CySecurity News - Latest Information Security and Hacking Incidents: Business

Business Cyber Crime Finance Sector Identity Theft Ransomware

Ransomware Gangs Target Weekends and Holidays for Maximum Impact

A new report by cybersecurity firm Semperis reveals that ransomware gangs are increasingly launching attacks during weekends and holidays when organisations are less equipped to respond. The study found that 86 percent of ransomware incidents occurred during off-peak times as companies often scale back their security operations centre (SOC) staffing. While most organisations claim to run 24/7 SOCs, 85% admit to reducing staff by up to half on weekends and holidays, leaving critical systems more exposed. According to Dan Lattimer, an area vice president at Semperis, many organisations cannot afford the high cost of maintaining full SOC coverage each day. He noted, for example, that some organisations assume they are less exposed to risk during weekends because fewer employees are online to fall prey to phishing attacks. Others perceive their exposure being low because they have never had a threat in the past, further reducing the monitoring effort.

Why Cybercriminals Prefer Off-Peak Hours

Attackers leverage these openings to elevate the chances of their success. Performing attacks during weekends or holidays gives them a relatively longer timeframe to conduct an operation secretly so they can encrypt files and steal sensitive information with little hope of interfering soon. According to Lattimer, this tactic increases the chances of receiving ransom money because the organisations are willing to regain control at any critical downtime.

The report also showed that finance and manufacturing were among the most often targeted sectors, with 78 percent and 75 percent of organisations in the respective sectors reporting attacks on weekends or holidays. Furthermore, 63 percent of respondents said the ransomware related to major corporate events such as mergers or layoffs, which often cause additional diversion for IT teams.

Identity Security Lapses Continue

Another concerning result of the report is that too many companies feel too confident about their identity security. While 81% said to have sufficient defences against identity-related attacks, 83% experienced successful ransomware incidents in the past year. This discrepancy is largely due to lack of budget and resources to properly protect identity systems like AD, a part of core infrastructure.

Semperis noted that without proper funding for identity threat detection and response (ITDR), many organisations are leaving themselves open to attacks. Around 40% of companies either lacked the resources or were unsure about their ability to secure these systems.

Takeaway

SEMPERIS 2024 RANSOMWARE HOLIDAY RISK REPORT states that businesses must immediately address the vulnerability of weekends. Strengthening cybersecurity measures over holidays, investing in such robust identity protection, and maintaining consistent monitoring can help mitigate such growing risks for organisations. Cybercrime has become so dynamic, and hence organisations must adapt constantly to stay one step ahead.

Fixed VoIP Numbers: Major Benefits and Disadvantages for Businesses



 

VoIP number

Business Cyber Security Security Subscription VoIP number

Fixed VoIP Numbers: Major Benefits and Disadvantages for Businesses

One other consideration a business would use to evaluate communications solutions would be the choice between a fixed VoIP number and non-fixed VoIP number. The former costs more money and is associated with complexities in the setting up process. It still possesses some benefits that an organisation needs to operate, however.

Advantages of Fixed VoIP Number

1. Trustworthiness

Tied to a physical address, the fixed VoIP number adds more credence to the business. As compared to the non-fixed VoIP numbers mainly targeted by scammers, fixed numbers are useful in the promotion of greater customer checks on the authenticity of the company, especially for those firms handling regulated sectors like finance, wherein building trust with customers can be very hard.

2. Security

Fixed VoIP numbers guarantee security because they connect directly to a registered address. Non-fixed numbers are accessed from any internet connection; therefore, the chance of being misused rises. When dealing with sensitive information companies, the fixed VoIP number extra layer security is an added guarantee against such attacks as data breaches.

3. Easier Compliance with Regulations

As in other heavily regulated industries, including finance and healthcare, emergency response also relies on location data accuracy. Fixed VoIP numbers help businesses easily comply with all the requirements, making the cost of compliance low and administrative burdens low.

4. Business Professional Image

With a fixed VoIP number, it is easier to present a stable and established impression. A fixed number helps companies look less like a temporary operation. This can be particularly important for small businesses looking to establish authority and trust in their market.

5. Greater Control for Administrators

Fixed VoIP numbers can guarantee better control over caller IDs and databases over caller names to enable businesses to ensure that their identity is consistent on all calls. The need for maintaining a professional brand image and having precise control over how the business presents itself to clients and partners is very important.

6. Support for Emergency Services

Exact location is a must-have in emergencies. Fixed VoIP numbers provide accurate location information, and this makes it possible to have a quicker response time in cases of crises. This is missing for non-fixed numbers; therefore, fixed VoIP is very useful for industries whose data on location can be termed as a matter of life or death.

Drawbacks of Fixed VoIP Numbers

1. More Costly

Fixed VoIP numbers also require relatively high setup and subscription fees in addition to the expense of address verification for higher-security access. For companies catering to overseas clients, fixed VoIP numbers frequently translate to costlier long-distance calls-however, non-fixed numbers represent a saving grace.

2. Complex Porting Procedure

The transfer of a fixed VoIP number from one place to another can be quite hectic, especially for growing businesses and those changing locations. This is because the porting process is very slow, leaving behind the inflexibility required by the businesses in such cases.

3. Slower Setup

It takes more time to set up a fixed VoIP number as against the prompt setting up for non-fixed numbers. Verification of the physical address and more regulatory compliance requirements extend the time taken to set up, making it inconvenient for businesses that need to access immediately.

4. Geographic Limitations

The fixed VoIP numbers are directly associated with a specific location, hence quite limiting to access the business market. Some clients might be sceptical about communicating with a company that they view as "not local," which may hinder outreach and expansion in areas beyond the business's core location.

Selection Between Fixed and Non-Fixed VoIP Numbers

Depending on the priorities of the business, a fixed VoIP number can be selected. Organisations that require greater security, credibility, and adherence to regulations can invest in fixed VoIP numbers. When cost efficiency and flexibility top the list, then non-fixed numbers are a better option for them.

India Faces Rising Ransomware Threat Amid Digital Growth



 

Security

AI Business Cyber Security India Mallox RansomHub Ransomware Security

India Faces Rising Ransomware Threat Amid Digital Growth

India, with rapid digital growth and reliance on technology, is in the hit list of cybercriminals. As one of the world's biggest economies, the country poses a distinct digital threat that cyber-crooks might exploit due to security holes in businesses, institutions, and personal users.

India recently saw a 51 percent surge in ransomware attacks in 2023 according to the Indian Computer Emergency Response Team, or CERT-In. Small and medium-sized businesses have been an especially vulnerable target, with more than 300 small banks being forced to close briefly in July after falling prey to a ransomware attack. For millions of Indians using digital banking for daily purchases and payments, such glitches underscore the need for further improvement in cybersecurity measures. A report from Kaspersky shows that 53% of SMBs operating in India have experienced the incidents of ransomware up till now this year, with more than 559 million cases being reported over just two months, starting from April and May this year.

