Breach - All Articles - CISO Platform2024-03-29T07:29:34Zhttps://www.cisoplatform.com/profiles/blogs/feed/tag/BreachPoorvika, India's Largest Tech Retailer, Faces Devastating Data Breachhttps://www.cisoplatform.com/profiles/blogs/poorvika-india-s-largest-tech-retailer-faces-devastating-data-bre2023-06-20T10:26:41.000Z2023-06-20T10:26:41.000Zprithahttps://www.cisoplatform.com/members/pritha<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/12046757871?profile=RESIZE_400x&width=400"></div><div><p> In a major blow to the Indian tech retail industry, Poorvika, the country's largest tech retailer, has recently fallen victim to a massive data breach. The breach has resulted in the compromise of sensitive information belonging to both employees and customers. This incident has raised concerns regarding data security and the urgent need for organizations to enhance their cybersecurity measures. In this article, we will delve into the details of the Poorvika data breach and its potential consequences.</p>
<p>According to multiple reports, Poorvika, a prominent name in the Indian tech retail sector, has experienced a significant data breach, resulting in the exposure of sensitive information. The breach has affected both employees and customers, highlighting the severity of the incident. Detailed personal data, including names, addresses, contact numbers, and financial information, has been compromised, leaving individuals vulnerable to identity theft, fraud, and other malicious activities.</p>
<p> </p>
<p><a href="https://www.cisoplatform.com/top-100-ciso-awards-2023?utm_src=p_blog_poorvika" target="_blank">(Many years back we started the 'Top 100 CISO Awards' recognizing the important role a CISO plays in preventing huge breaches. Nominate yourself for the 15th Edition Of Top 100 Awards, The 1st recognition for CISOs)</a></p>
<p> </p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Consequences and Implications : </strong></span></p>
<p>The consequences of the Poorvika data breach are far-reaching and pose significant risks to both the affected individuals and the company itself. For customers, the exposure of their personal information raises concerns about privacy and potential financial losses. Cybercriminals could exploit this stolen data to carry out fraudulent activities, such as unauthorized transactions or identity theft. This breach can have severe implications for the victims, leading to emotional distress and financial instability.</p>
<p>Moreover, Poorvika is likely to face legal and reputational repercussions. Data breaches of this magnitude often result in regulatory investigations, hefty fines, and lawsuits. The compromised trust between the company and its customers may also lead to a loss of business and a damaged brand image. Rebuilding this trust will require substantial efforts on Poorvika's part, including transparent communication, improved security measures, and robust data protection policies.</p>
<p> </p>
<p><span style="font-size:14pt;"><strong>The Need for Enhanced Cybersecurity : </strong></span></p>
<p>The Poorvika data breach serves as a stark reminder of the pressing need for organizations to prioritize cybersecurity measures. In today's digital landscape, where data breaches have become increasingly common, companies must invest in advanced security protocols and technologies. Regular security audits, encryption of sensitive data, and employee training on data protection best practices are essential steps toward mitigating the risks of such incidents.</p>
<p>In addition to organizational efforts, individuals must also take responsibility for safeguarding their personal information. It is crucial to exercise caution while sharing sensitive data online and regularly monitor financial statements for any suspicious activity. By staying informed about data breaches and adopting security best practices, individuals can play an active role in protecting themselves from potential threats.</p>
<p><a href="https://www.cisoplatform.com/top-100-ciso-awards-2023?utm_src=p_blog_poorvika" target="_blank">(Many years back we started the 'Top 100 CISO Awards' recognizing the important role a CISO plays in preventing huge breaches. Nominate yourself for the 15th Edition Of Top 100 Awards, The 1st recognition for CISOs)</a></p>
<p> </p>
<p> </p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Conclusion : </strong></span></p>
<p>The data breach experienced by Poorvika, India's largest tech retailer, has exposed both employees and customers to significant risks. The compromise of sensitive information raises concerns about privacy, financial security, and identity theft. This incident underscores the critical need for organizations to prioritize cybersecurity and implement robust measures to safeguard customer data. It also serves as a reminder for individuals to remain vigilant and take proactive steps to protect their personal information in an increasingly digital world. Ultimately, addressing these challenges will require collective efforts from both businesses and individuals to ensure a secure and trustworthy digital ecosystem.</p>
