InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Christie Clinic
https://www.securityweek.com/500000-impacted-email-breach-illinois-healthcare-firm
Exploit: Business Email Compromise
Christie Clinic: Healthcare Provider
Most small and medium-sized businesses (SMBs) are stretched for time and resources, due to which they may end up rushing through process implementations, technology upgrades and new hire training. Inevitably, this results in botched executions and a foundation that doesn’t support sustainable scalability.
Contra Costa County Government
Exploit: Hacking
Contra Costa County Government: Regional Government
Rushing through process implementations, technology upgrades and new hire training can cause botched executions and unnecessary confusion. That’s why businesses must pursue a sustainable strategy that allows them to grow smarter, not just faster. Sustainability in business is all about being repeatable, adaptable and capable of scaling up and down as needed.
Block Inc.
Exploit: Insider Risk
Block Inc: Financial Services Platforms
Your company operates in a turbulent business environment where new technologies are reshaping industries, customer preferences are evolving rapidly and geopolitical equations are shifting dramatically. If you’re struggling to adapt to these quick and challenging transitions, you’re not alone.
The Partnership HealthPlan of California (PHC)
Exploit: Ransomware
The Partnership HealthPlan of California (PHC): Health Insurer
Being a sustainable business means more than just recycling and using renewable energy. It means laying the groundwork for future employee and customer growth. An organization with sustainability as one of its core principles has a better chance of success in the future.
Microsoft
Exploit: Unauthorized Access
Microsoft: Software Company
In your attempt to adapt to the evolving technology landscape and the onset of the COVID-19 pandemic, have you invested in solutions that may not be assisting your company in achieving its long-term goals? If so, you’re not alone.
H.P. Hood Dairy
Exploit: Hacking
H.P. Hood Dairy: Milk Producer
As a business executive, you often face the task of keeping up with current technology trends to boost productivity, lower expenses, strengthen your brand value, enable new collaboration and maximize profitability.
South Denver Cardiology Associates
https://www.databreaches.net/287652-south-denver-cardiology-associates-patients-notified-of-breach/
Exploit: Hacking
South Denver Cardiology Associates: Medical Clinic
Are you up to date with the current technology landscape? Do you have an idea of what it will look like in the next five to 10 years? Knowing this information is crucial as it can significantly impact your business.
Washington State Department of Licensing
Exploit: Hacking
Washington State Department of Licensing: Government Agency
Organizations have had to make several overnight adjustments to stay afloat over the last few years. If you’re like most businesses, you may have needed solutions to support remote work and collaboration. But are those tools pointing you in the right direction towards your long-term goals and vision?
State Bar of California
https://www.latimes.com/california/story/2022-02-27/california-bar-investigates-possible-data-breach-after-discipline-records-published-onlineExploit: Hacking
State Bar of California: Legal Professional & Regulatory Body
Risk to Business: 2.177= Severe
The State Bar of California is investigating a data breach after learning that a third-party website had published confidential information about 260,000 attorney discipline cases in California and other jurisdictions. The exposed data included case numbers, file dates, information about the types of cases and their statuses, respondent and complaining witness names.
How It Could Affect Your Business: Sensitive data of this sort is a valuable commodity. This information could be used for blackmail, fraud, spear phishing, BEC and so much more nastiness.
New York State Ethics Commission
https://www.insurancejournal.com/news/east/2022/02/28/655883.htmExploit: Hacking
New York State Ethics Commission: Regulatory Authority
Risk to Business: 2.807=Moderate
New York’s ethics commission has shut down its online filing system after a cyberattack. The attack impacted several functions including a web server for the agency’s lobbying application and financial disclosure filing systems as well as other functions. The systems were taken offline late last week and will remain offline for the foreseeable future.
Nvidia
https://www.reuters.com/technology/chipmaker-nvidia-investigating-potential-cyberattack-report-2022-02-25/Exploit: Ransomware
Nvidia: Graphics Processing Units (GPU) Manufacturer
Risk to Business: 1.616 = Severe
Legendary graphics chipmaker Nvidia has been hit with ransomware that took several of the company’s functions down for days, including internal email and developer tools. Ransomware group Lapsus$ is claiming responsibility. The group claims to have some 1TB of Nvidia threatening to leak it if Nvidia doesn’t pay an unspecified sum. In a highly unusual turn of events, a few days later, Lapsus$ took to the web to indignantly complain that Nvidia had hacked them in return, encrypting the data that Lapsus$ had snatched. The group says they have backups, and they’ll start publishing Nvidia’s data soon.
How It Could Affect Your Business: Cybercriminals are having a field day attacking supply chain targets in the hope of scoring a big payday fast from an organization with no time to lose.