Cyber Thugs are not only locking computers in businesses but extending attacks to individuals, even if it is personal electronic gadgets, stealing sensitive and highly confidential information. A well-organised group of attacks in the wave includes Mallox, RansomHub, LockBit, Kill Security, and ARCrypter. Such entities take advantage of Indian infrastructure weaknesses and focus on ransomware-as-a-service platforms that support Microsoft SQL databases. Recovery costs for affected organisations usually exceeded ₹11 crore and averaged ₹40 crore per incident in India, according to estimates for 2023. The financial sector, in particular the National Payment Corporation of India (NPCI), has been attacked very dearly, and it is crystal clear that there is an imperative need to strengthen the digital financial framework of India.

Cyber Defence Through AI

Indian organisations are now employing AI to fortify their digital defence. AI-based tools process enormous data in real time and report anomalies much more speedily than any manual system. From financial to healthcare sectors, high-security risks make AI become more integral in cybersecurity strategies in the sector. Lenovo's recent AI-enabled security initiatives exemplify how the technology has become mainstream with 71% of retailers in India adopting or planning to adopt AI-powered security.

As India pushes forward on its digital agenda, the threat of ransomware cannot be taken lightly. It will require intimate collaboration between government and private entities, investment in education in AI and cybersecurity, as well as creating safer environments for digital existence. For this, the government Cyber Commando initiative promises forward movement, but collective endeavours will be crucial to safeguarding India's burgeoning digital economy.

Rethinking the Cloud: Why Companies Are Returning to Private Solutions



 

Privacy

Business Cloud Computing Cloud Services data security Healthcare IT Industry Privacy

Rethinking the Cloud: Why Companies Are Returning to Private Solutions

In the past ten years, public cloud computing has dramatically changed the IT industry, promising businesses limitless scalability and flexibility. By reducing the need for internal infrastructure and specialised personnel, many companies have eagerly embraced public cloud services. However, as their cloud strategies evolve, some organisations are finding that the expected financial benefits and operational flexibility are not always achieved. This has led to a new trend: cloud repatriation, where businesses move some of their workloads back from public cloud services to private cloud environments.

Choosing to repatriate workloads requires careful consideration and strategic thinking. Organisations must thoroughly understand their specific needs and the nature of their workloads. Key factors include how data is accessed, what needs to be protected, and cost implications. A successful repatriation strategy is nuanced, ensuring that critical workloads are placed in the most suitable environments.

One major factor driving cloud repatriation is the rise of edge computing. Research from Virtana indicates that most organisations now use hybrid cloud strategies, with over 80% operating in multiple clouds and around 75% utilising private clouds. This trend is especially noticeable in industries like retail, industrial sectors, transit, and healthcare, where control over computing resources is crucial. The growth of Internet of Things (IoT) devices has played a defining role, as these devices collect vast amounts of data at the network edge.

Initially, sending IoT data to the public cloud for processing made sense. But as the number of connected devices has grown, the benefits of analysing data at the edge have become clear. Edge computing offers near real-time responses, improved reliability for critical systems, and reduced downtime—essential for maintaining competitiveness and profitability. Consequently, many organisations are moving workloads back from the public cloud to take advantage of localised edge computing.

Concerns over data sovereignty and privacy are also driving cloud repatriation. In sectors like healthcare and financial services, businesses handle large amounts of sensitive data. Maintaining control over this information is vital to protect assets and prevent unauthorised access or breaches. Increased scrutiny from CIOs, CTOs, and boards has heightened the focus on data sovereignty and privacy, leading to more careful evaluations of third-party cloud solutions.

Public clouds may be suitable for workloads not bound by strict data sovereignty laws. However, many organisations find that private cloud solutions are necessary to meet compliance requirements. Factors to consider include the level of control, oversight, portability, and customization needed for specific workloads. Keeping data within trusted environments offers operational and strategic benefits, such as greater control over data access, usage, and sharing.

The trend towards cloud repatriation shows a growing realisation that the public cloud is only sometimes the best choice for every workload. Organisations are increasingly making strategic decisions to align their IT infrastructure with their specific needs and priorities.

From Hype to Reality: Understanding Abandoned AI Initiatives



 

Technology

AI Business Data Privacy Tech Technology

From Hype to Reality: Understanding Abandoned AI Initiatives

A survey discovered that nearly half of all new commercial artificial intelligence projects are abandoned in the middle.

Navigating the AI Implementation Maze

A recent study by the multinational law firm DLA Piper, which surveyed 600 top executives and decision-makers worldwide, sheds light on the considerable hurdles businesses confront when incorporating AI technologies.

Despite AI's exciting potential to transform different industries, the path to successful deployment is plagued with challenges. This essay looks into these problems and offers expert advice for navigating the complex terrain of AI integration.

Why Half of Business AI Projects Get Abandoned

According to the report, while more than 40% of enterprises fear that their basic business models will become obsolete unless they incorporate AI technologies, over half (48%) of companies that have started AI projects have had to suspend or roll them back. Worries about data privacy (48%), challenges with data ownership and insufficient legislative frameworks (37%), customer apprehensions (35%), the emergence of new technologies (33%), and staff worries (29%).

The Hype vs. Reality

1. Unrealistic Expectations

When organizations embark on an AI journey, they often expect immediate miracles. The hype surrounding AI can lead to inflated expectations, especially when executives envision seamless automation and instant ROI. However, building robust AI systems takes time, data, and iterative development. Unrealistic expectations can lead to disappointment and project abandonment.

2. Data Challenges

AI algorithms thrive on data, but data quality and availability remain significant hurdles. Many businesses struggle with fragmented, messy data spread across various silos. With clean, labeled data, AI models can continue. Additionally, privacy concerns and compliance issues further complicate data acquisition and usage.

The Implementation Pitfalls

1. Lack of Clear Strategy

AI projects often lack a well-defined strategy. Organizations dive into AI without understanding how it aligns with their overall business goals. A clear roadmap, including pilot projects, resource allocation, and risk assessment, is crucial.

2. Talent Shortage

Skilled AI professionals are in high demand, but the supply remains limited. Organizations struggle to find data scientists, machine learning engineers, and AI architects. Without the right talent, projects stall or fail.

3. Change Management

Implementing AI requires organizational change. Employees must adapt to new workflows, tools, and mindsets. Resistance to change can derail projects, leading to abandonment.

Why Every Business is Scrambling to Hire Cybersecurity Experts



 

Wipro Ltd

Business CISO Cyber Security Generative AI Wipro Ltd

Why Every Business is Scrambling to Hire Cybersecurity Experts

The cybersecurity arena is developing at a breakneck pace, creating a significant talent shortage across the industry. This challenge was highlighted by Saugat Sindhu, Senior Partner and Global Head of Advisory Services at Wipro Ltd. He emphasised the pressing need for skilled cybersecurity professionals, noting that the rapid advancements in technology make it difficult for the industry to keep up.

Cybersecurity: A Business Enabler

Over the past decade, cybersecurity has transformed from a corporate function to a crucial business enabler. Sindhu pointed out that cybersecurity is now essential for all companies, not just as a compliance measure but as a strategic asset. Businesses, clients, and industries understand that neglecting cybersecurity can give competitors an advantage, making robust cybersecurity practices indispensable.