<p> </p>
<p> </p>
<p><strong>References</strong></p>
<p><a href="https://www.msn.com/en-in/money/topstories/india-s-largest-tech-retailer-suffers-massive-data-breach-sensitive-information-of-employees-customers-compromised/ar-AA1cJeED?ocid=msedgntp&cvid=39668d26aa6e45e4b13362650f4fcd4a&ei=69">https://www.msn.com/en-in/money/topstories/india-s-largest-tech-retailer-suffers-massive-data-breach-sensitive-information-of-employees-customers-compromised/ar-AA1cJeED?ocid=msedgntp&cvid=39668d26aa6e45e4b13362650f4fcd4a&ei=69</a></p>
<p><a href="https://www.india.com/business/indias-largest-tech-retailer-suffers-massive-data-breach-sensitive-information-of-employees-customers-compromised-6119744/">https://www.india.com/business/indias-largest-tech-retailer-suffers-massive-data-breach-sensitive-information-of-employees-customers-compromised-6119744/</a></p>
<p><a href="https://www.websiteplanet.com/news/poorvika-leak-report/">https://www.websiteplanet.com/news/poorvika-leak-report/</a></p></div>Lessons from Uber’s Recent Breachhttps://www.cisoplatform.com/profiles/blogs/lessons-from-uber-s-recent-breach2022-10-09T00:59:23.000Z2022-10-09T00:59:23.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10837348656?profile=RESIZE_400x&width=350"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/xrKM6_endf8" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p>On Sept 15<sup>th</sup> a curious teenage hacker looking for fun, compromised Uber in a serious way, gaining administrative access to the company’s massive cloud instance, development environments, tools, and even their access management server! The hacker joked with how terribly easy it was and shared proof with news outlets, on hacker message boards, and even with employees on Uber’s internal Slack communication tool.</p><p>The attack was not masterful, but rather simple, and yet snowballed into a massive data breach.</p><p>This is not the first big breach that Uber has experienced. Back in 2016 another breach occurred, affecting 57 million people, and executives tried to conceal it. That resulted in a $148 million dollar fine and an agreement with the FTC to maintain a comprehensive privacy program for 20 years.</p><p>As for this recent hack, it started with a simple social engineering attack that granted access to the internal network, then while snooping around a PowerShell script was found that contained administrator level access which cascaded into Super Admin permissions across the company. </p><p>Security experts describe this hack as a “total compromise”, which is a term not often used.</p><p>I see many people pointing a finger at the weakness of behaviors, some say it is a failure of technology, while a handful are defending Uber, saying being breached is an inevitability.</p><p>Well, from where I sit there were failures across the cybersecurity spectrums of technology, behaviors, and processes.</p><p>Let’s cover a few:</p><ol><li>Behaviors: Social engineering targets people, the weakest link, and it appears that the training and security culture could be much improved. Beyond the fact that phishing was the starting point, the reporting of the issue was slow, and even when the crisis team told employees to not use internal tools like Slack, the employees ignored the instructions. </li><li>Processes: Yes, the crisis response process could be improved, especially with getting staff on-board with containment and recovery actions. But the biggest issues are around allowing scripts to have embedded passwords to systems and not requiring more sophisticated authentication for Admin accounts. …and Failsafe Super Admin accounts should be protected and reserved to evict bad actors.</li><li>As for the technology: Strong Multi-Factor authentication should be in place for all Admin accounts. Better oversight and blocking capabilities for remote Admin logins should also be in place. Basically, the principles of Zero Trust, that is gaining so much momentum across security tool vendors.</li><li>Lastly, from an organizational perspective, they are committed to have a comprehensive Privacy program, due to the 2016 data breach, but Privacy is meaningless without the necessary security to go with it.</li></ol><p> </p><p>Uber was lucky this attacker was not malicious. With those permissions, an attacker could destroy the systems and data of the company, probably causing hundreds of millions of dollars and disrupting services for months.</p><p>The bad news is that every organized cybercriminal group, ransomware crew, and nation-state offensive team will be looking at Uber as an easy target. Their history tells a story, the current event is looking egregious, and that might spell doom for Uber in the future.</p><p>Uber, it is time to invest and support a highly capable and enabled cybersecurity, privacy, and ethics program which should be reporting to the CEO and board. In the meantime, there are likely rough roads ahead for Uber.