels data breach impacts 5.2Million Guests; Seven ways Hackers & Scammers are exploiting Coronavirus; Massive leak at Boeing/Lockheed Martin & SpaceX after Ransom demand denied; Phishing scams continue to target unprepared employees; Cybercriminals target online retailers as the pandemic continues to keep customers out of stores and and Major Breaches in USA; CANADA; ITALY; UNITED KINGDOM & AUSTRALIA. 


TOP DARK WEB TARGETS:

Top Source Hits: ID Theft ForumsTop

Top Compromise Type: Domain

Top Industry: Education & Research

Top Employee Count: 101-250 _________________________________________________________________


‘PASSLY’: WORLDS FIRST INTEGRATED IDENTITY ACCESS MANAGEMENT (IAM) PROGRAM LAUNCHED TO SUPPORT ‘WORK FROM HOME’ EMPLOYEES DURING COVID - 19 PANDEMIC - built for SME’s.

‘Passly’ is the world’s first Secure IAM (Integrated Access Management) platform that combines multi-factor authentication (MFA), Single Sign-On (SSO), and Password Management (PM) along with proprietary Dark Web monitoring to detect if user credentials have been compromised and are for sale on the Dark Web.

The threat of cyberattacks has never been greater, and one layer of security is not enough.

Today, nearly 80% of all data breaches are a devastating end result that could have been avoided but for lost, weak or stolen passwords. Every organisation, regardless of size, must implement a secure identity & access management platform to protect their digital identity, their data, and their business continuity. Passly provides the most comprehensive and cost effective platform available.




Protect Machines - Protect Applications - Protects Credentials

Find out more by calling Paul Nielsen at Avantia Cyber Security on +61 7 30109711


TESLA SLICES WAGE PACKETS IN CORONAVIRUS OUTBREAK AS ‘SHARED SACRIFICE’

Tesla has announced pay cuts and intends to furlough employees for a number of weeks in response to the coronavirus pandemic. In an email obtained by Electrek, the automaker, co-founded by CEO Elon Musk, said that "minimum critical operations" are still running but in order to manage costs, a "shared sacrifice" must be made. This "sacrifice" is the same that many businesses across the world are taking rather than fire workers -- either cutting salaries, furloughing staff, or both.  In Tesla's case, pay will be temporarily reduced for salaried staff. Starting 13 April, US employees at a rank of vice president or above will take a 30% cut; directors will take a 20% pay reduction, and everyone else will have their paychecks reduced by 10%.  Staff members outside the United States will also have a "comparable" pay cut.  "Employees who cannot work at home and have not been assigned to critical work onsite will be furloughed (Holidays) " the letter reads. "Under furlough, you remain an employee of Tesla (without pay) and retain your healthcare benefits." Tesla says that the "vast majority" of furloughed workers will receive roughly the same pay through unemployment benefits. While the reduction in salaries is expected to continue until the end of Q2 2020, Tesla is hopeful that production in US facilities will be back to normal on 4 May.   "As usual, for those who are onsite, if you are sick or are uncomfortable coming to work, please contact your manager and stay at home," the letter continues. "We respect your decision and you will not be penalized." The 4 May date is of interest and as noted by the publication may relate to Tesla's Fremont factory and when local shelter-in-place rules are expected to lift, barring any significant changes. The factory was closed several weeks ago.  Employees remaining in production capacities and working in research facilities are not just focused on business-as-usual projects. Instead, Musk's teams have been developing prototype ventilators that could be valuable in the fight against COVID-19.  Using components from Tesla vehicles -- and, therefore, already established in the supply chain -- engineers have created two ventilator designs including elements such as mixing chambers, pressure and flow-rate sensors, and screens powered by Tesla Model 3 infotainment systems. 