Bridgestone Americas
https://portswigger.net/daily-swig/bridgestone-americas-disconnects-manufacturing-facilities-following-security-incidentExploit: Hacking
Bridgestone Americas: Tire Manufacturer
Risk to Business: 1.414 = Extreme
Bridgestone is shutting down production at its factories around the US as the company deals with an unspecified cybersecurity incident. The company released a statement saying that it was immediately disconnecting and pausing production at factories in the US and Latin America, with no projected timeline for reopening provided to employees.
How it Could Affect Your Business: Supply chain disruption has been the name of the game for cybercriminals and tires are an important part of most supply chains.
France – Melijoe
https://www.safetydetectives.com/news/melijoe-leak-report/Exploit: Misconfiguration
Melijoe: Luxury Children’s Clothier
Risk to Business: 2.771=Moderate
An Amazon S3 bucket that belonged to French kids’ fashion retailer Melijoe was left accessible on the web with no authentication controls in place, exposing the sensitive and personal data of potentially hundreds of thousands of customers. The bucket has exposed almost 2 million files, totaling around 200 GB of data, including wish lists, purchases, preferences and other customer data.
Risk to Individual: 2.822=Moderate
The Preferences dataset exposed forms of customer PII and sensitive customer data, including email addresses, names of children, genders, dates of birth, preferences of brands. Other datasets included SKUs of purchased items, payment type (but not payment card or bank information), order dates and delivery preferences.
Sweden – Axis
https://www.zdnet.com/article/swedish-camera-giant-axis-still-recovering-from-cyberattack/Exploit: Hacking
Axis: Camera Manufacturer
Risk to Business: 1.719 = Severe
Axis has shut down all of its public-facing services in response to alerts from its cybersecurity and intrusion detection system on Sunday, the company said in a statement. Axis said that its Case Insight tool in the US and the Camera Station License System were dealing with partial outages as well as Device Manager Extend Device upgrades for OS and apps. The incident is under investigation and services are expected to be restored quickly.
How it Could Affect Your Business: Cloud-hosted services and data have become very attractive for hackers, with cloud data breaches up by 30% in 2021.
Taiwan – Asustor NAS
Exploit: RansomwareAsustor NAS: Computer Hardware Developer
Risk to Business: 1.231 = Extreme
Owners of Asustor NAS drives have discovered that their devices have been hit by DeadBolt ransomware. Users were greeted with a message from the DeadBolt ransomware attempting to extort 0.03 bitcoins (approximately US $1140 at current exchange rates) for the promised release of a decryption key that would allow users to access their data. Asustor is investigating the matter and in the meantime, the company has disabled functionality which can allow remote access to its NAS drives: ASUSTOR EZ-Connect, ASUSTOR EZ Sync, and ezconnect.to
Japan – Toyota
https://www.reuters.com/business/autos-transportation/toyota-suspends-all-domestic-factory-operations-after-suspected-cyber-attack-2022-02-28/Exploit: Third-Party Risk
Toyota: Automobile Manufacturer
Risk to Business: 1.892 = Severe
Toyota announced that it is shutting down its domestic factory operations briefly after a cyberattack at a supplier. The supplier, Kojima Industries Corp, has admitted to being attacked but offered no further information. It was not made clear how long Toyota’s Japanese factories, which total one-third of its production yearly, will be closed.
How it Could Affect Your Business: This is the exact scenario cybercriminals want to make quick moneywhen they attack small suppliers of large corporations and shut down production lines.
Why Apply Change Management Principles to Your Technology Upgrade
The technological landscape has advanced dramatically over the last couple of decades and continues to move faster than anyone could have ever imagined. Failure to keep up with the latest technology trends and current business practices can put your company at risk, but just investing in next-generation technologies does not guarantee successful implementation.
When implementing new technology, you may want to get started as soon as possible so that you can reap the benefits right away. However, implementing new technology and solutions too quickly without following any change management best practices can lead to workflow glitches and stoppages, resulting in employee frustration and lost productivity.
Change management for resilience considers people, processes and technology to ensure long-term success.
Six benefits you’ll experience from change management principles:
Accountability
Remember that the underlying goal of change is usually to create more value. In many cases, the people impacted by the change will be beneficiaries of a portion of that value. Those individuals will need to adjust to the new environment and capitalize on new chances to contribute value to themselves and the organization.
That’s why a good change management strategy is crucial. It mainly focuses on the people side of change, assisting project delivery with timely and focused interventions to help people adopt change. All other affected components are also kept under watch.
Stakeholder buy-in
A solid change management strategy ensures that all stakeholders, including senior management, are on the same page for the transformation to be successful.
Greater cost-efficiency
A business becomes more profitable if the decisions made by it are cost-efficient. Therefore, adopting an effective change management strategy is one of the considerations that any savvy company will undertake since it will slash expenses and unnecessary costs.