</p></div>Painful Lessons from Uber’s Recent Über-Breachhttps://www.cisoplatform.com/profiles/blogs/painful-lessons-from-uber-s-recent-uber-breach2022-09-20T23:03:11.000Z2022-09-20T23:03:11.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10817502278?profile=RESIZE_400x&width=400"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/xrKM6_endf8" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">Uber’s latest breach is big and fraught with concerns about the maturity of the company’s cybersecurity capability. Failure abounds across their technology, behaviors, and processes. We can all learn from Uber’s mistakes!</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">For more strategic insights and discussions, follow me on the YouTube channel Cybersecurity Insights: <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/cybersecurityinsights" target="_blank">https://www.youtube.com/cybersecurityinsights</a></p></div>Community Webinar On Dissecting Verizon DBIR : What caused 3000+ breacheshttps://www.cisoplatform.com/profiles/blogs/community-webinar-on-dissecting-verizon-dbir-what-caused-3000-bre2022-07-12T05:54:32.000Z2022-07-12T05:54:32.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p>Hello Members,</p>
<p>There has been some very interesting findings in the Verizon DBIR Report 2022. The community has been asking many questions and is excited. We requested a community session from our partner firecompass research division which you can join for free and ask any questions you have. </p>
<p><strong>We are hosting a session on "Dissecting Verizon DBIR : What caused 3000+ breaches" by J.Chauhan (IIT Kharagpur Alumni; Head Research @FireCompass).</strong> Our speaker analyses the report and we understand the most common attack vectors and patterns. In this webinar, we will look deep into the Verizon DBIR report and <strong>find out how attackers navigate to your valuable assets and what you can do about it.</strong> </p>
<p>The last year has been notorious in cyber crime including well publicized critical infrastructure attacks to massive supply chain breaches. In the DBIR report, it has analysed data to find patterns and action types used against enterprises. This year the DBIR team analyzed 23,896 security incidents, of which, 5,212 were confirmed data breaches. (<a href="https://www.verizon.com/business/resources/reports/dbir/" target="_blank">Reference : Verizon DBIR 2022</a>)</p>
<p> </p>
<p><span style="font-size:12pt;">Key Learnings From Session : </span></p>
<ul>
<li>Learn which are the <strong>top 5 attack vectors that contributed to 80% of the breaches ? </strong></li>
<li>Learn about the <strong>rise of the ransomware</strong> & 5 top ways they get the <strong>initial foothold</strong></li>
<li>Learn how <strong>attackers are leveraging web applications in breaches ? </strong></li>
</ul>
<p> </p>
<p>(This is a free session exclusive to ciso platform community members.)<br /> As always, we look forward to your feedback and thoughts. Please send us your ideas on how we can make the community a better value add for you and your peers. Email pritha.aash@cisoplatform.com</p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Session Recording (with Q&A)</strong></span></p>
<p><span style="font-size:10pt;"><strong><iframe title="YouTube video player" src="https://www.youtube.com/embed/l-v7fsLC3fc" width="1110" height="520" frameborder="0" allowfullscreen=""></iframe></strong></span></p>
<p> </p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Executive Summary</strong></span></p>
<p><strong>1. Agenda</strong></p>
<ul>
<li>Objective</li>
<li>Taxonomy of attacks</li>
<li>Top 5 attack vectors that contributed to (approx.) 80% of the breaches</li>
<li>Rise of the ransomwares and few top ways ransomwares get initial foothold.</li>
<li>How attackers are leveraging Web applications in breaches?</li>
<li>What about human errors?</li>
<li>Recommendations</li>
<li>Q/A</li>
</ul>
<p> </p>
<p><strong>2.What Is The Objective ? </strong><br /> The objective to get insights from Verizon DBIR 2022 (Breaches) analysis report and orient the security roadmap, if required.</p>
<p>How can statistics help us ? <br /> Stats based on breaches can tell us where we should focus on. <br /> We believe that continuous security assessment in a way real attackers perform, especially on top of baseline activities such as VA/PT, will help in preventing future potential security incidents and breaches.</p>
<p> </p>
<p><strong>3.Taxonomy Of Attack In The DBIR Report </strong></p>
<p><a href="{{#staticFileLink}}10776419853,RESIZE_930x{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}10776419853,RESIZE_710x{{/staticFileLink}}" alt="10776419853?profile=RESIZE_710x" width="710" /></a></p>
<p> </p>
<p><strong>4.Explain The Taxonomy Of The Attack In The DBIR Report?</strong></p>
<ul>
<li>Taxonomy consists of multiple concepts such as attack patterns, attack vectors and attack varieties etc.</li>
<li>Attack Patterns are the complex form of attacks such as system intrusion. An example of system intrusion is multi stage attacks from outside to inside the network</li>