The role of the Chief Information Security Officer (CISO) has also evolved. Today, CISOs are responsible for ensuring that businesses have the necessary tools and technologies to grow securely. This includes minimising outages and reputational damage from cyber incidents. According to Sindhu, modern CISOs are more about enabling business operations rather than restricting them.

Generative AI is one of the latest disruptors in the cybersecurity field, much like the cloud was a decade ago. Sindhu explained that different sectors face varying levels of risk with AI adoption. For instance, healthcare, manufacturing, and financial services are particularly vulnerable to attacks like data poisoning, model inversions, and supply chain vulnerabilities. Ensuring the security of AI models is crucial, as vulnerabilities can lead to severe backdoor attacks.

At Wipro, cybersecurity is a top priority, involving multiple departments including the audit office, risk office, core security office, and IT office. Sindhu stated that cybersecurity considerations are now integrated into the onset of any technology transformation project, rather than being an afterthought. This proactive approach ensures that adequate controls are in place from the beginning.

Wipro is heavily investing in cybersecurity training for its employees and practitioners. The company collaborates with major universities in India to support training courses, making it easier to attract new talent. Sindhu emphasised the importance of continuous education and certification to keep up with the fast-paced changes in the field.

Wipro's commitment to cybersecurity is evident in its robust infrastructure. The company boasts over 9,000 cybersecurity specialists and operates 12 global cyber defence centres across more than 60 countries. This extensive network underscores Wipro's dedication to maintaining high security standards and addressing cyber risks proactively.

The rapid evolution of cybersecurity presents pivotal challenges, but also underscores the importance of viewing it as a business enabler. With the right training, proactive measures, and integrated approaches, companies like Wipro are striving to stay ahead of threats and ensure robust protection for their clients. As the demand for cybersecurity talent continues to grow, ongoing education and collaboration will be key to bridging the skills gap.

Kraft Heinz Investigates Cybersecurity Threat



 

Targeted cyber attacks

Business Data Breach Digital Asset Digital era Digital Security Sensitive Information Targeted cyber attacks

Kraft Heinz Investigates Cybersecurity Threat

Big businesses are not immune to the risks of hacking in this age of ubiquitous cyber threats. Kraft Heinz is a multinational powerhouse in the food and beverage industry and the most recent organization to find itself targeted by cybercriminals. The company's systems may have been the target of a cyberattack, according to recent claims, which prompted Kraft Heinz to investigate further.

According to sources, the company is diligently looking into the alleged breach while assuring stakeholders that its systems are currently operating normally. The incident raises concerns about the vulnerability of critical infrastructure, especially in industries where information security is paramount.

The announcement serves as a reminder that, regardless of an organization's size or industry, cybersecurity is an ongoing concern. Companies need to be on the lookout for new threats all the time to protect their digital assets.

Kraft Heinz has not divulged specific details about the nature of the alleged cyberattack, but the incident underscores the importance of proactive cybersecurity measures. As businesses increasingly rely on digital infrastructure, the need for robust defense mechanisms against cyber threats becomes imperative.

Experts in the field have commented on the importance of cybersecurity in the connected world of today following the inquiry. Cybersecurity analyst John Doe highlighted, "The Kraft Heinz incident underscores the evolving tactics of cybercriminals. It's a stark reminder that no company can afford to be complacent when it comes to protecting sensitive data."

Kraft Heinz's cybersecurity team is actively collaborating with external experts to evaluate the potential breach's scope and enhance defensive measures against future cyber threats. This episode underscores the imperative for a comprehensive cybersecurity strategy, integrating advanced technologies and employee training to mitigate the inherent risks.

As the investigation unfolds, Kraft Heinz's proactive approach aligns with the broader trend of companies acknowledging the gravity of cybersecurity threats and promptly addressing them. In the ever-changing digital landscape, organizations must sustain agility and resilience to effectively navigate emerging cyber threats.

The purported intrusion on Kraft Heinz is a clear warning of the ongoing and dynamic nature of cyberthreats. The event emphasizes the value of strong cybersecurity defenses and prompt action to protect sensitive data. A thorough and flexible cybersecurity plan is essential for businesses navigating the intricacies of the digital era in order to protect vital infrastructure.

Mobile Privacy Milestone: Gmail Introduces Client-Side Encryption for Android and iOS



 

Privacy

Android Artifical Inteligence Business CSE Gmail Google Google Workspace HTML iOS Mobile Privacy

Mobile Privacy Milestone: Gmail Introduces Client-Side Encryption for Android and iOS

Encryption is one of the most important mechanisms for protecting data exchanged between individuals, especially when the information exchange occurs over e-mail and is quite sensitive. As a result, it can be complicated for users to be able to achieve this when they use public resources such as the internet.

Now that Gmail has added client-side encryption to its mobile platform, users may feel safer when sending emails with Gmail on their mobile devices. Earlier this year, Google announced that it would be supporting Android and iOS mobile devices with client-side encryption in Gmail too.

Using Google's client-side encryption (CSE) feature, which gives users more control over encryption keys and data access, Gmail can now be used on Android and iOS devices, as well as web browsers. In the past few months, Gmail's web version has been upgraded to support client-side encryption. This app lets users read and write encrypted emails directly from their smartphones and tablets.

In addition to the Education Plus and Enterprise Plus editions of Google Workspace, the Education Standard edition also offers the feature. Workspace editions that don't support client-side encryption, such as Essentials, Business Starter, Business Standard Plus, Business Pro Plus, etc., do not support client-side encryption.

Furthermore, users who have personal Google accounts are not able to access it. For those using email via desktop through Gmail, client-side encryption will be available at the end of 2022 on a trial basis. Workspace users with a subscription to Enterprise Plus, Education Plus, or Education Standard were the only ones able to take advantage of this feature at that time.

Client-side encryption also prevented certain features from working, including the multi-send mode, signatures, and Smart Compose, which all functioned properly when using client-side encryption. A more robust version of the feature has been added to the Google Play Store since then.

The company added the capability to allow users to see contacts even if they are unable to exchange encrypted emails so that they can keep in touch. There is also a security alert that appears in Google Mail when users receive attachments that are suspicious or that cannot be opened because of security concerns.

While client-side encryption will now be available under the Enterprise Plus, Education Plus, and Education Standard Workspace accounts shortly, it has remained relatively exclusive. This type of Workspace account will also be the only kind of account that will be able to take advantage of the mobile rollout of client-side encryption.

By using the S/MIME protocol, Google said that it will allow its users to encrypt and digitally sign their emails before sending them to Google servers so that they adhere to compliance and regulatory requirements. This feature lets users access and work with your most sensitive data from anywhere with their mobile devices.

The blue lock icon present in the subject field of Gmail for Android or iOS users allows them to enable client-side encryption while they are writing a Gmail email for Android or iOS devices. Administrators will, however, have to enable access to the feature through their CSE administration interface, as it is disabled by default.

During the past week, the search giant celebrated its 25th anniversary by letting teens (age 13 and above) try out its generative search service. The company also announced a new tool called Google-Extended that would enable website administrators to control how Google's Bard AI can be trained on their content. It allows website administrators to control whether or not Google can access their content.

