InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
San Francisco 49ers
https://abcnews.go.com/Sports/wireStory/ransomware-gang-hacked-49ers-football-team-82865844Exploit: Ransomware
San Francisco 49ers: National Football League (NFL) Team
Risk to Business: 1.727= Severe
While everyone was focused on the big game last week, cybercriminals were focused on the San Francisco 49ers. The team was hit by a ransomware attack, purportedly by BlackByte. The cybercriminals claim they stole some of the football team’s financial data, invoices and other internal documents. The team stressed the fact that this event appeared to be limited to their corporate network and did not endanger any fan or stadium databases.
Customers Impacted: Unknown
How It Could Affect Your Business: Organizations in industries that have had historically poor security are attractive low-hanging fruit for cybercriminals.
EasyVote Solutions
https://www.govtech.com/security/georgia-voter-info-posted-online-after-software-company-breachExploit: Misconfiguration
EasyVote Solutions: Voting Software Company
Risk to Business: 1.561 =Severe
EasyVote Solutions has exposed some voter and poll worker data. The data was left unguarded and easily accessible on the internet. The software company says that exposed information does not include full voting records or registrations. The breach was discovered by South Carolina Law Enforcement Division (SLED) internet researchers. SLED and the FBI are investigating.
Individual Risk: 1.772 =Severe
Exposed data for voters can include names, addresses, races and dates of birth. Exposed data for poll workers may include those details plus identity documents, Social Security numbers and financial data.
How It Could Affect Your Business: Misconfiguration and sloppy security aren’t uncommon mistakes, but they’re always a problem and could be an expensive regulatory disaster in some industries.
Meter
https://www.zdnet.com/article/4-4-million-stolen-in-attack-on-blockchain-infrastructure-meter/Exploit: Hacking
Meter: De Fi Platform
Risk to Business: 1.279= Extreme
Another day, another DeFi hack. This time the victim was blockchain infrastructure company Meter. $4.4 million was stolen during a cyberattack on the Meter Passport platform in the form of 1391 ETH and 2.74 BTC. The incident also impacted Meter’s Moonriver Network. The company acknowledged the hack on Saturday, urging users not to trade unbacked meterBNB circulating on Moonriver. The company says that it plans to repay some investors and the incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi continues to be a hotbed of hacking activity as cybercriminals seek quick scores of cryptocurrency, and there’s still no end to the danger in sight.
Memorial Hermann Health System
https://www.khou.com/article/news/local/memorial-hermann-cyberattack-security-breach/285-1cc8295d-48a4-452e-a6f2-1b4fd059f201Exploit: Third-Party Breach
Memorial Hermann Health System: Healthcare Provider
Risk to Business: 1.861 = Severe
Memorial Hermann Health System is notifying patients that their data has been exposed after a data security incident at one of their service providers, Advent Health Partners. That company has been investigating unauthorized activity on company email accounts related to Memorial Hermann data. The incident was first spotted in September 2021.
Individual Risk: 1.712 = Severe
An unauthorized third party accessed multiple files containing Memorial Hermann patients’ protected health information (PHI) that may include first names, last names, dates of birth, social security numbers, driver’s license numbers, financial information, health insurance information and treatment information.
How it Could Affect Your Business: Cybercriminals are poised to attack any company that handles or stores large amounts of valuable personal or health-related data.
Switzerland – Swissport International
https://securityaffairs.co/wordpress/127655/cyber-crime/swissport-international-ransomware-attack.htmlExploit: Ransomware
Swissport International: Aviation Services
Risk to Business: 2.171= Severe
Aviation services company Swissport International was struck with a ransomware attack that had a major impact on its operations, leading to flight delays for 22 flights out of Zurich Airport. The aviation company provides cargo handling, security, maintenance, cleaning and lounge hospitality at airports in 50 countries. The company’s website was back up and running quickly, and the incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against transportation and transportation infrastructure targets have been increasing as cybercriminals look for quick paydays.