<li>Attack categories are the group of attack vectors.</li>
<li>An attack vector consists of multiple attack varieties at the individual levels</li>
</ul>
<p> </p>
<p><strong>5.What Are The Top Attack Patterns (Complex Attacks) That Contributes To More Than 80% Of Breaches ? </strong></p>
<p>These are the ones:<br /> System Intrusion - Multi Stage attacks to gain access to systems via one or more attack vectors to install backdoors and ransomware.<br /> Basic Web App Attacks - such as Web vulnerabilities, Credential Stuffing using stolen credentials<br /> Social Engineering - Phishing to lure users to submit sensitive information or download and install malicious code<br /> Misconfiguration - Exposed Panels, Exposed Keys, Public Cloud Buckets etc.</p>
<p> </p>
<p><a href="{{#staticFileLink}}10776423282,RESIZE_930x{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}10776423282,RESIZE_710x{{/staticFileLink}}" alt="10776423282?profile=RESIZE_710x" width="710" /></a></p>
<p><a href="{{#staticFileLink}}10776423468,RESIZE_930x{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}10776423468,RESIZE_710x{{/staticFileLink}}" alt="10776423468?profile=RESIZE_710x" width="710" /></a></p>
<p> </p>
<p><a href="{{#staticFileLink}}10776423480,RESIZE_930x{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}10776423480,RESIZE_710x{{/staticFileLink}}" alt="10776423480?profile=RESIZE_710x" width="710" /></a></p>
<p> </p>
<p><strong>6.How Do Ransomwares Get Initial Foothold ? </strong></p>
<ul>
<li>Ransomwares are the on the rise increased above 20% of the all major breaches. Ransomware generally intrude and gain access to the network using various attack vectors as follows: <br /> Use Stolen credentials <br /> Desktop sharing softwares such as RDP, VPN, Anyconnect etc,</li>
<li>Phishing via email <br /> Install ransomware code</li>
<li>Exploit vulnerabilities <br /> Web applications<br /> Product and Frameworks such as log4j</li>
<li>Errors and Misconfigurations<br /> Open Databases, Kubernetes, docker instances</li>
</ul>
<p> </p>
<p><strong>7.What Automation Is Being Used By Hackers To Attack Enterprises? </strong></p>
<ul>
<li>One of the typical automation, without any human intervention is following</li>
<li>Scan for targets on mass scale</li>
<li>Profile the targets using custom crawlers or fingerprinting techniques</li>
<li>Detect CVEs based on technology, or banner</li>
<li>Attempt exploitation</li>
<li>Attempt persistence</li>
</ul>
<p> </p>
<p><strong>8.What Are The Other Ways To Get Initial Foothold Into An Organization ?</strong></p>
<ul>
<li>Misuse Partner Access using stolen credentials or other means such as phishing</li>
<li>Supply chain attack by compromising devops pipeline, system management tools such as Solarwind etc.</li>
<li>Target desktop sharing software</li>
<li>Use stolen credentials</li>
<li>Exploit a vulnerability</li>
<li>Phishing</li>
<li>Target a Web Application vulnerability<br /> Once the initial foothold is attained, generally a backdoor / c2 agent / ransomware is installed to carry out pivoting<br /> </li>
</ul>
<p><strong>9.How Attackers Are Leveraging Web Applications In Breaches? </strong></p>
<ul>
<li>Web applications are the most exposed assets on the internet.</li>
<li>Attackers use stolen credentials to perform attacks such as Credential Stuffing or brute force attacks</li>
<li>Exploiting a vulnerability,</li>
<li>Misconfiguration such as exposed admin panels etc.</li>
</ul>
<p> </p>
<p><strong>10. What Is The Contribution Of Misconfigurations/Error In Breaches? </strong></p>
<p>The rise of the Misconfiguration error began in 2018 and was largely driven by cloud data store implementations that were stood up without appropriate access controls. <br /> The data tends to be from customers, and it is also the customers who are notifying the breached organizations in a high number of cases. However, Security researchers are still the stars of this Discovery show (although their percentage is down from last year).</p>
<p> </p>
<p><strong>11.Suggested Action Items For Prevention And Mitigation</strong></p>
<ul>
<li>Improve Visibility</li>
<li>Continuos Assessment Of Security Posture</li>
</ul>
<p> </p>
<p><strong>Some Detail Suggestions : </strong></p>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">Continuously Discover Misconfigurations’ </span>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">Admin Panels, Hidden directories, exposed databases</span></li>
<li style="font-weight:400;"><span style="font-weight:400;">Misconfigured DNS, Email servers etc.</span></li>
</ul>
</li>
<li style="font-weight:400;"><span style="font-weight:400;">Continuously Assess your Web Applications</span>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">Better visibility</span>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">APIs, Login Pages, Web App Types (VPN, Admin panels etc.)</span></li>
</ul>
</li>