SKYPE/ZOOM - THEMED APPS HIDE A RAFT OF MALWARE

Hundreds of thousands of malware files are disguised as well-known social conferencing and collaboration apps Popular conferencing apps have become a major cybercrime lure during the COVID-19 work-from-home era – and Skype is the undisputed leader when it comes to being impersonated by malicious downloads, researchers have found. An April analysis from Kaspersky uncovered a total of 120,000 suspicious malware and adware packages in the wild masquerading as versions of the video calling app. It should be said that Skype isn’t alone in being targeted: The research found that among a total of 1,300 suspicious files not using the Skype name, 42 percent were disguised as Zoom, followed by WebEx (22 percent), GoToMeeting (13 percent), Flock (11 percent) and Slack (11 percent). “With the rise of social distancing, Kaspersky experts investigated the threat landscape for social meeting applications to make sure users are safe and their communication experience is enjoyable,” the firm said in an emailed analysis. “Social meeting applications currently provide easy ways for people to connect via video, audio or text when no other means of communication are available. However, cyber-fraudsters do not hesitate to use this fact and try to distribute various cyberthreats under the guise of popular apps.” Some of the files found turned out to be simply knockoff versions of the real thing, but among the actual threats detected, a few malwares and file types came to the fore, including two adware families: DealPly and DownloadSponsor. “Both families are installers that show ads or download adware modules,” according to the analysis. “Such software typically appears on users’ devices once they are downloaded from unofficial marketplaces.” There were also some malware threats disguised as .LNK files – shortcuts to applications – that Kaspersky detected as Exploit.Win32.CVE-2010-2568. This is “an old, yet still widespread malicious code that allows attackers to infect the target with additional malware,” according to the firm. The old, patched vulnerability it uses is a Windows Shell that is not properly handled during icon displays in Windows Explorer, which allows arbitrary code execution via specially crafted .LNK or .PIF shortcut files. It affects Windows XP, Vista and Windows 7, mostly. Trojans were also a popular malware type found in the fake apps, especially Skype, the firm found. “In the current landscape, when most of us are working from home, it is extremely important to make sure that what we use as a tool for online social meeting is downloaded from a legitimate source, set up properly and doesn’t have severe unpatched vulnerabilities,” said Denis Parinov, security expert at Kaspersky, via email.


COVID-19 GOES MOBILE: CORONAVIRUS MALICIOUS APPLICATIONS DISCOVERED

Over the past month, many articles have been published recommending that we keep our mobile phones clean to reduce the risk of Coronavirus infection.  While there’s still some debate over whether it’s strictly necessary to clean your phone case and screen to get rid of possible germs, it’s definitely a good idea to watch out for other, internal types of infection that your phone could pick up.  Skilled threat actors are exploiting peoples’ concerns about Coronavirus to spread mobile malware, including Mobile Remote Access Trojans (MRATs), Banker Trojans, and Premium Dialers, via apps which claim to offer Coronavirus-related information and help for users. Check Point’s researchers discovered 16 different malicious apps, all masquerading as legitimate coronavirus apps, which contained a range of malware aimed at stealing users’ sensitive information or generating fraudulent revenues from premium-rate services. It’s important to note that none of the malicious apps were found on an official app store. They were offered from new Coronavirus-related domains, which researchers believe had been created specifically with the aim of deceiving users.  As was reported recently, more than 30,103 new coronavirus-related domains were registered, of which 0.4% (131) were malicious and 9% (2,777) were suspicious and under investigation. This means over 51,000 of coronavirus-related domains in total have been registered since January 2020.


MARRIOTT HOTELS DISCLOSES NEW DATA BREACH IMPACTING 5.2 MILLION GUESTS

Marriott International said that names, mailing addresses, loyalty account numbers and other personal information of an estimated 5.2 million guests may've been exposed in a data breach. This is the second major security incident to hit the hotel group in less than two years.  Marriott said it spotted that an "unexpected amount" of guest information may've been accessed at the end of February using the login credentials of two employees at a franchise property. The hotel group said information exposed may include names, addresses, emails, phone numbers and birthdays as well as loyalty account details and information like room preferences.  Marriott said the investigation is ongoing but that it doesn't believe credit card numbers, passport information or driver's license numbers were exposed. In November 2018, Marriott announced that hackers compromised the reservation database for its Starwood division in one of the largest data breaches ever. Following an investigation, the hotel group said hackers accessed the records of up to 383 million guests and stole more than 5 million passport numbers.  The company is sending emails to guests impacted by this latest breach and offering a year of free personal information monitoring,

 

7 WAYS HACKERS AND SCAMMERS ARE EXPLOITING CORONAVIRUS PANIC

Most of the recent cyber attacks are primarily exploiting the fears around the COVID-19 outbreak—fueled by disinformation and fake news—to distribute malware via Google Play apps, malicious links and attachments, and execute ransomware attacks. Here, we took a look at some of the wide range of unseen threats rising in the digital space, powered by coronavirus-themed lures that cybercriminals are using for espionage and commercial gain.