Portugal – Vodafone
https://therecord.media/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/Exploit: Hacking
Vodafone: Communications Carrier
Risk to Business: 2.919 = Moderate
Wireless carrier Vodafone Portugal said that a substantial amount of its customer data services went offline for one overnight period following a cyberattack. The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS and voice/digital answering services went down. The company says that customer data doesn’t appear to have been accessed or compromised. Some services still remain offline a week after the attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks against communications companies have been a major component of the recent wave of infrastructure and related hacking.
Croatia – A1 Hrvatska
Exploit: Unauthorized AccessA1 Hrvatska: Communications Carrier
Risk to Business: 1.904 = Severe
Croatian telecom A1 Hrvatska has disclosed a data security incident that led to the exposure of personal data for an estimated 200,000 customers. The company says that the exposure was due to unauthorized access to one of their user databases that contained sensitive personal information. The company was quick to specify that no consumer financial data was exposed. The incident has not affected A1 Hrvatska’s services or operations.
Individual Risk: 2.711 = Moderate
The customer information exposed includes users’ full names, personal identification numbers, physical addresses and telephone numbers.
How it Could Affect Your Business: Utilities/Infrastructure are at the top of the cybercriminal hit list these days, and companies in those sectors should take note.
Slovenia – Pop TV
https://therecord.media/cyber-attack-disrupts-slovenias-top-tv-station/Exploit: Ransomware
Pop TV: Television Network
Risk to Business: 1.2011 = Severe
Ransomware practitioners stole the show at Pop TV, Slovenia’s most popular TV channel. As a result news programs including the station’s news broadcast 24UR were unable to show any computer graphics. Particularly irksome for customers was the fact that the attack prevented new content from being added to the platform, impacting streaming any of its channels and live sporting events, such as the Winter Olympics. Slovenia’s Computer Emergency Response Team, SI-CERT is investigating.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals looking for fast money are likely to target businesses that are in time-sensitive industries.
New South Wales Department of Customer Service
https://www.smh.com.au/politics/federal/sensitive-business-addresses-among-500-000-published-in-covid-data-breach-20220214-p59wal.htmlExploit: Misconfiguration
New South Wales Department of Customer Service: Regional Government Agency
Risk to Business: 1.211 = Extreme
A real data exposure mess has brewed in New South Wales, Australia thanks to a government-run QR code-based COVID-19 check-in program. The COVID Safe Businesses and Organizations dataset was discovered loose on the internet and it included data for sensitive sites and organizations alongside data about run-of-the-mill companies. Some of the sensitive data posted gave details about the physical facilities and locations of prisons, critical infrastructure networks including power stations and tunnel entry sites as well as dozens of shelters and crisis accommodation centers. Even national security-related locations were exposed. In this program, businesses and organizations registered as COVID-safe to access a QR code for staff and customers to check-in at their physical locations. The program has been discontinued.
Customers Impacted: Unknown
How it Could Affect Your Business: Information is gold on the dark web. The locations of sensitive infrastructure targets will be circulating quickly and could easily fall into the wrong hands.
4 Common Setbacks With Ineffective Technology Change Management
Technology is advancing at an unprecedented pace, empowering businesses to accomplish more in less time. The transformations that technology has brought about in the business world are mind-boggling and with transformative change comes stress.
Without a defined change management strategy in place, avoidable inconsistencies are more likely to occur and you risk disrupting essential operations and losing valuable team members due to burnout. Keeping that in mind, before you begin implementing new technology in your infrastructure, you must understand the significance of effective change management.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technologies. The goal of change management is devising strategies to implement and govern transformation while helping your team adjust to it.
Making the case for change management:
Change management is crucial because:
It addresses the effects of change on individuals, processes and more
It enables organizations to prosper in an ever-changing business environment
It empowers people
It increases the success rate of a transformation
What could go wrong with ineffective change management?
