Jul72020 by genxwordadminNo Comments
Ransomware Attacks Are Now Being Reported as Data Breaches

Ransomware Attacks Are Now Being Reported as Data Breaches

Information Security
Ransomware Attacks Are Now Being Reported as Data Breaches Ransomware victims are now starting to report ransomware attacks as data breaches. Health care company Magellan Health is one of the companies that recently acknowledged that ransomware attack constitutes data breach. In May of this year, Magellan Health filed a breach notification with the office of the Attorney General of California stating that it fell victim to a ransomware attack and attackers exfiltrated a subset of data from a single Magellan corporate server. Magellan Health's notification to its customers and employees states that the notification was done "out of an abundance of caution." In April of this year, Cognizant, one of the Fortune 500 companies, admitted that its internal systems fell victim to Maze ransomware which caused service disruptions. Cognizant said,…
Read More
Jun302020 by genxwordadminNo Comments
Cyberattacks Involving Data Theft Coupled with Ransom Demand Are Becoming Common

Cyberattacks Involving Data Theft Coupled with Ransom Demand Are Becoming Common

Information Security
Cyberattacks Involving Data Theft Coupled with Ransom Demand Are Becoming Common Cyberattacks involving the theft of personal information coupled with ransom demand are becoming prevalent. The cyberattack on LifeLabs exemplifies the trend of data theft coupled with ransom demand. In November 2019, LifeLabs informed the Office of the Information and Privacy Commissioner of Ontario and the Office of the Information and Privacy Commissioner for British Columbia that cybercriminals penetrated the company’s systems, extracted data and demanded a ransom. LifeLabs is Canada's largest provider of general and specialty laboratory testing services. The company reported that it supports 20 million patient visits each year and conducts more than 100 million laboratory tests each year. In December last year, Charles Brown, president and CEO of LifeLabs, said in a statement that information relating…
Read More
Jun162020 by genxwordadminNo Comments
Darkside of a Ransomware Attack: Its Aftermath

Darkside of a Ransomware Attack: Its Aftermath

Information Security
Darkside of a Ransomware Attack: Its Aftermath It has been over five months since a ransomware attack hit eHealth Saskatchewan. Since then, officials at eHealth Saskatchewan said they still don't know what data was stolen, where it was taken, who stole it, and it will take months to restructure their IT infrastructure. The Ransomware Attack In January this year, eHealth Saskatchewan announced that it fell victim to a ransomware attack. eHealth Saskatchewan maintains the key electronic health information systems of the Canadian Province of Saskatchewan, including the Electronic Health Record (EHR). In a ransomware attack, computer files are encrypted denying legitimate users access to these files. In this type of attack, a ransom note is shown on the affected computers, demanding from victims to pay ransom in exchange for decryption…
Read More
May142020 by genxwordadminNo Comments

Top Most Exploited Vulnerabilities in the COVID-19 Era

Information Security, IT Support
Top Most Exploited Vulnerabilities in the COVID-19 Era Year 2020 is a strange year. As a result of the COVID-19 pandemic, many organizations have hastily made a transition from office work to work from home model with little time to put in place the needed cybersecurity measures. Here are the top most exploited vulnerabilities (in no particular order) based on the alerts issued by the national cybersecurity centers and agencies in multiple countries, including Canada (Canadian Centre for Cyber Security), US (Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation) and UK (National Cyber Security Centre), as well as a report from a computer security company (McAfee Labs): RDP Vulnerabilities RDP, which stands for Remote Desktop Protocol, is a proprietary protocol developed by Microsoft for Windows operating systems,…
Read More
May12020 by genxwordadminNo Comments
Microsoft Warns Almost All Ransomware Attackers Steal Data

Microsoft Warns Almost All Ransomware Attackers Steal Data

Information Security, IT Support
Microsoft Warns Almost All Ransomware Attackers Steal Data Almost all of ransomware attackers, even those that don’t threaten to leak data, steal data anyway, Microsoft Threat Protection Intelligence Team warned. In the blog post "Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk", Microsoft Threat Protection Intelligence Team said that “while only a few of these groups gained notoriety for selling data, almost all of them were observed viewing and exfiltrating data during these attacks, even if they have not advertised or sold yet.” Ransomware and Data Exfiltration Ransomware is a type of malicious software (malware) that encrypts computer or the files within, locking out legitimate users and demanding from victims ransom payment in exchange for the decryption keys. Many ransomware victims who were forced to…
Read More
Apr242020 by genxwordadminNo Comments
Work-from-Home Intensifies Network Compromises, Study Shows

