Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Online Threat. Show all posts
Online Threat
Cyber Awareness Cyber Security Cyberattacks CyberCrime CyberThreat Datasecurity First American Expose Online Threat

Security Lapse at First American Exposes Data of 44,000 Clients

 


It has been reported that First American Financial Corporation, one of the largest title insurance companies in the United States, was compromised in December when its computer systems were taken down due to a cyberattack that compromised the information of almost 44,000 individuals. Since its founding in 1889, this organization has provided financial and settlement services to real estate professionals, buyers, and sellers involved in purchasing and selling residential and commercial properties. According to the company's report, it generated $6 billion in revenue last year, resulting in over 21,000 employees. 

First American Financial Services announced on December 21 that it had taken some of its systems offline today to contain the impact of a cyberattack, as the financial services company provided little information as to the nature of the attack in a statement provided in the statement. 

First American announced the following day that they had taken their email systems offline as well and that First American Title and FirstAm.com subsidiaries had also been affected by the same. Almost a week later, on January 8, 2024, the financial services firm announced that it was starting to restore some of its systems, but the full restoration of the company's systems was not announced until a week later. 

In December, First American informed the Securities and Exchange Commission (SEC) that the company had suffered a data breach resulting from a computer incident, as well as that certain non-production systems had been encrypted as a result of the data breach. As of May 28, an updated form filed by the company indicates that their investigation into the incident has been completed. A company update reads: "After reviewing our investigation and findings, we have determined that as a result of the incident, we may have been able to access the personally identifiable information of nearly 44,000 individuals without their permission," the statement reads. 

According to the title insurance provider, “the Company will provide appropriate notification to potentially affected individuals and offer those individuals credit monitoring and identity protection services at no charge to them.” Five months later, on May 28, the company announced it would not be providing credit monitoring and identity protection services to potentially affected individuals at no cost to them. 

The US Securities and Exchange Commission (SEC) has confirmed that the attackers gained access to some of its systems and were able to access sensitive information collected by the organization after an investigation into the incident was conducted. A full report of the incident has been prepared. In the meantime, the investigation has been completed and the incident has been resolved by the company. First American has concluded that as a result of our investigation and findings, personal information regarding about 44,000 individuals may have been accessed without authorization," the company stated. 

There will be no costs for affected individuals to use credit monitoring and identity protection services if proper notification is provided to them. The company will provide appropriate notifications to potentially affected individuals. First American Insurance Company, which is considered the second-largest title insurance company in the nation, collects personal and financial information of hundreds of thousands of individuals each year through title-related documents and then stores it in its EaglePro application, which was developed in-house, according to DFS of New York. 

There was a security vulnerability that was discovered by First American senior management in May 2019 that allowed anyone who had access to EaglePro's link to access the application without requiring any authentication to access not just their documents, but those of individuals involved in unrelated transactions as well." Similarly, Fidelity National Financial, a title insurance provider in the United States, was also the target of a "cybersecurity issue" in November of last year. Various levels of disruption to the company's business operations meant that some of its systems were also taken offline to contain the attack, as a result of which some operations were disrupted. An SEC filing made in January confirmed that the attackers had stolen the data of approximately 1.3 million customers using malware that did not self-propagate and that did not spread through network resources.
Read more »
vCISO
Cybersecurity Digital Security Online Threat Privacy vCISO

What Is The Virtual Chief Information Security Officer?

 


In our fast-paced digital age, where everything is just a click away, ensuring the safety of our online space has become more important than ever. It's like having a virtual fortress that needs protection from unseen threats. Now, imagine having a friendly digital guardian, the Virtual Chief Information Security Officer (vCISO), to watch over your activities. This isn't about complex tech jargon; it's about making your online world safer, simpler, and smarter.

Understanding the vCISO

The vCISO operates from a remote stance yet assumes a pivotal role in securing your digital assets. Functioning as a vigilant custodian for your crucial data, they meticulously enforce compliance, maintain order, and mitigate potential risks. Essentially, the vCISO serves as a professional guardian, even from a distance, ensuring the integrity and security of your data.


Benefits of Opting for a vCISO

1. Save Costs: Hiring a full-time CISO can be expensive. A vCISO is more budget-friendly, letting you pay for the expertise you need without breaking the bank.