Gaps in Communication
Communication breakdowns or gaps cause demotivation, employee frustration, a lack of collaboration, attrition and ultimately, business failure.
Employee resistance and frustration
Plus, if an employee is frustrated for an extended period, it may create a dull workplace atmosphere that will eventually affect other employees.
Workflow glitches and stoppages
It's worth noting that in today's complex business environments, unexpected workflow glitches and stoppages will almost certainly have a cascading effect and destabilize other related/dependent business components.
Lost productivity
An effective change management strategy is critical for businesses to tackle all the problems listed above. Are you fully equipped with the experience and expertise to handle it on your own? If you feel your company lacks certain resources, it’s best to work with an MSP capable of easing your transition to a higher-performing technology ecosystem.
With our wealth of experience and knowledge surrounding successful technology change management, we may be the ideal partner for your company. Feel free to contact us to set up a consultation.
4 Common Setbacks With Ineffective Technology Change Management
Technology is advancing at an unprecedented pace, empowering businesses to accomplish more in less time. The transformations that technology has brought about in the business world are mind-boggling and with transformative change comes stress.
Without a defined change management strategy in place, avoidable inconsistencies are more likely to occur and you risk disrupting essential operations and losing valuable team members due to burnout. Keeping that in mind, before you begin implementing new technology in your infrastructure, you must understand the significance of effective change management.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technologies. The goal of change management is devising strategies to implement and govern transformation while helping your team adjust to it.
Making the case for change management:
Change management is crucial because:
It addresses the effects of change on individuals, processes and more
It enables organizations to prosper in an ever-changing business environment
It empowers people
It increases the success rate of a transformation
What could go wrong with ineffective change management?
Gaps in Communication
Communication breakdowns or gaps cause demotivation, employee frustration, a lack of collaboration, attrition and ultimately, business failure.
Employee resistance and frustration
Plus, if an employee is frustrated for an extended period, it may create a dull workplace atmosphere that will eventually affect other employees.
Workflow glitches and stoppages
It's worth noting that in today's complex business environments, unexpected workflow glitches and stoppages will almost certainly have a cascading effect and destabilize other related/dependent business components.
Lost productivity
An effective change management strategy is critical for businesses to tackle all the problems listed above. Are you fully equipped with the experience and expertise to handle it on your own? If you feel your company lacks certain resources, it’s best to work with an MSP capable of easing your transition to a higher-performing technology ecosystem.
With our wealth of experience and knowledge surrounding successful technology change management, we may be the ideal partner for your company. Feel free to contact us to set up a consultation.
Morley Companies Inc.
https://www.safetydetectives.com/news/business-services-provider-morley-discloses-ransomware-attack/Exploit: Ransomware
Morley Companies Inc.: Business Services
Risk to Business: 1.507= Severe
Morley Companies, a business service provider to several Fortune 500 companies, announced that it had been hit with a ransomware attack that may have exposed sensitive information for more than 500,000 people. In a statement, the company said that “a ransomware-type malware had prevented access to some data files on our system beginning August 1, 2021, and there was an unauthorized access to some files that contained personal information.”, chalking up the delay in notifying possible victims of this exposure to the complexities of the incident investigation.
Individual Risk: 1.663= Severe
Morley Companies said the attack affected the information of “current employees, former employees and various clients.” The potentially compromised information leaked includes names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnostic and treatment information and health insurance information. The company is offering credit monitoring and identity theft protection for victims.
How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Civicom, Inc.
https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236Exploit: Misconfiguration
Civicom Inc.: Business Services
Risk to Business: 2.017 =Severe
Civicom is in hot water after leaving 8 TB of data exposed in an unsecured AWS S3 bucket. The New York-based company specializes in virtual conferencing facilitation, transcription and research services. With offices in the United States, the Philippines and the United Kingdom. Ultimately, Civicom exposed records containing more than 100,000 files including thousands of hours of audio and video recordings containing private conversations as well as written transcripts of meetings and calls by the company’s clients.
