Cybersecurity

United States – US Veterans Administration (VA)

The VA has found itself in the cybersecurity hot seat again after a data breach at a records contractor exposed more than 200,000 records for veterans. The contractor, United Valor Solutions, appears to have been the victim of a ransomware attack. Researchers found a trove of their data online, including this sensitive VA data. The…

Read more
Cybersecurity

United States – Colonial Pipeline

Colonial closed pipeline operations on May 7, when a ransomware infection was found on its computer systems. The shutdown affected the supply of gas in parts of the East Coast, with some people waiting an hour or more at filling stations or not finding gas at all. State and federal officials had warned against hoarding…

Read more
Cybersecurity

United States – LinkedIn

Bad actors have dropped notice that they’ve obtained an archive containing data purportedly scraped from 500 million LinkedIn profiles. A sample of data was posted on a popular hacker forum, with another 2 million records leaked as proof of the haul. More than 780,000 email addresses are associated with this leak. The initial listing contained…

Read more
Cybersecurity

United States – Office Depot

Security researchers discovered a non-password-protected Elasticsearch database belonging to Office Depot that contained just under a million records. The exposed records were labeled as “Production” and contained customer information, file logs and other internal records for European customers, primarily in Germany. The company has addressed the issue. Here’s the full story

Read more
Cybersecurity

United States – Illinois Office of the Attorney General

The DopplePaymer ransomware gang has leaked a large collection of files from the Illinois Office of the Attorney General after the agency declined to pay the ransom that the gang demanded. The cybercriminals released information from court cases orchestrated by the Illinois OAG, including some private documents that do not appear in public records. the…

Read more
Cybersecurity

8 Tips to Maintain Cyber Hygiene

The COVID-19 pandemic made companies realize that how important it is to protect their data. Moreover, they have realized that how crucial the role of MSPs and other IT service providers is in protecting the data. As vaccines continue to roll out, businesses are now moving from remote work to hybrid work environment. With this…

Read more

Threat Intelligence Brief by our Partner Fortinet

Top 5 Application Vulnerabilities / IPS Distribution Rank – Name – % 1. ThinkPHP.Controller.Parameter.Remote.Code.Execution – 25% 2. PHPUnit.Eval-stdin.PHP.Remote.Code.Execution – 21% 3. NETGEAR.DGN1000.CGI.Unauthenticated.Remote.Code.Execution – 19% 4. Telerik.Web.UI.RadAsyncUpload.Handling.Arbitrary.File.Upload – 19% 5. Dasan.GPON.Remote.Code.Execution – 16% Top 5 Malware Activity Distribution Rank – Name – % 1. MSOffice/CVE_2017_11882.C!exploit – 24% 2. W32/Generic_PUA_KL!tr – 23% 3. JS/RefC.G!tr – 19% 4. W32/Agent.HTL!tr.rkit – 18% 5. MSIL/GenKryptik.EKLE!tr – 16%

Read more
Cybersecurity

Canada – Canada Revenue Agency (CRA)

The CRA has locked down 800,000 online taxpayer accounts following an internal investigation that found user logins and other sensitive information may have been hacked. The agency noted that it could take until March 22 for the issues to be resolved. Here’s the full story

Read more
Cybersecurity

France – European Banking Authority (EBA)

The first dominos to fall in the massive Microsoft breach (see above) will be government entities in the US and Europe. Starting that trend, the European Banking Authority has announced that it’s been impacted. EBA officials say that personal data may have been accessed from its servers. The agency has taken its email system offline…

Read more