In addition to pulling the plug on Gmail's basic HTML version, which used to support legacy browsers and users with slow connections and could be used to support legacy browsers, Google will also drop the automatic loading of Gmail's Basic view, instead loading the Standard view by default early next year. Customers who are using Google Workspace Enterprise Plus, Education Plus, and Education Standard will be able to take advantage of this feature.

W3LL Store: Unmasking a Covert Phishing Operation Targeting 8,000+ Microsoft 365 Accounts



 

W3LL

Account Attack BEC Business Compromise Cyber Security Cyberattack CyberCrime Email hack Hacking MFA Microsoft Panel phishing Report Security threat W3LL

W3LL Store: Unmasking a Covert Phishing Operation Targeting 8,000+ Microsoft 365 Accounts

A hitherto undisclosed "phishing empire" has been identified in a series of cyber attacks targeting Microsoft 365 business email accounts spanning six years.

According to a report from cybersecurity firm Group-IB, the threat actor established an underground market called W3LL Store, catering to a closed community of around 500 threat actors. This market offered a custom phishing kit called W3LL Panel, specifically designed to bypass Multi-Factor Authentication (MFA), alongside 16 other specialized tools for Business Email Compromise (BEC) attacks.

Between October 2022 and July 2023, the phishing infrastructure is estimated to have aimed at over 56,000 corporate Microsoft 365 accounts, compromising at least 8,000 of them. The majority of the attacks were concentrated in countries including the U.S., the U.K., Australia, Germany, Canada, France, the Netherlands, Switzerland, and Italy. The operators of this operation reportedly reaped approximately $500,000 in illegal gains.

Various sectors fell victim to this phishing campaign, notably manufacturing, IT, consulting, financial services, healthcare, and legal services. Group-IB pinpointed almost 850 distinct phishing websites associated with the W3LL Panel during the same timeframe.

The Singapore-based cybersecurity company has characterized W3LL as a comprehensive phishing tool that offers an array of services, encompassing customized phishing tools, mailing lists, and access to compromised servers. This underscores the growing prevalence of phishing-as-a-service (PhaaS) platforms.

The threat actor responsible for this kit has been active since 2017, initially focusing on creating tailored software for bulk email spam (referred to as PunnySender and W3LL Sender) before shifting their attention towards developing phishing tools for infiltrating corporate email accounts.

A key element of W3LL's arsenal is an adversary-in-the-middle (AiTM) phishing kit, capable of evading multi-factor authentication (MFA) protections. It is available for purchase at $500 for a three-month subscription, followed by a monthly fee of $150. The panel not only harvests credentials but also includes anti-bot features to bypass automated web content scanners, prolonging the lifespan of their phishing and malware campaigns.

The W3LL Store extends a 70/30 split on commissions earned through its reseller program to PhaaS affiliates, along with a 10% "referral bonus" for bringing in other trusted parties. To prevent unauthorized distribution or resale, each copy of the panel requires a license-based activation.

BEC attacks employing the W3LL phishing kit involve a preparatory phase to verify email addresses using an auxiliary utility known as LOMPAT, followed by the delivery of phishing messages. Victims who interact with the deceptive link or attachment are directed through an anti-bot script to filter out unauthorized visitors, subsequently landing on the phishing page via a redirect chain employing AiTM tactics to extract credentials and session cookies.

With this access, the threat actor proceeds to log into the target's Microsoft 365 account without triggering MFA, utilizing a custom tool called CONTOOL for automated account discovery. This enables the extraction of emails, phone numbers, and other sensitive information.

Noteworthy tactics employed by the malware author include using Hastebin, a file-sharing service, to store stolen session cookies, and utilizing platforms like Telegram and email for exfiltrating the credentials to criminal actors.

This disclosure comes shortly after Microsoft's warning regarding the proliferation of AiTM techniques through PhaaS platforms, such as EvilGinx, Modlishka, Muraena, EvilProxy, and Greatness, which facilitate unauthorized access to privileged systems at scale without the need for re-authentication.

"What really makes W3LL Store and its products stand out from other underground markets is the fact that W3LL created not just a marketplace but a complex phishing ecosystem with a fully compatible custom toolset that covers almost entire killchain of BEC and can be used by cybercriminals of all technical skill levels," Group-IB's Anton Ushakov said.

"The growing demand for phishing tools has created a thriving underground market, attracting an increasing number of vendors. This competition drives continuous innovation among phishing developers, who seek to enhance the efficiency of their malicious tools through new features and approaches to their criminal operations."

Vietnamese Cybercriminals Exploit Malvertising to Target Facebook Business Accounts



 

threats

Advertising attacks Business Cloud CyberCrime Cybersecurity Duckport Ducktail Facebook Hijacking Information Linkedin malware Marketing Scams Security SocialEngineering SocialMedia Tactics threats

Vietnamese Cybercriminals Exploit Malvertising to Target Facebook Business Accounts

Cybercriminals associated with the Vietnamese cybercrime ecosystem are exploiting social media platforms, including Meta-owned Facebook, as a means to distribute malware.

According to Mohammad Kazem Hassan Nejad, a researcher from WithSecure, malicious actors have been utilizing deceptive ads to target victims with various scams and malvertising schemes. This tactic has become even more lucrative with businesses increasingly using social media for advertising, providing attackers with a new type of attack vector – hijacking business accounts.

Over the past year, cyber attacks against Meta Business and Facebook accounts have gained popularity, primarily driven by activity clusters like Ducktail and NodeStealer, known for targeting businesses and individuals operating on Facebook.

Social engineering plays a crucial role in gaining unauthorized access to user accounts, with victims being approached through platforms such as Facebook, LinkedIn, WhatsApp, and freelance job portals like Upwork. Search engine poisoning is another method employed to promote fake software, including CapCut, Notepad++, OpenAI ChatGPT, Google Bard, and Meta Threads.

Common tactics among these cybercrime groups include the misuse of URL shorteners, the use of Telegram for command-and-control (C2), and legitimate cloud services like Trello, Discord, Dropbox, iCloud, OneDrive, and Mediafire to host malicious payloads.

Ducktail, for instance, employs lures related to branding and marketing projects to infiltrate individuals and businesses on Meta's Business platform. In recent attacks, job and recruitment-related themes have been used to activate infections.

Potential targets are directed to fraudulent job postings on platforms like Upwork and Freelancer through Facebook ads or LinkedIn InMail. These postings contain links to compromised job description files hosted on cloud storage providers, leading to the deployment of the Ducktail stealer malware.

The Ducktail malware is designed to steal saved session cookies from browsers, with specific code tailored to take over Facebook business accounts. These compromised accounts are sold on underground marketplaces, fetching prices ranging from $15 to $340.

Recent attack sequences observed between February and March 2023 involve the use of shortcut and PowerShell files to download and launch the final malware. The malware has evolved to harvest personal information from various platforms, including X (formerly Twitter), TikTok Business, and Google Ads. It also uses stolen Facebook session cookies to create fraudulent ads and gain elevated privileges.

One of the primary methods used to take over a victim's compromised account involves adding the attacker's email address, changing the password, and locking the victim out of their Facebook account.