Coronavirus-themed Digital Threats

“Every country in the world has seen at least one COVID-19 themed attack,” said Rob Lefferts, corporate vice president for Microsoft 365 Security. These attacks, however, account for less than 2% of all attacks analyzed by Microsoft on a daily basis. “Our data shows that these COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to this pandemic,” Lefferts added. “This means we’re seeing a changing of lures, not a surge in attacks.”

1. Mobile Malware

Check Point Research uncovered at least 16 different mobile apps, which claimed to offer information related to the outbreak but instead contained malware, including adware (Hiddad) and banker Trojans (Cerberus), that stole users’ personal information or generated fraudulent revenues from premium-rate services. “Skilled threat actors are exploiting people’s concerns about coronavirus to spread mobile malware, including Mobile Remote Access Trojans (MRATs), banker trojans, and premium dialers, via apps which claim to offer Coronavirus-related information and help for users,” Check Point Research said in a report shared with The Hacker News. All the 16 apps in question were discovered on newly created coronavirus-related domains, which have seen a huge spike over the past few weeks.

2. Email Phishing

In a separate report published and shared, cybersecurity firm Group-IB claims to have found that most COVOD-19 related phishing emails came with AgentTesla (45%), NetWire (30%), and LokiBot (8%) embedded as attachments, thereby allowing the attacker to steal personal and financial data. The emails, which were sent between February 13 and April 1, 2020, masqueraded as health advisories from the World Health Organization, UNICEF, and other international agencies and companies such as Maersk, Pekos Valves, and CISCO.

3. Discounted off-the-shelf Malware

Group-IB’s research also found more than 500 posts on underground forums where users offered coronavirus discounts and promotional codes on DDoS, spamming, and other malware services. This is consistent with Check Point Research’s earlier findings of hackers promoting their exploit tools on the dark-net with ‘COVID19’ or ‘coronavirus’ as discount codes.

4. SMS Phishing

The US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) also issued a joint advisory about fake SMS messages from senders such as “COVID” and “UKGOV” which contain a link to phishing sites. “In addition to SMS, possible channels include WhatsApp and other messaging services,” CISA cautioned.

5. Face Mask and Hand Sanitizer Scams

Europol recently arrested a 39-year-old man from Singapore for allegedly attempting to launder cash generated from a business email scam (BEC) by posing as a legitimate company that advertised the fast delivery of FFP2 surgical masks and hand sanitizers. An unnamed pharmaceutical company, based in Europe, was defrauded out of €6.64 million after the items were never delivered, and the supplier became uncontactable. Europol had previously seized €13 million in potentially dangerous drugs as part of a counterfeit medicine trafficking operation.

6. Malicious Software

As people increasingly work from home and online communication platforms such as Zoom and Microsoft Teams become crucial, threat actors are sending phishing emails that include malicious files with names such as “zoom-us-zoom_##########.exe” and “microsoft-teams_V#mu#D_##########.exe” in a bid to trick people into downloading malware on their devices.

7. Ransomware Attacks

The International Criminal Police Organization (Interpol) warned member countries that cybercriminals are attempting to target major hospitals and other institutions on the front lines of the fight against COVID-19 with ransomware. “Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage, preventing them from accessing vital files and systems until a ransom is paid,” Interpol said.

Protecting Yourself from Coronavirus Threats Online

“Malicious cyber actors are continually adjusting their tactics to take advantage of new situations, and the COVID-19 pandemic is no exception,” CISA said. “Malicious cyber actors are using the high appetite for COVID-19-related information as an opportunity to deliver malware and ransomware, and to steal user credentials. Individuals and organizations should remain vigilant.” The NCSC has offered guidance on what to look out for when opening coronavirus-themed emails and text messages that contain links to such fake websites. In general, avoid clicking on links in unsolicited emails and be wary of email attachments, and do not make meetings public and ensure they are protected by passwords to prevent videoconferencing hijacking.