<li style="font-weight:400;"><span style="font-weight:400;">Attacks</span>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">Credential Stuffing (Stolen credentials)</span></li>
<li style="font-weight:400;"><span style="font-weight:400;">SQLi, SSRF, and more injection attacks</span></li>
<li style="font-weight:400;"><span style="font-weight:400;">Validate Security Control</span>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">SSL, CSP, WAF/Cloudflare, Captcha etc.</span></li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
<li style="font-weight:400;"><span style="font-weight:400;">Perform Social Engineering</span>
<ul>
<li style="font-weight:400;"><span style="font-weight:400;">More depth including installing malware and backdoors </span></li>
</ul>
</li>
<li style="font-weight:400;"><span style="font-weight:400;">Continuously Assess your Desktop Sharing Applications</span></li>
<li style="font-weight:400;"><span style="font-weight:400;">Continuous Credential Stuffing attacks</span></li>
<li style="font-weight:400;"><span style="font-weight:400;">Malwares are the second most common action category in breaches. Perform Assumed Breached Scenarios</span></li>
<li style="font-weight:400;"><span style="font-weight:400;">Build playbooks to emulate supply chain attacks</span></li>
</ul>
<p> </p>
<p> </p></div>Study : Security Breaches In Indiahttps://www.cisoplatform.com/profiles/blogs/ponemon-2016-data-breach-study2017-04-24T17:00:00.000Z2017-04-24T17:00:00.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p>This is a study done by Ponemon Institute on 2016 Cost of Data Breach Study in India. This report includes 150 Indian Organisations who have participated in the benchmarking process.</p>
<p>This study examines the costs incurred by 37Indian companies in 12industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims and/or regulators as required by lawsand business contracts. It is important to note the costs presented in this research are not hypothetical but are from actual data loss incidents. They are based upon cost estimates provided by the individuals we interviewedover a ten-month periodin the companies that are represented in this research</p>
<p></p>
<p><span class="font-size-5">>><a href="https://docs.google.com/a/firecompass.com/forms/d/e/1FAIpQLSdsgGXom4wXu_o4ZqqX3O70A90nqysI_-MhNvSKsl5C0YTcDw/viewform" target="_blank">Download The Report</a></span></p>
<p></p>
<p></p>
<p></p>
<p><strong><span class="font-size-5">Why Read This Report ?</span></strong></p>
<ul>
<li>7 Global Trends In The Cost Of Data Breach Research<br /><br /></li>
<li>Key Findings & Trends from the India Dat Breach Research<br /><br /></li>
<li>Learning the Costs, Factors, Root Causes for the data breach (In Depth with graphical representation)</li>
</ul>
<p></p>
<p><span class="font-size-5">>><a href="https://docs.google.com/a/firecompass.com/forms/d/e/1FAIpQLSdsgGXom4wXu_o4ZqqX3O70A90nqysI_-MhNvSKsl5C0YTcDw/viewform" target="_blank">Download The Report</a></span></p>
<p></p>
<p></p>
<p></p></div>CISO Report: Monthly Breach Report June 2020https://www.cisoplatform.com/profiles/blogs/ciso-report-monthly-breach-report-june-20202020-06-26T06:30:00.000Z2020-06-26T06:30:00.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p><span><a href="https://www.firecompass.com/blog/monthly-breach-report-june-2020/" target="_blank"></a></span></p>
<p><span><a href="https://www.cisoplatform.com/profiles/blogs/ciso-report-monthly-breach-report-june-2020" target="_blank"><img src="https://www.firecompass.com/wp-content/uploads/2020/06/FC-Security-Breach.png-930x620.png?profile=RESIZE_710x" width="738" class="align-full" alt="FC-Security-Breach.png-930x620.png?profile=RESIZE_710x" /></a></span></p>
<p></p>
<p><span>This is a cross post from original source at FireCompass <a href="https://www.firecompass.com/blog/monthly-breach-report-june-2020/" target="_blank">here</a></span></p>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-dad2ad4 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-dd78a32 elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p><span>This report summarizes the top breaches between <strong>mid May to mid June 2020</strong> accounting for the major breaches the world has seen. This helps you in keeping track of the latest hacks and safeguarding your organization by looking at the trends. We share insights to the breach</span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-32fab5a elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-e35c1f3 elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h3 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;">1.