Customers Impacted: Unknown
How It Could Affect Your Business: This is not an uncommon mistake, but it’s always a problem and could be an expensive regulatory disaster in some industries
Wormhole
https://indianexpress.com/article/technology/crypto/hackers-steal-nearly-320-million-worth-of-crypto-assets-from-wormhole-7758034/Exploit: Hacking
Wormhole: De Fi Platform
Risk to Business: 1.227= Extreme
Hackers swooped in and snatched up more than $320 million from De Fi platform wormhole this week. The DeFi platform, a bridge between cryptocurrency Solana (SOL) and other blockchains, was exploited for approximately 120,000 wrapped Ethereum in what is thought to be the second-largest cryptocurrency hack to date. Wormhole’s parent company Jump Crypto pledged to replace the 120,000 ether Wormhole lost. The company was quick to note that the crypto was stolen through exploiting a vulnerability in the platform, not taken from an Ethereum address and it was taken in 3 separate transactions.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi has been a hotbed of having activity as cybercriminals seek quick scores of cryptocurrency, and there’s no end to the danger in sight.
News Corp.
https://www.reuters.com/business/media-telecom/news-corp-says-one-its-network-systems-targeted-by-cyberattack-2022-02-04/Exploit: Nation-State Cybercrime
News Corp.: Media & Publishing Company
Risk to Business: 2.071 = Severe
Major media company News Corp. has disclosed that it was the target of a cyberattack by suspected Chinese nation-state hackers. The attack came to light in late January and affected News Corp. business units, including The Wall Street Journal and its parent company Dow Jones, the New York Post, News U.K. and News Corp. Headquarters. The hack affected emails and documents of what it described as a limited number of employees, including journalists. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.
United Kingdom – KP Snacks
https://www.reuters.com/technology/hackers-hold-hula-hoops-hostage-cyber-raid-britains-kp-snacks-2022-02-03/Exploit: Ransomware
KP Snacks: Food Manufacturer
Risk to Business: 1.321= Extreme
Food company KP snacks, manufacturer of beloved British snacks like Hula Hoops, KP Nuts, Butterkist popcorn and Nik Naks, was hit with a ransomware attack in late January that may impact its production. Conti ransomware operators have claimed responsibility. The company informed retailers in early February that the attack had impacted its manufacturing and distribution, and that product shortages may continue into March.
Individual Risk: 1.304= Extreme
Researchers discovered samples of some of the data it had infiltrated on its dark web leak page, including confidential employee data such as home addresses and phone numbers, employment contracts, credit card statements and even birth certificates.
How it Could Affect Your Business: Ransomware attacks against manufacturing targets have become increasingly prominent as cybercriminals look for a quick payday from businesses that they shut down.
United Kingdom – British Council
https://portswigger.net/daily-swig/british-council-data-breach-leaks-10-000-student-recordsExploit: Misconfiguration
British Council: Cultural Promotion & Language Testing
Risk to Business: 2.919 = Moderate
British Council, the global organization for promoting British culture and administrators of the International English Language Testing System (IELTS) exam, leaked over 144,000 files containing student records due to an unsecured Microsoft Azure blob. Researchers determined that the blob contained the personal information of hundreds of thousands of British Council English course learners and students from around the world. The group points to a contractor as the culprit for the leak.
Risk to Business: 2.906 = Moderate
Exposed data includes a student’s full name, email address, student ID, student status, enrollment dates, duration of study and other information.
How it Could Affect Your Business: Cybercriminals have been having a field day going after education-related targets, a problem that is only growing worse.