RANSOMWARE CRIMINALS LEAK BOEING; LOCKHEED MARTIN AND SPACEX DOCUMENTS AFTER CONTRACTOR REFUSES TO PAY RANSOM

Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. These include Anti-mortar system specs, legal paperwork, payment forms, and more which were dumped online from infected PCs. The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment – such as the specifications for an antenna in an anti-mortar defense systems. Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program. The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang – which tends to demand hundreds of thousands to millions of dollars to restore encrypted files – uploaded a selection of the documents to a website that remains online and publicly accessible. Visser is a manufacturing and design contractor in the US whose clients are said to include aerospace, automotive, and industrial manufacturing outfits – think Lockheed Martin, SpaceX, Tesla, Boeing, Honeywell, Blue Origin, Sikorsky, Joe Gibbs Racing, the University of Colorado, the Cardiff School of Engineering, and others. The leaked files relate to these customers, in particular Tesla, Lockheed Martin, Boeing, and SpaceX. When asked about the dump, a Lockheed Martin spokesperson told us: "We are aware of the situation with Visser Precision and are following our standard response process for potential cyber incidents related to our supply chain. "Lockheed Martin has made and continues to make significant investments in cybersecurity, and uses industry-leading information security practices to protect sensitive information. This includes providing guidance to our suppliers, when appropriate, to assist them in enhancing their cybersecurity posture." Visser Precision did not respond to a request for comment on the leak. Tesla, SpaceX, and Boeing did not respond either. This is not the first time the DoppelPaymer crew has publicly shared stolen confidential data after a victim failed to pay the ransom demands. In fact, the crooks have a regularly updated website full of internal documents belonging to organizations that didn't cough up, though admittedly most are significantly less interesting than the Visser Precision cache. The dumps are intended to scare others who are infected with the ransomware into paying the group's demands. For what it's worth, the DoppelPaymer gang vowed to lay off attacking hospitals during the coronavirus pandemic. Whether or not this promise was honored is another question. While law enforcement agencies and security experts uniformly agree that paying a ransom demand is a bad idea and poor substitute for keeping offline backups and properly securing data, some experts have conceded that, when it's your corporate data on the line, caving in and paying up can be an option.

______________________________________________________________________________


THREAT FOCUS: Wolfe & Associates - UNITED STATES 

https://www.infosecurity-magazine.com/news/data-thieves-hit-wolfeassociates/


Exploit: Unauthorized access 

Wolfe & Associates: Property management company

Risk to Small Business: 2.756 = Moderate A company database containing housing applicants’ personal data was infiltrated by hackers more than six months ago, providing bad actors unfettered and unrestrained access to sensitive personal information. Wolfe & Associates learned of the breach when it was notified by a local police department, which raises real questions about their cybersecurity capabilities and defensive posture. In addition to contacting victims directly, Wolfe & Associates completed a holistic overhaul of its IT infrastructure. However, this costly upgrade won’t undo the damage of its negligent data defense.

Individual Risk: 2.593 = Moderate The stolen database contains account information for 217,000 users. This includes names, email addresses, and hashed and scrambled passwords. Those impacted by the breach should immediately update their login credentials for this website and any other service using the same information, plus closely monitor their accounts for unusual or suspicious activity.  

Customers Impacted: Unknown

Effect On Customers: In response to this incident, Wolfe & Associates undertook a holistic realignment of their data security capabilities. However, in today’s cybersecurity landscape, where hackers are actively looking to exploit lax data defense standards, companies must take action to secure critical information before a breach occurs.   

Risk Levels: 1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: Helping our SME customers understand the importance of security is no easy task. With Passly we offer the worlds first Integrated Password Management program setting them up for the win by providing the resources necessary to make remote management of lockdown employees working from home easy and stress free. For more information please call Avantia on 07 30109711 and ask for Paul.