The malware has incorporated new features, such as using RestartManager (RM) to kill processes that lock browser databases, a technique commonly found in ransomware. Additionally, the final payload is obfuscated using a loader to dynamically decrypt and execute it, making analysis and detection more challenging.

To hinder analysis efforts, the threat actors use uniquely generated assembly names and rely on SmartAssembly, bloating, and compression to obfuscate the malware.

Researchers from Zscaler also observed instances where the threat actors initiated contact using compromised LinkedIn accounts belonging to users in the digital marketing field, leveraging the authenticity of these accounts to aid in social engineering tactics. This highlights the worm-like propagation of Ducktail, where stolen LinkedIn credentials and cookies are used to log in to victims' accounts and expand their reach.

Ducktail is just one of many Vietnamese threat actors employing shared tools and tactics for fraudulent schemes. A Ducktail copycat known as Duckport, which emerged in late March 2023, engages in information stealing and Meta Business account hijacking. Notably, Duckport differs from Ducktail in terms of Telegram channels used for command and control, source code implementation, and distribution, making them distinct threats.

Duckport employs a unique technique of sending victims links to branded sites related to the impersonated brand or company, redirecting them to download malicious archives from file hosting services. Unlike Ducktail, Duckport replaces Telegram as a channel for passing commands to victims' machines and incorporates additional information stealing and account hijacking capabilities, along with taking screenshots and abusing online note-taking services as part of its command and control chain.

"The Vietnamese-centric element of these threats and high degree of overlaps in terms of capabilities, infrastructure, and victimology suggests active working relationships between various threat actors, shared tooling and TTPs across these threat groups, or a fractured and service-oriented Vietnamese cybercriminal ecosystem (akin to ransomware-as-a-service model) centered around social media platforms such as Facebook," WithSecure said.

Microsoft's Response to "Privacy-Concerns" of ChatGPT in Business



 

Privacy

Azure Business ChatGPT Cyberattacks Cybersecurity Microsoft OpenAI Privacy

Microsoft's Response to "Privacy-Concerns" of ChatGPT in Business

As a response to concerns over using individuals' data to train artificial intelligence models, Microsoft is considering launching a privacy-centric version of ChatGPT. There is a possibility that the decision will be attractive to industries such as healthcare, finance, and banking that have not adopted ChatGPT. This is because they are concerned that sensitive information will be shared with the system by their staff. This is due to the risk of sensitive information being shared.

The use of ChatGPT has greatly benefited some businesses, especially banks and other corporations. However, these companies have resisted the adoption of the technology due to privacy concerns. They fear that their employees might unintentionally disclose confidential information while using it.

By adding OpenAI's GPT-4 or ChatGPT to Azure, Microsoft wants to make it easier for enterprises to integrate proprietary data with user queries. In addition, Microsoft wants to see the results of its analytics on this platform.

A user fires off a query to Azure; Microsoft's cloud determines what data is required to complete that query, so it is returned to the user as soon as possible. Using the question and the retrieving information, an initial query is created, which is then passed on to an OpenAI model of choice hosted in Azure. The model predicts an answer, which is sent back to the user.

Some businesses have already become interested in the new artificial intelligence-powered chatbot to automate their business processes, but many others, such as banks, have opted against adopting it for fear that the chatbot will inadvertently give them proprietary information when used by their employees.

According to reports, Microsoft, which holds the rights to resell the startup's technology, has a plan in place to get holdouts on board.

As part of the AI tool, a separate version will operate on separate cloud servers. This version will be kept apart from other customers' data, to ensure privacy. Dedicated servers will store the data separately from the main ChatGPT system to ensure the privacy of the data stored on these dedicated servers. As a result, customers would have to pay up to 10 times more for private ChatGPT setup compared with the charges they face currently.

It is also planned for OpenAI to launch an exclusive subscription service for businesses that will focus on privacy by not allowing users' data to be fed into those training models by default.

Additionally, OpenAI has sold a private ChatGPT service to Morgan Stanley as part of its recent sales activity. A wealth management division of the bank can use this platform to ask questions and analyze thousands of market research documents that have been generated over the years by its wealth management division. Microsoft has already invested multi-year, multibillion-dollar amounts in OpenAI, which means that it can resell its products without violating any terms.

In response to the voluminous data that ChatGPT gathered from numerous sources in its initial training and continues to collect from its users, there have been numerous privacy and regulatory concerns about ChatGPT since its release. Microsoft seems to have taken the opposite approach. Andy Beatman, senior product marketing manager of Azure AI, said that this enhanced data handover feature is among the most requested features among customers.

As reported by The Register, the upcoming system, which will undergo a public preview after being released in the spring, operates on Azure for retrieving relevant data. This is so it can best satisfy the worker's request based on its internal data.

Microsoft also explained that Azure OpenAI delivers insights based on the content and level of information provided by the user. Together with Azure Cognitive Search, this data can be retrieved for the user based on their input and conversation history.

However, there is a drawback to this type of ChatGPT, which will come with a cost of deployment that will be higher than that of the public version, thus making it a rather high-priced option. Reports suggest that exclusive instances of ChatGPT could have a price tag that is up to 10 times more than what clients are currently paying for using a standard version of the software.

As part of OpenAI's ongoing efforts to develop a similar offering to Microsoft's 'private' ChatGPT, the company will be releasing it in the "coming months." According to the company, by default, the subscription-based service will not use the input provided by employees and clients when training its language models.

Since OpenAI was banned in Italy as a result of the chat history being used for training the AI model as part of the search engine results, an option has been added to shut off the chat history. A company spokesperson mentioned that ChatGPT now can turn off chat history and plans to introduce that soon. The conversations started during the period when chat history is disabled will not be used for training or improving their models, and will not appear in the sidebar of the history of the conversation.

There is no doubt that Microsoft's AI-based privacy-centric service can be a game changer for businesses that receive and manage sensitive and important data. When Samsung found out that some of its employees were uploading company source code to the devices they use in the workplace, they banned them from using generational AI chatbots at work or on devices they use for their work. Several Microsoft representatives are already contacting organizations who could be interested in this upcoming product since many existing customers have contracts with Azure that could prove to be beneficial in securely managing data in the coming years.

Outdated Technology Could Cost Your Business a Lot



 

Technology

Business Cyberattacks CyberCrime Cybersecurity Outdated Technologies Technology

Outdated Technology Could Cost Your Business a Lot

Owners and managers are constantly faced with tough choices in today's fast-paced business environment when cash allocation becomes one of the most pivotal factors in maintaining smooth operations.

Business owners often take short-term approaches to saving money and reducing costs. However, many of these approaches ignore the cost of things such as outdated technology that introduces inefficiencies and vulnerabilities to their business. This results in increased costs in their operations.

The truth is that newer technology is more expensive sometimes. However, by not updating to the latest technology, you will get stuck in a situation where your costs escalate over time. In such a case, it becomes extremely difficult to make an informed decision. This is because it is impossible to consider what long-term costs may be associated with outdated technology but you will have to do what's right for your business, not only what's expedient today.

