The Target: Cox Communications, a U.S based digital cable provider and telecommunicating company.
The Take: Breach of employee accounts, leading to further exposure of Personally Identifiable Information including: name, address, telephone, Cox account number, username, PIN code, account security question and answer.
The Vector: The threat actor impersonated a Cox Support Agent and gained access to a different employee’s credentials, which allowed them to view the sensitive data.
This breach highlights the ongoing and persistent threat of social engineering. Regular awareness testing and training, along with tone-from-the-top messaging to emphasize the importance of critical thinking and caution are crucial to protecting sensitive information assets.
Yahoo Finance: Dovell Bonnett talks with Mission Matters about the growing importance of efficient frontend cybersecurity and how Access Smart can help businesses achieve secure networks and data by removing their weakest link – Employee-Managed Passwords.
Global News: The Saskatchewan Liquor and Gaming Authority (SLGA) reports that it has temporarily disabled certain computer systems and applications, as it investigates a cybersecurity incident that occurred on Dec. 25.
ZDNet: Digital photography company Shutterfly reported a ransomware attack on Sunday. The incident was first reported by Bleeping Computer, which said a source told them the company was attacked by the Conti ransomware group.
BNN Bloomberg: Capital One Financial Corp. agreed to pay $190 million to settle a class-action lawsuit that customers filed against the firm after a hacker broke into its cloud-computing systems and stole their personal information.
BNN Bloomberg: Cybersecurity startup Snyk Ltd. is making preparations for an initial public offering that could happen as early as next year, according to people familiar with the matter.
BNN Bloomberg: Alibaba Group Holding Ltd. conceded it was slow to report a major vulnerability in widely used software because it was unaware of its severity, a day after China’s tech industry overseer suspended cooperation on cybersecurity with the online retail giant.
The Target: Sennheiser, an audio equipment manufacturer.
The Take: Exposure of Personally Identifiable Information of 28,000 customers including: full names, email address, phone numbers, names of client companies and their employees.
The Vector: An unsecured public facing Amazon S3 storage server was left open on the internet, meaning anyone who navigated to the address would able to view the information in full.
It is critical to employ robust practices of credential management, user authentication and validation around all points of access. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data security.
BNN Bloomberg: The RSA Conference, a major cybersecurity event that takes place annually in San Fransisco, is being delayed until June due to an increase in Covid-19 cases. The event was originally scheduled to take place in February.
CNBC: As the recent Log4j breach demonstrates, U.S. businesses and government organizations have been taking a pounding from cybercriminals. It’s coming in the form of ransomware, data breaches, distributed denial-of-service (DDoS), and other damaging attacks.
Yahoo Finance: Wipro Limited, a leading global information technology, consulting and business process services company, today announced it has signed an agreement to acquire Austin, Texas headquartered Edgile, a transformational cybersecurity consulting provider that focuses on risk and compliance, information and cloud security, and digital identity.
Financial Post: Cybersecurity company ZeroFox said it will buy digital privacy protection platform IDX and go public through a merger with blank-check firm L&F Acquisition Corp, in a deal that values the combined entity at $1.4 billion.
SEC: The Securities and Exchange Commission today announced fraud charges against five Russian nationals for engaging in a multi-year scheme to profit from stolen corporate earnings announcements obtained by hacking into the systems of two U.S.-based filing agent companies before the announcements were made public.
ZDNet: The United States Commission on International Religious Freedom (USCIRF) has been hit with a cyberattack, according to cybersecurity firm Avast.
The Target: Gumtree, a U.K based online retailer of used goods.
The Take: Exposure of potentially 1.7 million records of Personally Identifiable Information including: full name and physical location (postal code or coordinates).
The Vector: A software vulnerability allowed threat actors to view user’s physical locations by simply pressing F12 to view the Developer Tools and inspect the website’s source code, a feature present in every modern internet browser. In addition, one of its APIs exposed usernames, allowing them to be read without any authentication.
This breach highlights the importance of rigorous software testing and the deployment of authentication methods wherever user data is being handled. Ensuring that whenever a firm’s website is transmitting user data it is using protective and confidential methods, such as securing source code and employing proper authentication, will help firms meet cyber industry standards which are critical for a company’s overall posture.
Global Newswire: The Healthcare sector is experiencing a paradigm shift due to many factors. New models of care are evolving, the focus is shifting from illness to wellness, and costs continue to climb amid growing demand for personalized, long-term care and the need for patients to participate in care management.
Global News: Prime Minister Justin Trudeau has tasked a committee of senior cabinet ministers to develop a new national cybersecurity plan amid increasingly public warnings from the country’s intelligence community about online threats.