THREAT FOCUS: Canon Business Process  - UNITED STATES

https://www.cpomagazine.com/cyber-security/third-party-data-breach-of-ge-vendor-exposes-highly-sensitive-employee-information/


Exploit: Phishing scam

Canon Business Process: Business outsourcing provider

Risk to Small Business: 1.575 = Severe After an employee fell for a phishing scam, hackers gained access to the personal data from the company’s business contracts, including General Electric. The breach occurred between February 3 and February 14, 2020, but Canon Business Process didn’t learn of the breach until February 28. Now, in addition to providing credit monitoring services for victims, Canon Business Process has damaged its reputation with a major client.

Individual Risk: 1.701 = Severe Canon Business Process provides outsourcing services for human resources and payroll responsibilities, so the compromised data includes direct deposit forms, tax forms, Social Security numbers, birth certificates, passports, benefit applications, and driver’s licenses. This information is often used to execute financial fraud, and those impacted by the breach should immediately notify their financial institutions of the breach. In addition, they should enroll in the complimentary credit monitoring services provided by Canon Business Process.    

Customers Impacted: Unknown

Effect On Customers: Third-party data breaches are becoming increasingly common, extending businesses’ cybersecurity concerns to every partnership they pursue. With the cost and consequences of a data breach continually increasing, every company should consider a company’s defensive posture before agreeing to work together.

Risk Levels:

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Phone 07 30109711 to find out more.


THREAT FOCUS: nCourt - UNITED STATES

https://www.pymnts.com/news/security-and-risk/2020/payments-processor-ncourt-left-years-data-exposed/


Exploit: Unprotected database

nCourt: Payment processor

Risk to Small Business: 2.341 = Severe nCourt developers failed to secure a database containing customers’ financial data from its two websites that facilitate court payments. The breach compromised three years of customer data through November 2019. Unfortunately, this information has already been posted on hacking forums where bad actors can use it for many nefarious purposes.  

Individual Risk: At this time, no personal information was compromised in the breach.  

Customers Impacted: Unknown

Effect On Customers: Companies in every sector have seen an uptick in cybersecurity threats as COVID-19 disrupts business-as-usual and puts many people on edge. This is especially true for the healthcare industry, which is experiencing a deluge of ransomware attacks, phishing scams, and other threats at a critical time.

Risk Levels:

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: With BullPhish ID, managers can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us by calling 07 30109711


THREAT FOCUS: Otis Bowen Center for Human Services - UNITED STATES

https://www.hipaajournal.com/35800-patients-of-the-otis-r-bowen-center-for-human-services-notified-about-email-security-breach/


Exploit: Phishing scam

Otis Bowen Center for Human Services: Mental health and addiction recovery service

Risk to Small Business: 2.223 = Sever Two employees engaged with a phishing scam that provided hackers with access to company data. Although the breach occurred in January 2020, the company only recently completed a digital forensic audit that revealed the extent of the incident. Unfortunately, this slow response time has put victims at risk of data misuse, and it could have regulatory implications because of the healthcare-oriented nature of the breach.

Individual Risk: 2.130 = Severe The company declined to identify the specific data sets, but patient data often contains peoples’ most sensitive information. Victims were notified by email, and they should take every precaution to ensure that they mitigate the possible repercussions of the breach. This includes enrolling in the complimentary credit and identity monitoring services offered by the company.  

Customers Impacted: 35,800

Effect On Customers: In 2020, data privacy regulations impact companies in every sector and in many locations. As a result, data security isn’t just an altruistic endeavor. It’s a mission-critical priority, and a failure to execute on this standard can have significant financial implications for companies that experience a data breach.

Risk Levels:

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & Huntsman Digital Auditor to the Rescue: Helping SME’s to understand the importance of security is no easy task. With an ‘Essential8’ Digital Security Audit we offer a remote access, independent ‘real time’ audit of our clients critical operational infrastructure systems to determine where the gaps are with recommendations for remediation.

Its the first step to real cyber security. Call Avantia’s office on 07 30109711 or visit: https://www.avantiacybersecurity.com/cyber-security-audit


THREAT FOCUS: Maropost platform - CANADA

https://www.scmagazine.com/home/security-news/data-breach/maropost-database-with-95-million-left-open-and-unsecure/

Exploit: Unsecured database Maropost: Customer engagement platform   

Risk to Small Business: 2.703 = Severe An unsecured database exposed the metadata for millions of customers’ emails. The database was discovered in early February by a news outlet who alerted Maropost of the vulnerability. However, those warnings went unheeded, and the database remained exposed until April 1, 2020. Now, the media is calling for customers to hold the company accountable for its actions, which means that Maropost will have to repair its reputation as it overhauls its cybersecurity practices.