2. Flexibility: The vCISO adapts to your needs, providing support for short-term projects or ongoing guidance, just when you need it.

3. Top-Tier Talent Access: Imagine having a pro on speed dial. The vCISO gives you access to experienced knowledge without the hassle of hiring.

4. Strategic Planning: A vCISO crafts specific security plans that align with your business goals, going beyond mere checkboxes to authentically strengthen the defenses of your digital infrastructure.

5. Independent View: Stepping away from office politics, a vCISO brings a fresh, unbiased perspective focused solely on improving your security.

Meet Lahiru Livera: Your Virtual Cybersecurity Guide

Lahiru Livera serves as a trusted expert in ensuring online safety. He's skilled at spotting and tackling problems early on, setting up strong security measures, and acting quickly when issues arise. Moreover, he shares valuable knowledge with your team, enabling them to navigate the digital world effectively and become protectors against potential online threats.

Whether your team is big or small, consider getting a vCISO. Connect with Lahiru Livera, your online safety guide, and firmly bolster digital existence of your team to withstand any forthcoming challenges.

All in all, the vCISO presents a straightforward and cost-effective method to ensure online safety. Think of it as having a knowledgeable ally, readily available when needed, without straining your budget. Lahiru Livera stands prepared to assist you in identifying potential issues, establishing intelligent protocols, and transforming your team into adept defenders against online threats. 


Read more »
Sensitive data
aerospace giant Boeing data breach CISA report Cybersecurity Data Breach Extortion Hacking Group Lockbit cybercrime Online Threat Ransomware attack Sensitive data

Boeing Evaluates Cyber Group's Data Dump Threat

 

Boeing Co announced on Friday that it is currently evaluating a claim made by the Lockbit cybercrime group, which asserts that it has obtained a significant volume of sensitive data from the aerospace giant. The group has threatened to release this information online unless Boeing pays a ransom by November 2.

To emphasize their ultimatum, the hackers displayed a countdown timer on their data leak website, accompanied by a message stating, "Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!"

The group conveyed that, for now, they will refrain from providing lists or samples of the data in order to safeguard the company. However, they asserted that this stance may change before the deadline arrives.

Lockbit typically deploys ransomware on an organization's system to encrypt it and also pilfers sensitive information as a means of extortion.

A spokesperson for Boeing stated, "We are assessing this claim" via email.

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Lockbit was the most active ransomware group globally last year, based on the number of victims it claimed on its data leak blog.

The gang, known for its eponymous ransomware, which emerged on Russian-language cybercrime forums in January 2020, has reportedly conducted 1,700 attacks on U.S. organizations since then, as per CISA's report in June.

Lockbit did not disclose the volume of data it purportedly acquired from Boeing, nor did they reveal the ransom amount they are demanding. Boeing declined to provide further comments.

The hacking group has yet to respond to a request for comment sent to the address mentioned on their data leak site.
Read more »
User Privacy
Cyber Attacks cyber threat Data Safety Online Threat Social Engineering User Privacy

Quid Pro Quo Attacks: Cyber Threat to Watch Out For

 

A threatening message appears out of nowhere. You owe money, or a loved one is in jeopardy, according to the sender's unknown claims. They threaten consequences unless you cough up the cash or disclose personal information.

To say the least, it's unsettling. These "quid pro quo" attacks appear to be on the rise as well. But what is a quid pro quo attack, and how can you avoid one? 

Explaining the Quid Pro Quo attack 

The Latin phrase "quid pro quo" alludes to a value exchange--receiving something in exchange for something else. A quid pro quo strategy has several forms in the context of attacks or scams:

Extortion: It occurs when an attacker gains access to or claims to have sensitive personal data such as images, messages, or browser history. They threaten to make the information public unless the victim pays a ransom. 

Social Engineering: The attacker creates a pressing situation, such as an emergency or a time-sensitive bill. They trick the victim into giving money or disclosing personal information immediately.

Bribery/presents: The hacker promises the victim money, presents, exclusive opportunities, or other incentives in exchange for sensitive data, obscene photos/videos, meetings, and so on. 

How quid pro quo attacks target victims 

There are several possible settings for quid pro quo attacks. In exchange for the user's login and password, attackers may impersonate someone from an internal or external IT department and promise to deliver a free virus scan to make the user's device operate more efficiently. An attacker could acquire access to the company's network and install malware even with this minimal information. 