Germany – Oiltanking
Exploit: RansomwareOiltanking: Fuel Storage
Risk to Business: 1.313 = Extreme
A ransomware attack has impacted German fuel tanking company Oiltanking. The company was ensnared in a massive ransomware attack that has disrupted operations at 17 European oil terminals including the busy Amsterdam-Rotterdam-Antwerp refining hub starting on January 29th. Other European companies are also involved including German oil trade company Mabanaft, SEA-Invest in Belgium and Evos in the Netherlands. The attack appears to have had the most impact on the processing, loading and unloading of cargoes. BlackCat ransomware is thought to be behind the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure and utility attacks have become much more common – Utilities/Infrastructure was one of the top 3 industries for ransomware attacks in 2021.
Sweden – Securitas
https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data/Exploit: Misconfiguration
Securitas: Security Company
Risk to Business: 1.2011 = Severe
Researchers have discovered an unsecured AW S3 bucket belonging to security company Securitas that left data exposed for airport employees in Colombia and Peru at four airports: El Dorado International Airport (COL), Alfonso Bonilla Aragón International Airport (COL), José María Córdova International Airport (COL), and Aeropuerto Internacional Jorge Chávez (PE). In addition to the exposed employee data, researchers also uncovered photographs of airline employees, planes, fuel lines, and luggage handling were in the bucket.
Individual Risk: 1.992 = Severe
The exposed records include ID card photos, names, photos, occupations, and national ID numbers for Securitas and airport employees.
How it Could Affect Your Business: Information is a currency on the dark web and cybercriminals are always hungry for more, especially personal and financial data.
Morley Companies Inc.
https://www.safetydetectives.com/news/business-services-provider-morley-discloses-ransomware-attack/Exploit: Ransomware
Morley Companies Inc.: Business Services
Risk to Business: 1.507= Severe
Morley Companies, a business service provider to several Fortune 500 companies, announced that it had been hit with a ransomware attack that may have exposed sensitive information for more than 500,000 people. In a statement, the company said that “a ransomware-type malware had prevented access to some data files on our system beginning August 1, 2021, and there was an unauthorized access to some files that contained personal information.”, chalking up the delay in notifying possible victims of this exposure to the complexities of the incident investigation.
Individual Risk: 1.663= Severe
Morley Companies said the attack affected the information of “current employees, former employees and various clients.” The potentially compromised information leaked includes names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnostic and treatment information and health insurance information. The company is offering credit monitoring and identity theft protection for victims.
How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Civicom, Inc.
https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236Exploit: Misconfiguration
Civicom Inc.: Business Services
Risk to Business: 2.017 =Severe
Civicom is in hot water after leaving 8 TB of data exposed in an unsecured AWS S3 bucket. The New York-based company specializes in virtual conferencing facilitation, transcription and research services. With offices in the United States, the Philippines and the United Kingdom. Ultimately, Civicom exposed records containing more than 100,000 files including thousands of hours of audio and video recordings containing private conversations as well as written transcripts of meetings and calls by the company’s clients.
Customers Impacted: Unknown
How It Could Affect Your Business: This is not an uncommon mistake, but it’s always a problem and could be an expensive regulatory disaster in some industries
Wormhole
https://indianexpress.com/article/technology/crypto/hackers-steal-nearly-320-million-worth-of-crypto-assets-from-wormhole-7758034/Exploit: Hacking
Wormhole: De Fi Platform
Risk to Business: 1.227= Extreme
Hackers swooped in and snatched up more than $320 million from De Fi platform wormhole this week. The DeFi platform, a bridge between cryptocurrency Solana (SOL) and other blockchains, was exploited for approximately 120,000 wrapped Ethereum in what is thought to be the second-largest cryptocurrency hack to date. Wormhole’s parent company Jump Crypto pledged to replace the 120,000 ether Wormhole lost. The company was quick to note that the crypto was stolen through exploiting a vulnerability in the platform, not taken from an Ethereum address and it was taken in 3 separate transactions.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi has been a hotbed of having activity as cybercriminals seek quick scores of cryptocurrency, and there’s no end to the danger in sight.