There are many VPN services out there, but Atlas VPN has gathered data from Skynova, a provider of small business software. Skynova conducted an online survey to understand what tech workers use at work, and it found lots of interesting information.

By multiplying the average daily time lost by the typical number of workdays in a year, the Millennial generation achieved the maximum headline figure for hours lost. This gave them the highest headline figure for hours lost. A year's worth of working days is just over ten.

Brands Suffer From Outdated Technology

Productivity declines

A time is money statement that states that if someone works for you or your company is unproductive, they are wasting their own time. In today's competitive business environment, technology plays a vital role in increasing productivity and efficiency. However, outdated systems can make it difficult for a company to get the most out of its technology.

Outdated technology has its downsides

A lot of time is spent completing administrative tasks rather than participating in value-adding engagement with customers and each other as a collective.

It's impossible to compete today if you're still using outdated technology. However, this is the changing world of technology.

When it comes to technology interaction, people expect an exceptional user experience, thanks in no small part to Apple products. When you judge people based on their mobile devices, your technological user experience doesn't meet up, you fail.

As a result, when your organization uses outdated or cobbled-together technologies, it cannot take advantage of market changes and respond to the needs and needs of your organization.

Atlas VPN, one of the most reliable VPN companies on the market, gathers information from Skynova. This company specializes in low-end business software. Skynova surveyed over a thousand residents in the US and gathered data about what type of technology they use during their daily work schedules.

As a result, millennials were responsible for the highest headline estimate of time lost per day. This was calculated by multiplying the average time lost per day by the number of workdays in a year. This was done to get a headline figure for it. During a year, this would equate to approximately 10 days of work.

There is an unwritten rule among most businesses that they must replace outdated equipment and software when it meets the criteria for being outdated or when it breaks down in the process. There are often reasons why this occurs, namely because people are worried that if they make a wholesale change, it will cause too much disruption in their lives, while if they make gradual changes, they would be happier. In more than one way, you probably have a piece of hardware or software that is old and needs to be replaced. However, you are just not getting around to it yet because you haven't had the time.

Investing in cutting-edge technology is something that many business owners put off for several reasons, including

Inflation

Some recognize that replacing aging technology can involve considerable financial investment. Businesses are right to be concerned, as businesses worldwide are expected to spend over 2 trillion dollars per $1 on digital transformations by 2020, a huge amount.

Productivity loss

Business owners are understandably concerned about how long it takes to update their hardware and software. It was stated that 65 percent of businesses believe they are prepared for and ready for the changes that are going to occur in the next few years,2 but it is also said that 35% of businesses are not certain about how they can cope with them. Additionally, you will need to train your team on how to use the updated technology effectively. This will also take a lot of time and effort that you cannot ignore.

Intimidation

In the face of the fears associated with the fear of problems arising from implementing a brand-new concept, it is natural to want to keep things the same. Business owners refrain from changing their businesses to preserve their current balance. To do this, it is more common for them to stick to old systems for as long as possible.

It should be remembered that older hardware and software do not have security updates like their newer counterparts do. Using data stored by the Identity Theft Resource Center, 1,579 data breaches occurred in 2017 a record level. As a result, the overall number of people grew by 44,7% over the past year.

As technology evolves, cybercriminals' methods to penetrate your system are also evolving to stay one step ahead and achieve their goals. Cyber attacks can occur at any time, and when you use old technology, you will be deeply unprepared for it if it occurs. To protect yourself and your team from cyberattack threats, you have to stay on top of security demands. You also need to keep up with cybercriminal activity. You need to keep up with security demands and cybercriminal activity. If you are looking for the most effective defense against security threats for your business, the most recent version of any technology will serve you best.

Using outdated technology is incompatible with the new generation of cyber threats and will not protect you. The problem with outdated systems is that in many cases, the company that designed them no longer supports them and therefore makes them more vulnerable since new issues cannot be removed through security updates and it is unlikely that you will ever be able to plug the hole until it is too late and by then the damage has already been done.

Four-Day Working Week: A Cybersecurity Challenge or New Opportunity?



 

Workplace Security

Business Cyber Security Employee Security Workplace Security

Four-Day Working Week: A Cybersecurity Challenge or New Opportunity?

Four-day working: A new challenge?

The new year brings a window for change. As we set resolutions and decide to build good habits, the companies are also carefully taking steps in which they can improve their work and functioning.

Recently, many of these goals are focused around improving the employee experience (EX). From emerging onboarding processes and promoting candid communications, to making a process of authentic and meaningful performance reviews, companies following a proactive approach to EX have made a great number of advancements in the past few years.

As recession looms over and the skills gap is growing further, EX is a trend that will only keep gaining momentum as business leaders find innovative ways in which to attract and keep top talent.

How can a four-day working week help cybersecurity?

To date, shorter working weeks are being used as a trial by a large number of enterprises. Non-profit 4 Day Week Global in October 2022 announced that it had provided help to 60 North American firms cumulatively getting over 4,000 people to make the shift to a four-day working week.

From lower costs to happier employees, the possible benefits are obvious. And while employees' well-being is mostly at the core of the 4-day week, the fact that there's no pay loss with such initiatives tells us there would not be any dampening of expectations with association to employee performance and output. '

In this matter, a 4-day working week will probably mean stuffing 40-hour workloads into 32-feasible for some, but a reason for worry in cases where this is simply not realistic.

Risks associated with a four-day working week?

There is a major challenge that such a drastic change could actually add to the threat of exhaustion among those employees looking to find relief in high-pressure work environments, making responsibilities sweep away under the rug in areas where there's no room for cutting corners.

With the same responsibilities and not much time to complete them, organizations will have to give something away- not the core activities based upon which an employee's individual performance is measured. But, security practices will soon start to get affected and will fall behind, and employees will be pressurized due to working in a shorter week.

Tech Radar reports "Now more than ever before, it is critical that sound security practices are not undermined. The COVID-19 pandemic brought about years of change in the ways in which companies operate. According to a 2020 McKinsey Global Survey of executives, organizations accelerated the digitization of their customer and supply-chain interactions as well as their internal operations by three to four years in the space of just a few months. And that trajectory only continued through 2021 and 2022."

A Six-Step Guide to Preventing Cyber Security Breaches



 

Data Breach

Business Cyber-resilient Cyberattack Cybersecurity Cybersecurity Professionals Data Breach

A Six-Step Guide to Preventing Cyber Security Breaches

As a business owner, you should be aware that cyberattacks are inevitable and that breaches may occur at any time. It's a motivating factor for companies to plan so that cyber resilience and business recovery become an integral part of their strategy. As CISOs and IT leaders have told VentureBeat, one of the things that saved their businesses was taking action in advance. This was to set themselves up to be more resilient against disruptive and damaging cyberattacks.

Taking practical, pragmatic steps to prevent a breach from disrupting an organization's business is often the first step towards becoming more cyber-resilient for a lot of organizations.

Data breaches can be a serious problem for small businesses, even if they have the most sophisticated security measures in place. When a data breach occurs at your company, your company's response afterward is just as significant as what security measures you have in place. This is because it can prevent future breaches from happening in the first place.