Individual Risk: 2.819 = Moderate Although personally identifiable information wasn’t compromised in the incident, customer metadata could be used to create authentic-looking phishing emails that could trick customers into disclosing even more sensitive data. Those impacted by the breach should carefully scrutinize digital communications to verify their authenticity.

Customers Impacted: 95,000,000

Effect On Customers: Unsecured databases are an unforced error that can have devastating consequences for your customers and bottom line. With the consequences of a data breach becoming more apparent to all parties, people are less willing to work with companies that can’t secure critical data. Consequently, companies that want to thrive will ensure that they have taken every precaution possible to demonstrate their efficacy in this regard.

Risk Levels:

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: With BullPhish ID, managers can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us by calling 07 30109711


THREAT FOCUS: Email.it - ITALY

https://www.zdnet.com/article/email-provider-got-hacked-data-of-600000-users-now-sold-on-the-dark-web/


Exploit: Ransomware

Email.it: Email service provider

Risk to Small Business: 2.434 = Extreme This product lets parents track their child’s location and alerts them if the child leaves their designated safe location – but a coding error allowed hackers to download users’ personal data and mimic their location on the service. This dangerous vulnerability not only disrupted that functionality, it also gave hackers access to minors’ location and personally identifiable information. To make matters worse, this is the second time that the watchmaker has experienced this flaw. The same problem was discovered and repaired in 2019, raising serious questions about the platform’s commitment to cybersecurity.    

Individual Risk: 1.227 = Extreme According to hackers, the databases contain users’ plaintext passwords, security questions, email content, and email attachments. The breach pertains to those who sign up for Email.it between 2007 and 2020. Fortunately, no financial information was compromised. Users should immediately reset their account credentials while also understanding that private details from their messages are already for sale on the Dark Web.    

Customers Impacted: 600,000

Effect On Customers: The Email.it breach is extensive, but it’s not the only way that hackers acquire account login credentials. With billions of records for sale on the Dark Web, they can often obtain this information relatively easily. In response, simple actions, like using strong, unique passwords across all accounts and enabling multi-factor authentication, can help keep accounts secure even after hackers acquire login credentials 

Risk Levels:

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & Huntsman Digital Auditor to the Rescue: Helping SME’s to understand the importance of security is no easy task. With an ‘Essential8’ Digital Security Audit we offer a remote access, independent ‘real time’ audit of our clients critical operational infrastructure systems to determine where the gaps are with recommendations for remediation. Its the first step to real cyber security. Call Avantia’s office on 07 30109711 or visit: https://www.avantiacybersecurity.com/cyber-security-audit


THREAT FOCUS: Aerial Direct - UNITED KINGDOM


Exploit: Unauthorized database access 

Aerial Direct: Independent telecommunications provider   

Risk to Small Business: 1.197 = Extreme Hackers gained access to an external backup database on February 26th that included the personal information of current and former customers. The breach contains copious amounts of customer information dating back six years. Although the company was quick to secure the database, the incident could impact its customer relationships, including its relationship with the O2. At the same time, the company will likely face regulatory scrutiny under Europe’s GDPR guidelines, which could have further challenged the company’s recovery efforts. 

Individual Risk: 2.807 = Extreme The breach compromised customers’ personally identifiable information, including their names, dates of birth, business addresses, email addresses, phone numbers, and purchasing information. This information can quickly make its way across the internet, and bad actors often use it to execute new cybercrimes. Those impacted by the breach should carefully evaluate their accounts for suspicious activity while staying vigilant to assess the validity of incoming messages. 

Customers Impacted: Unknown

Effect On Customers: The defensive posture of third party contractors and the implications of data privacy regulations are some of the top concerns for today’s companies, and this incident reflects the continual struggle to account for both. Since third party partnerships will continue to be a business necessity and data privacy regulations will only continue to proliferate, now is the right time to establish a framework for managing both of these priorities.