News Corp.
https://www.reuters.com/business/media-telecom/news-corp-says-one-its-network-systems-targeted-by-cyberattack-2022-02-04/Exploit: Nation-State Cybercrime
News Corp.: Media & Publishing Company
Risk to Business: 2.071 = Severe
Major media company News Corp. has disclosed that it was the target of a cyberattack by suspected Chinese nation-state hackers. The attack came to light in late January and affected News Corp. business units, including The Wall Street Journal and its parent company Dow Jones, the New York Post, News U.K. and News Corp. Headquarters. The hack affected emails and documents of what it described as a limited number of employees, including journalists. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.
United Kingdom – KP Snacks
https://www.reuters.com/technology/hackers-hold-hula-hoops-hostage-cyber-raid-britains-kp-snacks-2022-02-03/Exploit: Ransomware
KP Snacks: Food Manufacturer
Risk to Business: 1.321= Extreme
Food company KP snacks, manufacturer of beloved British snacks like Hula Hoops, KP Nuts, Butterkist popcorn and Nik Naks, was hit with a ransomware attack in late January that may impact its production. Conti ransomware operators have claimed responsibility. The company informed retailers in early February that the attack had impacted its manufacturing and distribution, and that product shortages may continue into March.
Individual Risk: 1.304= Extreme
Researchers discovered samples of some of the data it had infiltrated on its dark web leak page, including confidential employee data such as home addresses and phone numbers, employment contracts, credit card statements and even birth certificates.
How it Could Affect Your Business: Ransomware attacks against manufacturing targets have become increasingly prominent as cybercriminals look for a quick payday from businesses that they shut down.
United Kingdom – British Council
https://portswigger.net/daily-swig/british-council-data-breach-leaks-10-000-student-recordsExploit: Misconfiguration
British Council: Cultural Promotion & Language Testing
Risk to Business: 2.919 = Moderate
British Council, the global organization for promoting British culture and administrators of the International English Language Testing System (IELTS) exam, leaked over 144,000 files containing student records due to an unsecured Microsoft Azure blob. Researchers determined that the blob contained the personal information of hundreds of thousands of British Council English course learners and students from around the world. The group points to a contractor as the culprit for the leak.
Risk to Business: 2.906 = Moderate
Exposed data includes a student’s full name, email address, student ID, student status, enrollment dates, duration of study and other information.
How it Could Affect Your Business: Cybercriminals have been having a field day going after education-related targets, a problem that is only growing worse.
Germany – Oiltanking
Exploit: RansomwareOiltanking: Fuel Storage
Risk to Business: 1.313 = Extreme
A ransomware attack has impacted German fuel tanking company Oiltanking. The company was ensnared in a massive ransomware attack that has disrupted operations at 17 European oil terminals including the busy Amsterdam-Rotterdam-Antwerp refining hub starting on January 29th. Other European companies are also involved including German oil trade company Mabanaft, SEA-Invest in Belgium and Evos in the Netherlands. The attack appears to have had the most impact on the processing, loading and unloading of cargoes. BlackCat ransomware is thought to be behind the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure and utility attacks have become much more common – Utilities/Infrastructure was one of the top 3 industries for ransomware attacks in 2021.
Sweden – Securitas
https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data/Exploit: Misconfiguration
Securitas: Security Company
Risk to Business: 1.2011 = Severe
Researchers have discovered an unsecured AW S3 bucket belonging to security company Securitas that left data exposed for airport employees in Colombia and Peru at four airports: El Dorado International Airport (COL), Alfonso Bonilla Aragón International Airport (COL), José María Córdova International Airport (COL), and Aeropuerto Internacional Jorge Chávez (PE). In addition to the exposed employee data, researchers also uncovered photographs of airline employees, planes, fuel lines, and luggage handling were in the bucket.
Individual Risk: 1.992 = Severe
The exposed records include ID card photos, names, photos, occupations, and national ID numbers for Securitas and airport employees.
How it Could Affect Your Business: Information is a currency on the dark web and cybercriminals are always hungry for more, especially personal and financial data.