Work-from-Home Intensifies Network Compromises, Study Shows

Information Security
Work-from-Home Intensifies Network Compromises, Study Shows A recent study conducted by Finnish company Arctic Security found that the massive work-from-home movement as a result of the COVID-19 crisis has resulted in the intensification of network compromises. According to Arctic Security, between January and March of this year, it observed an uptick in the number of organizations experiencing network compromises. Arctic Security said that for a small country, Finland's normal number of organizations that experience network compromise is approximately 200. Starting in the third week of March of this year, the company said, the number of organizations that experienced network compromise jumped to 800. This uptick of the number of organizations that experienced network compromise, Arctic Security said, was also observed in eight other countries in Europe, including Sweden, Norway, Denmark,…
Read More
Apr162020 by genxwordadminNo Comments
Manitoba Law Firms Hit by Maze Ransomware

Manitoba Law Firms Hit by Maze Ransomware

Information Security
Manitoba Law Firms Hit by Maze Ransomware The Law Society of Manitoba recently revealed that two Manitoba-based law firms have been hit by Maze ransomware. Over the past two weeks, the Law Society of Manitoba said, in a statement, that the two Manitoba-based law firms had told the Society that as a result of the attack, they haven’t been able to access their emails, computer files, accounting software and backups, including cloud backups. The Law Society of Manitoba added that the group behind the Maze ransomware asked the victims to pay an “enormous ransom” in order for the victims to regain access to any of their work. “At this point, we do not know when or if they will ever regain complete access to their kidnapped data,” the Society said.…
Read More
Apr12020 by genxwordadminNo Comments
Marriott Discloses 2nd Data Breach in Less than 2 Years

Marriott Discloses 2nd Data Breach in Less than 2 Years

Information Security
Marriott Discloses 2nd Data Breach in Less than 2 Years Marriott International, Inc., the world's largest hotel chain, recently disclosed a second data breach in a span of less than two years. Marriott, which owns over 7,300 hotels and licenses vacation ownership resorts in 134 countries and territories, in a statement, said that it became aware of this new data breach at the end of February 2020. The company believes that this latest data breach started way back in mid-January 2020. Marriott said this latest data breach affected 5.2 million guests and the following information may have been breached: Contact details (e.g., name, mailing address, email address, and phone number); Loyalty account information (e.g., account number and points balance, but not passwords); Additional personal details (e.g., company, gender, and birthday…
Read More
Mar262020 by genxwordadminNo Comments
Microsoft Warns of Windows Zero-Day Exploitation

Microsoft Warns of Windows Zero-Day Exploitation

Information Security, IT Support
Microsoft Warns of Windows Zero-Day Exploitation Microsoft has revealed that it’s aware of on-going targeted cyberattacks exploiting two zero-day vulnerabilities found in the Windows Adobe Type Manager Library and impacting all supported versions of Windows. What Is Zero-Day? Zero-day is a security vulnerability in a software that’s known to the software vendor but the vendor doesn’t have a security update, also known as a patch, to fix the security vulnerability. If this zero-day vulnerability is known by malicious actors, this vulnerability has the potential to be exploited. According to Microsoft, two zero-day remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. Successful exploitation of this collective vulnerability in Windows Adobe Type Manager…
Read More
Mar182020 by genxwordadminNo Comments
How to Secure Your Organization’s VPN for Remote Workers

How to Secure Your Organization’s VPN for Remote Workers

Information Security
How to Secure Your Organization’s VPN for Remote Workers Securing your organization’s virtual private network (VPN) is vital especially in today’s growing number of remote workers brought about by government-mandated quarantine, amidst the on-going threat of the Coronavirus disease 2019 (COVID-19). COVID-19, now affecting over a hundred thousand individuals in more than 100 countries and described as a pandemic by the World Health Organization (WHO), has prompted some individuals who believed that they’ve been exposed to the virus to opt for self-imposed quarantine. National and local governments in different parts of the world, meanwhile, have imposed different levels of movement restriction, from community quarantine to lockdown. With the growing number of quarantined individuals worldwide, remote work or telework has become, not just an option but a necessity. Remote work requires…
Read More