Clean handoffs
To avoid such scenarios, always prioritize change management.
Sustainable improvements
Less likely to cause “change burnout”
Partner for success
Adapting to change is a difficult task. If you don't implement change management principles, you risk damaging key processes and losing critical team members to burnout. However, you'll have to put in a lot of extra time and effort if you do it alone. An expert like us with years of experience and subject knowledge could be just what your business requires.Contact us today to schedule a no-obligation consultation to discuss how we can help you implement change management best practices.
Source:
* Gartner
Why Apply Change Management Principles to Your Technology Upgrade
The technological landscape has advanced dramatically over the last couple of decades and continues to move faster than anyone could have ever imagined. Failure to keep up with the latest technology trends and current business practices can put your company at risk, but just investing in next-generation technologies does not guarantee successful implementation.
When implementing new technology, you may want to get started as soon as possible so that you can reap the benefits right away. However, implementing new technology and solutions too quickly without following any change management best practices can lead to workflow glitches and stoppages, resulting in employee frustration and lost productivity.
Change management for resilience considers people, processes and technology to ensure long-term success.
Six benefits you’ll experience from change management principles:
Accountability
Remember that the underlying goal of change is usually to create more value. In many cases, the people impacted by the change will be beneficiaries of a portion of that value. Those individuals will need to adjust to the new environment and capitalize on new chances to contribute value to themselves and the organization.
That’s why a good change management strategy is crucial. It mainly focuses on the people side of change, assisting project delivery with timely and focused interventions to help people adopt change. All other affected components are also kept under watch.
Stakeholder buy-in
A solid change management strategy ensures that all stakeholders, including senior management, are on the same page for the transformation to be successful.
Greater cost-efficiency
A business becomes more profitable if the decisions made by it are cost-efficient. Therefore, adopting an effective change management strategy is one of the considerations that any savvy company will undertake since it will slash expenses and unnecessary costs.
Clean handoffs
To avoid such scenarios, always prioritize change management.
Sustainable improvements
Less likely to cause “change burnout”
Partner for success
Adapting to change is a difficult task. If you don't implement change management principles, you risk damaging key processes and losing critical team members to burnout. However, you'll have to put in a lot of extra time and effort if you do it alone. An expert like us with years of experience and subject knowledge could be just what your business requires.Contact us today to schedule a no-obligation consultation to discuss how we can help you implement change management best practices.
Source:
* Gartner
Meyer Manufacturing Co. Ltd.
https://www.securityweek.com/cookware-distribution-giant-meyer-discloses-data-breachExploit: Ransomware
Meyer Manufacturing Co. Ltd.: Cookware Manufacturing & Distribution
Risk to Business: 2.177= Severe
Meyer Manufacturing Co. Ltd recently filed a data breach notification disclosing a ransomware attack that impacted employees of its distribution arm. Bleeping Computer reports that this attack is the work of the Conti ransomware group. In its disclosure, Meyer said the initial incident occurred in October 2021 but was not discovered until December 2021. The attack affected Meyer and its subsidiaries, including Hestan Commercial Corp., Hestan Smart Cooking, Hestan Vineyards and Blue Mountain Enterprises LLC.
Risk to Business: 1.919= Severe
Employee personal information was snatched in this incident including their first and last name, address, date of birth, gender, race or ethnicity, Social Security number, health insurance information, medical information, driver’s license, passport or government-issued identification number, and Permanent Resident Card and information regarding immigration status.
How It Could Affect Your Business: Data that can be used to falsify identities is a valuable commodity on the dark web and cybercriminals never stop looking for soft targets that enable them to steal it.
The City of Baltimore
https://www.infosecurity-magazine.com/news/baltimore-conned-out-of-375k/Exploit: Business Email Compromise
The City of Baltimore: Municipality
Risk to Business: 1.251=Extreme
Buckle up because this is a saga. A report just released by the Office of the Inspector General (OIG) details a business email compromise disaster that ended up costing the city of Baltimore more than $375,000. In this incident, bad actors managed to change the bank details kept on file for a vendor who had an agreement with Baltimore’s Mayor’s Office of Children and Family Success (MOCFS). The cybercriminals contacted both MOCFS and Baltimore’s Bureau of Accounting and Payroll Services (BAPS) asking to have the vendor’s banking information updated to send payments to a different bank account at another financial institution. BAPS ultimately complied with the fraudster’s change request, then began sending electronic payments to the new address. You know how this one ends up. Ultimately, cybercriminals made off with $376,213.10. The vendor was not named, but the report noted that cybercriminals had gained access to the vendor’s email accounts through a phishing attack.