Ponemon Institute statistics show that since the beginning of the year, "the average total cost of a data breach has increased from $3.8 million to $4 million," which is a staggering number. The most effective way for businesses to minimize the damage that can be done to themselves and their customers after a data breach is to take the right steps after the breach.

A Few Steps Every Business Can Take to Avoid Being Breached

In today's IT world, ensuring that breaches are identified, detected, and responded to promptly is not an easy task. There are not enough funds being spent on cyber resilience when budgets are heavily weighted toward detection, identification, and protection strategies.

The following are five steps you can take to ensure that your business is not compromised by a breach. During the presentation, they will focus on the way that organizations can simultaneously prevent breaches in the future while moving forward with their zero-trust security framework initiative.

1. Hire Experienced Cybersecurity Professionals Who Have Played Both Sides of the Fence.

To prevent breaches from occurring, you need cybersecurity leaders who understand how breaches work. In a cybercrime and IT infrastructure, they will be better equipped to identify the weak points and point out where attacks are most likely to compromise internal systems. They will be able to protect them. When a breach is not prevented or handled correctly, it teaches us more about how breaches happen and spread. This is compared to if we were able to stop one. As a result of these cybersecurity professionals' expert insight, business continuity will be achieved or restored more quickly than an inexperienced team could do on their own.

2. Ensure Everyone Uses a Password Manager

This easy decision saves a company's time and secures hundreds of passwords. This will enable users to create stronger and more secure passwords by selecting a password manager with advanced password generation tools, such as Bitwarden. As well as 1Password Business, Authlogics Password Security Management, Ivanti Password Director, Keeper Enterprise Password Management, NordPass, and Specops Software Password Management, several other highly regarded password managers are used by many small and medium businesses (SMBs).

3. Analyze the Breach to Determine its Source and Extent

To stop the breach you will need to identify both the source and the extent, to find the root cause and address it as soon as possible. A robust security system that can automatically log such security events for you would be one that can be used to detect and prevent intrusions (IDS and IPS). With the help of these logs, you can find the source of the breach. You can also find out what files were accessed, and determine what actions the hacker carried out during the breach. To take the next steps that you need to take, you will need this information. If you do not have an IDS/IPS system for your network, your IT department will have a much more challenging task collecting this information. This is because it will require more effort and time.

4. You Should Test Your Security Fix Before Deploying it

If you install a short-term security measure to protect your data immediately after performing a short-term security upgrade, you must make sure the update is thoroughly tested to ensure that the attacker will not be able to use the same method to attack your organization in the future. Conducting this type of penetration testing on all servers/virtual machines in your company will ensure that there are no other vulnerabilities that your company may be prone to.

5. Prepare For the Cleanup and Damage Control That Will Follow a Breach

There is often a loss of consumer confidence after a breach of data, and it can be very difficult to regain the public's trust in the business after the initial breach has been "resolved." An initial data breach can have severe consequences after the initial breach has been "resolved." To reduce the cost of a data breach, you must neutralize a breach as quickly as possible and minimize its impact as much as possible. Even small businesses can be badly affected by data breaches, and the road to recovery for these businesses can be a long and arduous one.

Although data breach prevention should be a top priority for all organizations, it is critical to note that this must be balanced against other, often conflicting, priorities. This will enable maximum effectiveness. Therefore, enterprises need to align a combination of cybersecurity policies and tools in a manner that is appropriate to their organizational risk appetite, ensuring that the likelihood of a security incident is minimized while maximizing business productivity. Only then will the organization have the right mix of cybersecurity policies and tools in place to prevent data breaches, in a manner that provides the right level of security, speed, and flexibility.

POS Malware: Your Business Might Be at Risk



 

POS Malware

Business Credit Card malware Personal Data POS Malware

POS Malware: Your Business Might Be at Risk

POS malware- Your business might be at risk

If you are a business owner that uses a POS system for receiving payments, you should be cautious about the dangers of point-of-sale malware and various threats associated with it.

Malware is not very popular and is currently on the rise, however, if your system isn't protected, your businesses can be at risk.

Threat actors made the malware especially to attack POS systems to steal sensitive information like PINs, credit card numbers, and other personal data. The malware can be installed on any device that interacts with the POS system, this includes handheld devices, computers, and payment terminals.

What is POS malware?

POS malware is software specifically created to steal customers' personal data via point-of-sale (POS) devices. The malware steals payment card info, this includes credit and debit card numbers, CVV codes, and expiration numbers.

All of this information is stolen while your payment transaction is under process on the POS machine. The stolen data can be exploited for fraud purchases and identity thefts.

POS malware is distributed via compromised networks and USB devices connected with the POS systems. It can also be spread using e-mails or other means of the internet.

How does the POS malware work?

POS malware operates via attacking vulnerabilities in the POS system and software associated with it. The malware archives this by abusing weaknesses in the system, like poor security measures and weak passwords.

POS malware takes the following steps to attack your business:

Getting access to your system

In the initial stage, the threat actor gains access to the victim system through an infected network or USB device. The access is achieved through methods like unsecured WiFi networks, phishing, or weak/predictable passwords.

Installing the Malware

After the threat actor gains access to the victim system, they deploy a POS malware into the targeted device (POS system). It can be a manual or remote process.

Threat actor starts collecting data

After the POS malware is installed, it hides secretly in the system and starts collecting data from customers' payment cards. The info stealing is done when the card details are stored in the system's RAM. It's the only time when data is encrypted.

Harvesting the collected data

In the final stage, the threat actor harvests the collected card information for identity theft or fraudulent purchases. In some instances, they extract this data to a remote server where it is either sold or used for other criminal activities.

How to protect your business from POS malware?

Create and implement robust security policies to protect yourself from threat actors.
Use two-factor authentication (2FA), this ensures additional verification steps.
Check and verify network and device security
Lookout for suspicious activities
Inform and educate employees, and provide them proper POS training.
Use security software like antivirus to protect your business from external threats.



 

Medibank

Australian Companies Business Cyber Attacks Cyber Insurance Medibank

Rise of Cyber Insurance Due to Hackers

The new technologies used by hackers to invade victims’ systems are becoming a concern for organizations and companies. Many organizations are providing cyber insurance to protect the data of users and businesses.

Australian companies are investing more than $800 million in cyber insurance in the next two years. This is a part of their strategy to create the protection of the companies and safeguard them from malicious attackers. The government has also put up higher penalties in case of breaching data.

The malware attacks on Optus and Medibank caused great harm to their financial building. Macquarie Research proved that there has been an increase in investment by companies to safeguard themselves against such attacks.

The analyst of the investment bank evaluated that the premium cyber insurance had doubled since 2020 to $840 million this year in Australia. They also added in the report that this number will rise to $815 million by 2024.

Cyber insurance is comparatively an unpopular market, and it is still a smaller market than other insurances. However, a rise in cyber insurance demand has been noticed by analysts which is complemented by an increasing need for cyber protection.

In one of the reports, the analysts explained that attacks on Medibank and Optus will increase the number of cyber insurances. Currently, 68% of the ASX 200 companies have already bought cyber protection.

It is expected that there could be further significant price increases across all industries over the next 12-24 months in response to the proposed backdating of higher fines in Australia.