Risk Levels:

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: Helping our SME customers understand the importance of security is no easy task. With Passly we offer the worlds first Integrated Password Management program setting them up for the win by providing the resources necessary to make remote management of lockdown employees working from home easy and stress free. For more information please call Avantia on 07 30109711 and ask for Paul.


THREAT FOCUS: My Health Record - AUSTRALIA   

https://www.zdnet.com/article/australian-digital-health-agency-reveals-two-probable-instances-of-medicare-fraud/


Exploit: Unauthorized database access 

My Health Record: Online healthcare portal

Risk to Small Business: 2.778 = Moderate An annual report by the Australian Digital Health Agency uncovered two data breaches related to My Health Record. Strangely, the incidents are several years old, undermining the company’s cybersecurity reputation, which is critical to increasing the healthcare system’s digitization efforts. Attempts to notify victims were unsuccessful, making this a challenging recovery process for all parties.  

Individual Risk: 2.890 = Moderate Those impacted by the breach had their names, addresses, dates of birth, and Medicare information exposed. This information could be used to craft convincing spear phishing emails that target victims’ sensitive data. Therefore, those impacted by the breach should be especially vigilant in assessing the validity of incoming messages. Customers Impacted: Unknown

Effect On Customers: For many companies, digitalization is a top priority. This incident is a reminder that data security and technological advancement always need to go hand-in-hand. Otherwise, the former will undermine the latter, and everyone will suffer.

Risk Levels

1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: Helping our SME customers understand the importance of security is no easy task. With Passly we offer the worlds first Integrated Password Management program setting them up for the win by providing the resources necessary to make remote management of lockdown employees working from home easy and stress free. For more information please call Avantia on 07 30109711 and ask for Paul.

______________________________________________________________________________


POSTSCRIPT


Online Retailers See Surge in Cyberattacks Amidst COVID-19 Crisis     

The COVID-19 pandemic has relegated many of us to our homes, leaving businesses with few opportunities to reach their customers and make sales. Online shopping has become a vital lifeline for thousands of businesses while brick and mortar locations are closed and millions of people shelter in place. In fact, many retailers are experiencing online traffic that is exceeding Cyber Monday activity, typically a high watermark for online shopping. Unfortunately, bad actors are capitalising on this moment by targeting e-commerce platforms for attack using tricks like account takeovers, bot-powered scraping attacks, and payment card skimming malware. For example, 80% of login incidences at home goods retailers are attributed to account takeover attempts. While a litany of COVID-19-related cyber risks has become increasingly apparent, it’s clear that online retailers need to be especially critical of their defensive posture to ensure that they can continue meeting surging demand in an uncertain retail atmosphere in order to retain customer goodwill and capture enough revenue to stay afloat in a challenging time for retail. 


Less Than Half of Businesses Provide Cybersecurity Training  

According to a recent study, less than half of UK businesses provide cybersecurity training to all employees, and 65% of IT security decision-makers view their organization as complacent when it comes to securing customer data. At the same time, the study found that correcting those issues is essential for ensuring data security. Closing the gap between best practices and actual implementation is especially important now that COVID-19 has produced many novel cybersecurity threats that even the most well-trained and cybersecurity-savvy employees might not be prepared to thwart.  At ID Agent, we know that these unprecedented times present unique challenges. That’s why we have partnered with Avantia Cyber Security to offer Passly, the ideal secure identity and access management tool for today’s remote workforce. Passly adds vital security to every user’s login credentials to quickly secure access to your systems and data.  We are also ready to support your data security initiatives with best-in-class cybersecurity training  that includes training your staff to spot and repel phishing attacks, the most common tactic that cybercriminals employ to gain entry to the heart of your business.  Our  affordable, scalable solutions can be deployed in a flash and quickly customised to work for any company, enabling you to rapidly pivot to meet today’s needs and be well positioned for tomorrow.


Disclaimer*:

Avantia Corporate Services Pty Ltd T/A Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cyber security information to us in real time. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services - All Rights Reserved.

(95,535,800)


Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.

© 2020 by Avantia CORPORATE SERVICES . All Rights Reserved.