Insights

Ex-Employees Still Have Access

Strange as it may seem, over 25% of people who left a company still have access. This is very dangerous. Read about the reasons why it happens and what to do to prevent it. 

 

Ex-Employees still have access


How Are Cyber Insurance Companies Assessing Ransomware Risk?

Ransomware attacks are increasing and the question of paying the ransom or not is a source of debate. Some say the ransom is a cost of doing business and others say insurance coverage for it emboldens attackers to ramp up attacks and to ask for larger ransoms. 

 

Ransomware has insurers rethinking risk


Morgan Stanley Discloses Data Breach

Investment firm Morgan Stanley acknowledged that they had been breached. The point of entry was the Accellion FTA server belonging to a third party. The Accellion FTA vulnerability was discovered a few months ago. The breach included the names, addresses, birth dates and social security numbers of the users of the Morgan Stanley service. However, it didn’t include the passwords to the service.

 

Morgan Stanley breached by 3rd party vulnerability


Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

The recent supply chain attack on Kaseya software affected many companies. One of the vulnerabilities was over 6 years old and affected the customer portal and all customers. 

 

Kaseya breach exploited 2015 vulnerability


Microsoft Patches 3 Windows Zero-Days Amid 117 CVEs

Microsoft released patches for a large number of vulnerabilities, including 4 known to be used in attacks and another six that are known about. The patches affect a wide variety of services and products including servers and end-user applications. One of the exploited ones is for the Print server vulnerability that allowed a cybercriminal to execute code. 

 

Microsoft patches over 100 vulnerabilities


Tracking By Any Name Is Still Tracking

The privacy movement gave rise to browsers that can block third-party cookies, a common way to let companies other than the one whose site you visited learn all about you. Google proposed FLoC, Federated Learning of Cohorts. Although offered as a way to protect privacy, it appears to let companies collect more data on someone than using third-party cookies. 

 

Third-party cookie replacement appears to be worse


NSA & CISA Issue Warning About Russian GRU Brute-Force Cyberattacks Against US, Global Orgs

In a rare advisory the NSA and CISA are warning about a major attack by the Russian GRU, the military intelligence agency against many industry segments including government, defense, energy, think tanks, logistics, higher education and others. The warning includes attack techniques and the ways the attacks attempt to circumvent protections. 

 

Major attack underway by Russian GRU


Microsoft Tracks Attack Campaign Against Customer Support Agents

The attackers believed to be responsible for the SolarWinds campaign are now attacking Microsoft customer service agents. The malware put on their machines are being used to find information about the customers they supported and launch attacks against them. This is another supply chain type of attack. 

 

New supply chain style attack against Microsoft


Preinstalled Firmware Updater Puts 128 Dell Models at Risk

Four identified vulnerabilities put about 30 million Dell devices. Desktops, laptops and servers are among the devices put at risk.  The vulnerabilities can be used to install code or avoid the SecureBoot function. 

 

Over 30 million Dell devices at risk


LinkedIn Breach reportedly exposes data of 92% of users, including inferred salaries

The networking service LinkedIn has reported a breach of over 700 million users with the exposure of physical addresses, phone numbers, geolocation information, and inferred salaries. The information has been found for sale on the Dark Web. 

 

Massive LinkedIn Breach exposes data on 700 million


Hybrid Models and Ransomware – A Marriage Made in ????

The new model as companies reopen after the pandemic is a hybrid, some days in the office and some days working from home. But working from home is not as secure as working in the office and ransomware attackers know that and have been taking advantage of it with ransomware attacks growing significantly.

 

Hybrid models more susceptible to ransomware


Ransomware Payments Trigger Repeat Attacks; Cybereason Research Shows

Paying the ransom is not the end of the problems. It meant a second ransomware attack for 8 out of 10 companies. 

 

Paying a Ransom gives the key and another attack


Required MFA Is Not Sufficient for Strong Security: Report

Multi-Factor Authentication, MFA, has been publicized as much more secure than passwords alone. And it is. But only if deployed properly. Hackers have already found ways to bypass MFA in badly implemented cases. 

 

MFA only effective if done right


Your Pricey Peloton Has Another Problem For You To Sweat Over

Hackers have compromised the expensive exercise bikes commandeering the camera and microphone to spy on users. Adding to the problems, apps can be added that are infected and controlled by the hackers. 

 

Peloton's Watching and Listening to You


Cyber Insurance Won’t Cover Everything

Cyber insurance is still necessary, but coverage is expected to change. AXA will no longer cover ransomware payments for companies in France. This trend is expected to spread. 

 

Cyber Insurance getting more restricted