Is This What You Call a Never Ending Cyber Pandemic?

Over 57,000 individuals left vulnerable as Bank of America's service provider falls victim to a data breach

A data breach involving Bank of America's service provider, Infosys McCamish Systems (IMS), emphasizes the need for robust safeguards with third-party collaborations. In November 2023, unauthorized access to IMS systems impacted 57,028 individuals' personally identifiable information (PII), with LockBit ransomware gang claiming responsibility. Another breach by the Clop cybercrime gang through Ernst & Young in May 2023 affected 30,210 individuals, but Bank of America's systems were unaffected. (bleepingcomputer.com)

My Thoughts: The importance of implementing proper guardrails when working with third parties is underscored by these incidents. Organizations often rely on external vendors for various services, and any compromise in the security of these vendors can lead to the exposure of sensitive customer information.

Implementing robust cybersecurity measures, conducting thorough risk assessments, and ensuring compliance with security standards are essential to mitigate the potential risks associated with third-party relationships. As demonstrated in these breaches, even if a third-party provider is compromised, organizations must have mechanisms in place to protect their systems and customers' data.

Discover our assessment solutions here

With 'MrAgent,' RansomHouse elevates cyber warfare, unleashing automated chaos on ESXi hypervisors...

The RansomHouse ransomware operation introduces 'MrAgent,' a tool designed to automate the deployment of its data encrypter across multiple VMware ESXi hypervisors. Targeting large organizations, RansomHouse utilizes double extortion tactics, focusing on ESXi servers due to their critical role in hosting valuable data and services. MrAgent streamlines attacks by identifying host systems, disabling firewalls, and automating ransomware deployment across hypervisors.

The tool supports custom configurations, including encryption scheduling and altering system messages to display ransom notices. With adaptations for both Windows and Linux systems, RansomHouse aims to extend the tool's impact, underscoring the importance of robust security measures to defend against such threats. (bleepingcomputer.com)

My Thoughts: Threat actors are getting bolder and more aggressive every day. MrAgent is a binary designed to run on hypervisors, with the sole purpose of automating and tracking the deployment of ransomware across large environments with a high number of hypervisor systems.

The only way to mitigate risk and prevent such a large-scale attack inside your enterprise is to layer on your cybersecurity strategy. The Assurance IT PPR Methodology is a tried and proven way to protect your enterprise.

Curious about our PPR Methodology? Send me a message and see how we do it.

Hospitals offline means...?

A ransomware attack on Romania's Hipocrate Information System (HIS) targeted 26 hospitals, encrypting data and causing system outages. The National Cyber Security Directorate (DNSC) reported most hospitals had recent backups, except one missing 12 days of data. The attackers demanded 3.5 Bitcoins ($175,000) but were advised against payment. Hospitals were instructed to isolate affected systems, preserve evidence, and update security measures. (securityweek.com)

My Thoughts: The malicious targeting of hospitals, where critical patient data and healthcare operations are at stake, is not only reprehensible but also showcases the ruthless nature of cybercriminals.

These attacks not only disrupt medical services but also jeopardize patient care and privacy. It is frustrating to witness threat actors exploiting vulnerabilities in essential systems that are integral to public well-being.

The healthcare sector, along with cybersecurity measures, needs enhanced global cooperation and legal frameworks to combat such malicious activities effectively.

We can help you.

Deepfake deception: Finance worker swindled of $25 million in chillingly realistic video call charade

A finance worker fell victim to a sophisticated deepfake scam, transferring $25 million to fraudsters impersonating the company's chief financial officer during a video conference call. Hong Kong police disclosed the elaborate scheme, where the worker engaged with convincingly crafted deepfake representations of company personnel. Despite initial suspicions about a phishing email from the purported CFO, the worker was reassured by the lifelike appearance and voices of the other participants during the call. The scam was only uncovered when the worker contacted the corporation's head office afterward. (cnn.com)

My Thoughts: This alarming case vividly illustrates the increasing sophistication of cyber threats, especially with the rise of deepfake technology.

In today's rapidly evolving digital landscape, it's crucial for both organizations and individuals to remain extremely cautious and vigilant to prevent potential attacks and preserve both corporate assets and personal privacy.

Book time with me in my calendar to see how we can strengthen your cyber security posture.

‍