How It Could Affect Your Business: Business email compromise is the most dangerous cybercrime according to FBI IC3, 64x worse than ransomware. This is why.
The Internet Society (ISOC)
https://thecyberwire.com/newsletters/privacy-briefing/4/33Exploit: Misconfiguration
The Internet Society (ISOC): Non-Profit
Risk to Business: 2.776 = Moderate
Cybersecurity researchers recently announced the discovery of a trove of information belonging to ISOC in an unsecured Microsoft Azure blob. The blob was reported to contain contained millions of files with personal and login details belonging to ISOC members. ISOC has secured the blob but there’s no telling how long that data was exposed for or who may have seen it.
Risk to Business: 1.282= Moderate
The member data exposed includes members’ full names, preferred language, the account ID, donation history, login credentials, social media tokens, email and street addresses, genders and similar personal information.
How It Could Affect Your Business: Human error aka employee negligence is the biggest cause of a data breach because it’s what makes things like this happen.
Expeditors International
https://www.bleepingcomputer.com/news/security/expeditors-shuts-down-global-operations-after-likely-ransomware-attack/Exploit: Ransomware
Expeditors International: Logistics & Freight Forwarding
Risk to Business: 1.364 = Extreme
Expeditors International was hit by a ransomware attack over the President’s Day holiday weekend that has resulted in the company being forced to shut down most of its operations worldwide. First announced by the company on Sunday night, Expeditors International warned that services and systems may be offline until they can restore them from backups. The incident could snarl supply chains globally. Expeditors International handles warehousing and distribution, transportation, customs and compliance at 350 locations worldwide.
How it Could Affect Your Business: Supply chain disruption has been the name of the game for cybercriminals and freight forwarders on land and on the sea have been constantly targeted lately
OpenSea
https://www.cnbc.com/2022/02/20/nft-marketplace-opensea-is-investigating-a-phishing-hack.htmlExploit: Phishing
OpenSea: NFT Trading Marketplace
Risk to Business: 1.282=Extreme
Online NFT marketplace OpenSea has been embroiled in controversy after a cyberattack cost investors their NFT. There’s been a lot of back-and-forth on this one. A phishing attack perpetrated on the platform’s users is purportedly to blame for the incident that has so far left more than 30 of its users unable to access their NFTs, although some claims have been made on Twitter pointing to a flaw in the platform’s code. Reports say that the attacker has made somewhere between $1.7 – 2 million in Ethereum from selling some of the stolen NFTs. An estimated 254 tokens were stolen over three hours.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is a danger to any business in any industry, and it can do massive damage as well as cost a fortune.
United Kingdom – National Health Service (NHS)
https://www.dailymail.co.uk/news/article-10531637/Tens-thousands-NHS-patients-private-medical-information-leaked-shocking-data-breach.htmlExploit: Third-Party Data Breach
National Health Service (NHS): National Healthcare Agency
Risk to Business: 2.919 = Moderate
A shocking report from the Daily Mail details the exposure of all sorts of sensitive data for thousands of patients served by the NHS. The information was exposed by an NHS service provider, PSL Print Management. Reports say that the exposed confidential files include hospital appointment letters for women’s health emergencies, test results of cervical screening and letters to parents of children needing urgent surgery. The information dates back as far as 2015, a huge no-no under data protection rules. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Third-party risk is a problem that will only continue growing worse for organizations as they increasingly farm out work to smaller specialty service providers.
Switzerland – The University of Neuchâtel
https://www.swissinfo.ch/eng/university-of-neuch%C3%A2tel-hit-by-cyberattack/47360432
Exploit: RansomwareThe University of Neuchâtel: Institution of Higher Learning
Risk to Business: 2.775 = Moderate
Swiss college The University of Neuchâtel is back online after a cyberattack that is likely ransomware knocked its systems out last week. The attack encrypted some systems making it impossible for students or employees to access materials and systems related to classwork. The university is unable to confirm if any data was stolen. Operations have since been restored.
How it Could Affect Your Business: Schools at every level have been battered by cybercrime since the start of the global pandemic.
Japan – Mizuno
https://www.bleepingcomputer.com/news/security/sports-brand-mizuno-hit-with-ransomware-attack-delaying-orders/Exploit: Ransomware
Mizuno: Sports Equipment and Sportswear Manufacturer
Risk to Business: 2.227 = Severe
Japanese brand Mizuno has experienced some business disruption after a ransomware attack on its US-based operations corporate network. The incident left the company facing phone outages and order delays as systems are restored. Customers have been left unable to place new orders or track orders in progress as well. No word on an expected timeline for restoration.
Customers Impacted: Unknown
How it Could Affect Your Business: Retailers have been experiencing a serious increase in ransomware attacks in the last 12 months.