“Bank Of America (BofA) Data Breach”</span></h3>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-187d63e elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-e75bb3e elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p><span>Bank Of America Corporation during late May notified of a third party breach through their PPP (Paycheck Protection Program). Compromised information included Address/TIN, Name, SSN, Phone, Email, Citizenship Status. The number of accounts affected were not declared. Officials have notified necessary measures are being taken</span></p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-e275a03 elementor-widget elementor-widget-spacer"><div class="elementor-widget-container"><div class="elementor-spacer"><div class="elementor-spacer-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-aa9f192 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-35e2baf elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h3 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;">2.“BHIM Wallet App Data Breach”</span></h3>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-3dbc71c elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-fcbc302 elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p><span>Another Amazon S3 bucket misconfiguration data breach. Since it’s a payment app, the breach exposed financial and personal details. The approximate is 7 million indian citizen records being affected. The exposed data includes Aadhaar number, DOB, name, gender, biometrics, PAN, Address etc. NPCI has denied any breach. *P.S: The breach was at the CSC (Common Service Center), which is responsible for the website, and has nothing to do with the payment app - BHIM. The company responsible for development of the website & the care-taker of sensitive data is understood to be the Common Services Center(CSC) e-Governance Services Ltd. The CSC scheme is one of the mission mode projects under the Digital India Programme. <br /></span></p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-fbd0ec7 elementor-widget elementor-widget-spacer"><div class="elementor-widget-container"><div class="elementor-spacer"><div class="elementor-spacer-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-210e6d9 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-a3179e4 elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h3 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;">3.“Joomla Data Breach”</span></h3>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div><div><div><div><div><div><div><div><p>Joomla is an open source CMS (content management system). A member of the team left a complete backup of the JRD site (resources.joomla.org) on a AWS S3 bucket. It is known the backup was not encrypted and had around 2,700 registrants. If exposure, details such as name, business id, phone, nature of business, encrypted password etc. could be exposed</p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-fd83a87 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-fd8dd94 elementor-widget elementor-widget-spacer"><div class="elementor-widget-container"><div class="elementor-spacer"><div class="elementor-spacer-inner"></div>
<div class="elementor-spacer-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-1626882 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-fa7a5d1 elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h3 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;">4.“Keepnet Data Breach”</span></h3>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-07b0091 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-62c4b17 elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p><span>Keepnet labs notified an agent exposed 5Billion records database. During maintenance, the firewall was paused for a few minutes when the database got indexed by BinaryEdge. Post this the link was accessible without a password. However no customer data was exposed. It only had previously publicly available data</span></p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-9558cc1 elementor-widget elementor-widget-spacer"><div class="elementor-widget-container"><div class="elementor-spacer"><div class="elementor-spacer-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-e883c32 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-91f83ef elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h3 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;">5.“MU Health Data Breach”</span></h3>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-9796ed4 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-a46f447 elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p><span>Missouri Health Care has notified patients of a september data breach. Information stolen may include name, DOB, medical record numbers, health insurance detail etc. An incident was noticed where an access was noted to email accounts of MU students affiliated with MU Health.</span></p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-28f9d23 elementor-widget elementor-widget-spacer"><div class="elementor-widget-container"><div class="elementor-spacer"><div class="elementor-spacer-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-6c8ff5e elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-895c9ae elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h3 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;">6."San Antonio Aerospace Breach"</span></h3>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-9685745 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-b9ce5f1 elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p><span>The maze ransomware gang hit VT San Antonio and released their data (unencrypted files) from company’s compromised devices. This company is a major American MRO (maintenance, repair, overhaul). They work with defense services, governments and commercial segments in 100 + countries.</span></p>