Analysts believe that the majority of costs incurred by companies as a result of a cyberattack are legal and consulting expenses to rebuild their technology. This is besides fines and ransoms when a company is attacked. The research found that, despite previous warnings for boards to pay more attention to cyber risks, rating agencies still did not pay enough attention to the same when assessing companies' environmental, social, and governance (ESG) risks.

In other words, "Data is the new coal - once the greatest asset on the balance sheet, it is now the greatest contingent liability on that balance sheet," said a recent study.

Additionally, there has been a breach of data at a shopping website owned by Woolworths over the last month. This is in addition to the hacks of Optus and Medibank. In the past week, there has been an attack on the Smith Family.

Insurers may be able to absorb the losses incurred as a consequence of the Optus and Medibank attacks without the need to increase premiums, according to Ben Robinson, placement manager at insurance broker Honan. Despite these incidents, the head of the insurer said companies should pursue cyber risk management to deal with the challenges of the digital age.

According to Robinson, who practices cybersecurity risk management as part of his firm's corporate consulting services, compliance requirements are getting tighter as they try to reduce vulnerabilities. His clients range in size from $250 million to about $3 billion in market capitalization.

Moreover, Macquarie's research indicated that insurers were "dramatically" altering their risk appetite, with some insurers declining to quote for companies that were not equipped with the correct controls, and others declining to offer them quotes in the first place.

The analysts also pointed out that smaller organizations could have difficulty getting adequate cyber protection by relying on local insurers. This is because only half of those on the local market offer cyber products to small and medium businesses, as their survey indicates.

A small amount of cover is provided by ASX-listed insurers in the cyber insurance market, though Macquarie’s analysts believe that Insurance Australia Group and QBE will be looking at ways of gaining a small amount of market share shortly.

According to a spokesperson for QBE, "cyber insurance constitutes a small fraction of the company's global business, and it has traditionally not been a focus for the company. However, as a priority, meeting the needs of our customers is crucial, and we need to make sure that our products are designed to address these needs."

IAG offers small and medium-sized businesses cyber insurance through its brands CGU and NRMA, which are available through its Insurance division. It has, however, been reported that demand for the company's products has not significantly increased as a consequence of the attacks on Optus and Medibank.

Integrated Business Management Solution – Catalize



 

Solution Center

Business catalize CRM Software HR Solutions Solution Center

Integrated Business Management Solution – Catalize

Organizing and managing a business could be a hassle, especially when you're setting about. With Catalize, you can support, improve and automate your business by creating a streamlined digital workplace. Catalize provides modern ways to manage internal and external projects efficiently with a focus on consumer businesses, the company specializes in the ERPNext, the agile open-source ERP platform built with Framework, a low code web framework in Python and JavaScript. They can aid you with their class apart solution, approach, and technology.

ERPNext is an advanced, user-friendly, free, open-source business system that allows businesses to run more effectively as it supports various aspects of retails including distribution, manufacturing, trading, services, et Cetra. Primarily focusing on aiding services companies, Catalize offers quick and quality solutions by employing emergent technologies to address issues and manage operations which in turn boost productivity by effectively optimizing the processes viz; sales, purchase, manufacturing, CRM, accounting, and HR, to name a few.

With a focus on accelerating digital transformation, Catalize offers a comprehensive range of highly qualified solutions powered by digital enablement. The company's services integrate all aspects of business management comprising People/HR Management, Sales and CRM, Inventory and Purchase, Accounting, Business Intelligence and Reporting, Manufacturing and Planning, and Project and Order Management.

Catalize consists of partners and associates who are adept in their respective fields of specialization with substantive experience and expertise. The team of over 10 experienced professionals and techno entrepreneurs with exhaustive industry experience at Catalize combines implementation capabilities with extensive knowledge of standards expected in the global marketplace. Their approach towards helping their customers solve business issues entail the following:

• Requirement Understanding

• Project Planning & Organization

• Functionality Assessment & Design

• Customization & Design

• Implementation & Training

• Post Implementation Support

In a short span of its advent, the company has successfully delivered more than 25 projects of partial and full implementation and degradation across India and the Middle East for industries such as shipping, education, manufacturing, trading, BFSI, IT, et cetera. Finaxar, RAN, SIIM, HASHh, Pacific Rim Plantation Services, Active International Trading & Contracting Co., SAS Photography, Vridhi Maritime Pvt. Ltd are some of the company's top clients.

The tenacity coupled with the technical excellence at Catalize provides benefits such as Integration of information, Uniformity and process efficiency, Increase in customer satisfaction, Business Intelligence and reporting, Productivity improvement, Accessibility, and accuracy of records. Here's a quick way to reach out to Catalize: hello@catalize.in

Cyberattacks In Companies Result in Customer Prices, Cost of Doing Business



 

Sophos

Business business risks customer privacy Cyber Attacks ransomware. Sophos

Cyberattacks In Companies Result in Customer Prices, Cost of Doing Business

If a person visits his favorite store that suffers cyberattacks frequently, he might think that someone stole his wallet. These types of data breach or cyberattack, the sense of fear, isn't new to the users. The rise in number of attacks, impact and the cost of these breaches, however, are new, customers notice. In today's date, a customer is up-to-date about these attacks, compared to earlier times. They affect the customers directly more in present times after all, like when threat actors steal personal data from a big organization.

How do the customers think about such attacks?

When threat actors target organizations, consumers pay the cost too. In simple terms, customer suffers from the price increase of goods and services. "When attackers sell customer data on the dark web and other criminals buy that data, they can turn an enterprise attack into hundreds of others. It can spin off into credit card fraud, identity theft, and a world of social engineering scams. Cyberattacks may strike once, but identity- and personal data-related fraud is forever," reports Security Intelligence.

Cyberattacks affect costs because of ransomware payments, lawyer fees, increased insurance rates, cost of returning everything back online, and operational failure. The costs are paid by the companies, but at the last, the customers have to pay the prices. The costs of these attacks are increasing every year. According to Sophos survey, the average cost of a ransomware attack, for example, was $1.85 million in 2020 — double the previous year.

The future keeps getting dark, cyberattacks costs across the world are said to increase by 15% per year for the next five years, said to reach $10.5 trillion per year by 2025, as per the cybersecurity experts. The rise is in the cost of doing business, which will affect the customer prices. According to Security Intelligence, "the rise in cyberattacks on businesses has heightened consumer worries in the past year. Some 44% feel more at risk from cybercrime than they did before the COVID-19 pandemic began, according to the Norton survey."

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Showing result(s) for

Popular Posts

Pages

Menu Item

Navigating the AI Implementation Maze

Why Half of Business AI Projects Get Abandoned

The Hype vs. Reality

1. Unrealistic Expectations

2. Data Challenges

The Implementation Pitfalls

1. Lack of Clear Strategy

2. Talent Shortage

3. Change Management

Four-day working: A new challenge?

How can a four-day working week help cybersecurity?

Risks associated with a four-day working week?

POS malware- Your business might be at risk

What is POS malware?

How does the POS malware work?

POS malware takes the following steps to attack your business:

How to protect your business from POS malware?