The attackers can also target home-based employees who receive a call from a specific credit union advertising a low-interest credit card or refinance rate for XYZ firm. To claim the offer, the employee simply needs to enter their social security number, employee ID number, and birthday to validate their credit score. 

Most quid pro quo plans involve the attacker providing enough information to make the offer sound reasonable (and most people are looking for a good bargain), so the user delivers the information without considering the potential liabilities.

People impersonating government authorities (such as the Internal Revenue Service, Department of Motor Vehicles, or Social Security Administration) can also be employed in quid pro quo attacks. They may offer to settle a disagreement in exchange for the user's social security number or other personally identifiable information, allowing the perpetrator to steal the victim's identity.

Prevention tips

There are a lot of shady folks on the internet these days. Knowing how to defend yourself against quid pro quo attacks is therefore critical. 

First and foremost, vigilance is essential. Be careful of any random emails, calls, DMs, or other communications that make big offers or threats. Examine for telltale symptoms of a fraud, such as urgency, ambiguous details, spelling and grammar errors, and so on. 

Consider whether a trustworthy business or individual would contact out in this manner. The IRS will not reach out to you cold and demand quick payment, and Nigerian princes will not suddenly offer you money. It all comes down to weighing the likelihood of the situation. 

Speaking about calls, refrain from providing personal information to telemarketers. Your name and information will be known by official organisations like your bank. They won't randomly phone and ask you to confirm something. Hanging up and making a second call on a business line is considerably safer. 

The same is true for attachments and links. Move forward with great caution. Phishers are cunning; they make bogus emails that seem authentic. Therefore, before clicking a link, hover over it to see what the actual URL is. Verify if they correspond to the actual site. And be careful not to download malware by opening attachments from unknown senders. 

And, of course, never give money, gift cards, or sensitive information to strangers online for any reason. Legitimate help organisations will not cold mail you in this manner. Donate only to verified groups through the official website.

Last but not least, maintain your antivirus, firewalls, and devices up to date. This closes security weaknesses that hackers exploit. It's best to automate software updates wherever feasible so you don't have to think about it.
Read more »
Taguig School Bomb Threat
Cyber Crime National Children's Month online bomb threat Online Threat Taguig School Bomb Threat

Grade 9 Student Behind The Taguig School Bomb Threat


Taguig police have detained a 16-year-old student of 9th Grade for being involved in an online bomb threat. On Monday, November 14, the Philippine National Police (PNP) Anti-Cybercrime Group reported that it was the student who was running the Facebook account, commenting bomb threats on a flag-raising ceremony live stream. 

On the morning of November 7, the Taguig local government unit (LGU) was live streaming the city hall flag-raising ceremony for the National Children’s Month on its Facebook page ‘I Love Taguig.’ During this, an account by the name “Sofia Smith” started posting comments stating they would “kill all the students at Signal village” with an explosive. Consequently, the comments induced fright and panic among students, parents, and teaching staff present at the ceremony. 

In a video report shared on November 14, by Taguig Mayor Lani Cayetano and Chief of Police Colonel Robert Baesa, Lieutenant Colonel Jay Guillermo of the PNP Anti-Cybercrime group stated that following the bomb threats, the police tracked the IP address, location, mobile number, and real identity of the person behind the account “Sofia Smith.” 

After determining the identity of Sofia Smith, the 16-years-old student, and confiscating the cell phones belonging to the suspect, the police continued with the forensic investigation of the cell phones. Further investigation deduced that there were multiple log-ins on numerous Facebook accounts by the same IP address, indicating that the suspect’s account may as well have accomplices in making the bomb threats. 

Reportedly, the student sought support from a former street sweeper who was bitter over being fired by the school authority. The two accused are now in police custody facing charges for the threatening comments and act of terrorism, for which the accused could be charged with at least 12 years of imprisonment.

In regards to the case, Mayor Maria Laarni “Lani” Cayetano says that she will let the law take its course. Adding to this, she appealed to “not make the situation worse” by conducting any harmful action against “Sofia Smith,” taking into consideration that she is a minor.  

Read more »
Subscribe to: Posts (Atom)