Advisor's Edge: egulators in the U.S. and U.K. are warning the financial industry about a cybersecurity vulnerability that has been uncovered with open-source software widely used in enterprise applications and cloud services.
ZDNet: Crypto platform AscendEX has pledged to reimburse their customers, who lost a total of $77.7 million in a hack on December 11.
Help Net Security: The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group (UKG), one of the biggest HR and workforce management solutions providers in the US.
Yahoo Finance: Some say that antivirus software that you install on your PC may have run its course when it comes to the next generation of computing in the cloud. Today a startup that has built what it believes comes next is making some news with a large funding round, its first outside money.
ABC News: The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent statement about a new cyber vulnerability that could touch a wide swath of the internet.
The Target: Régie Autonome des Transports Parisiens
The Take: Exposure of 3 million records of Personally Identifiable Information belonging to 60,000 employees including: full names, email addresses, source code and APIs, logins for their RATP accounts, hashed passwords, and more critically, access to the firm’s Github account where attackers could access ongoing projects.
The Vector: The data was left open and accessible to public on an unsecured SQL database backup server, allowing anyone with internet access to connect and view the sensitive information.
It is critical to employ robust practices of credential management, user authentication and validation around all points of access. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data exposure. This breach highlights the multiplicative effects of these cascading pivot attacks which is why it’s important to lock down every point of access in an IT system.
U.S. News: Israel led a 10-country simulation of a major cyberattack on the global financial system in an attempt to increase cooperation that could help to minimise any potential damage to financial markets and banks.
CNBC: Financial advisors may want to view cybersecurity as a critical issue on more than one level.
Yahoo News: Hummingbird, which sells anti-money laundering software to banks and fintechs, announced today that it raised a $30 million Series B led by new investor Battery Ventures. Existing investors Flourish and Homebrew also participated in the round, alongside FinVC and Plaid co-founder William Hockey.
Politico: Senior Biden administration officials met in Silicon Valley on Monday with key technology and cybersecurity companies as part of a push for more help from the private sector in fending off increasingly aggressive hackers working for adversarial regimes and criminal gangs.
Business Wire: In the Experian ninth annual Data Breach Industry Forecast, five predictions for 2022 underscore the ongoing impact of the pandemic on cybersecurity. Cybercriminals will continue to exploit vulnerabilities within remote working and the vaccine ecosystem, but also set their sights on new targets such as online gambling.
U.S. News: A top U.S. banking regulator is cautioning firms to ensure they have robust policies to protect themselves from cyberattacks, saying it is seeing an uptick in ransomware attacks, it said in a report issued.
CNBC: Crypto trading platform Bitmart says it will use its own money to reimburse victims of a large-scale security breach, in which hackers took as much as $196 million.
The Target: Huntington Hospital, a New York based medical center.
The Take: Exposure of 13,000 records of Personally Identifiable Information including: name, date-of-birth, phone number, addresses, internal account number, medical record number, diagnoses, and other treatment information.
The Vector: An employee improperly accessed this information without clearance and was not prevented from viewing this data based upon their level of access and role within the firm, exposing the data.
This breach highlights the important concept of Least-Privilege when it comes to system access and authorization. Employees should only have access to the minimum amount of information and privileges they need to do their role. Ensuring this process is applied at all levels of access across a firm is a key component to maintaining a robust Cybersecurity posture.
CTV News: The Office of the Secretary to Gov. Gen. Mary Simon says that there’s been an ‘unauthorized access to its internal network,’ with the scope of the breach still under investigation.
IT World Canada: FinTech revolves around technologies such as cloud, blockchain, AI, and mobile devices that are used for financial transaction payments, cryptocurrencies, money transfers, trading, and regulatory compliance.
Help Net Security: Data from a survey of 1,200 enterprise security leaders reveals that an increase in tools and manual reporting combined with control failures are contributing to the success of threats such as ransomware, which costs organizations an average of $1.85 million in recovery, according to Panaseer.
The Unites States Department of Justice: A Russian man was sentenced today for providing “bulletproof hosting” services, which were used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims throughout the United States.
KnowBe4: You already knew remote workers increase the risk of cyberattack. New data spells out exactly what the impact of a remote workforce is on data breaches and the cost to remediate.
Financial Post: Clearlake Capital Group said it would buy Quest Software from Francisco Partners, as the investment firm seeks to tap into the pandemic-spurred surge in demand for enterprise software and cybersecurity tools.
The Jerusalem Post: Forty percent of all private financial input into cyber technology and companies is invested in Israel, a new book co-written by founder of the Israel’s National Cyber Directorate has revealed.