</div>
</div>
</div>
<div class="elementor-element elementor-element-ffce5ba elementor-widget elementor-widget-spacer"><div class="elementor-widget-container"><div class="elementor-spacer"><div class="elementor-spacer-inner"></div>
<div class="elementor-spacer-inner"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-c538ce9 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-a9cc0db elementor-widget elementor-widget-heading"><div class="elementor-widget-container"><h2 class="elementor-heading-title elementor-size-default"><span style="font-size:18pt;"><a href="https://info.firecompass.com/hacker-view-attack-surface-ad">FireCompass: Get A Hacker's View Of Your Attack Surface</a></span></h2>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p></p>
<div class="elementor-container elementor-column-gap-default"><div class="elementor-row"><div class="elementor-element elementor-element-55db6b8 elementor-column elementor-col-100 elementor-top-column"><div class="elementor-column-wrap elementor-element-populated"><div class="elementor-widget-wrap"><div class="elementor-element elementor-element-d73b931 elementor-widget elementor-widget-text-editor"><div class="elementor-widget-container"><div class="elementor-text-editor elementor-clearfix"><p>Get a free report of your organization’s attack surface from a hacker’s viewpoint (Unsanctioned Cloud Assets, Digital Footprint, Phishing Risks, Misconfigured Infrastructure & more.) The report will be shown as a part of the demo. Here is the link <b><a href="https://info.firecompass.com/hacker-view-attack-surface-ad">To Get A Free Report</a><br /></b> <b>* Limited number of assessments</b></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div></div>California Privacy Rules Updated to Target Shady Practiceshttps://www.cisoplatform.com/profiles/blogs/california-privacy-rules-updated-to-target-shady-practices2020-10-28T16:35:13.000Z2020-10-28T16:35:13.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/H2lc0d2e8L0?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>The California Consumer Privacy Act (CCPA) has been around since 2018, as the more protective data privacy legislation of any state, but not all businesses have been acting ethically in their compliance and respect for user privacy. </p><p>As a result, the CA Attorney General has once again updated the CCPA. This time, to thwart unscrupulous businesses who go out of their way to thwart citizens' attempts to Opt-Out of the collection or sale of their personal information or to request their data deleted.</p><p>I have seen shady actions by companies, most of whom were in the business of acquiring and selling private data, that</p><ul><li><p>Forced users to click through a maze of many links to find how to opt-out</p></li><li><p>Some tried to be sly and use misleading language, like double negatives, to confuse visitors in their options</p></li><li><p>Requiring citizens to (run a gauntlet of marketing messages) be bombarded with tons of marketing messages, trying to convince them to not change their privacy settings, before they could actually get to the screen to Opt-Out</p></li><li><p>The worst of cases actually required citizens to provide even more personal data before they could request to Opt-out of having their private information sold. As a privacy professional, I find that insulting and absurd!</p></li></ul><p>The changes to the CCPA are specific to shutting down such actions, for the benefit of California’s citizens’ rights to privacy.</p><p>My personal thanks to Xavier Becerra for his leadership in making these much-needed changes to close down loop-holes that were allowing the intentional victimization of California’s citizens.</p><p>More work is needed and I hope even broader privacy rules and stronger means of enforcement can be established in the future.</p><p></p><p></p><p>If you like these updates, click the Like button and be sure to subscribe to the <a href="https://www.youtube.com/channel/UC4hKNPYJVm5MAgkFdGXSc7A">Cybersecurity Insights channel</a> for more rants, news, and perspectives.</p></div>Check to See if EMOTET Botnet Has Your Email Passwordhttps://www.cisoplatform.com/profiles/blogs/check-to-see-if-emotet-botnet-has-your-email-password2021-01-28T20:03:25.000Z2021-01-28T20:03:25.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><a href="{{#staticFileLink}}8669841086,original{{/staticFileLink}}" target="_blank"><img src="{{#staticFileLink}}8669841086,original{{/staticFileLink}}" class="align-center" alt="8669841086?profile=original" /></a></p><p>Happy Privacy Day! Now go check to see if EMOTET botnet has stolen your email and password. </p><p>Europol and a team of global law enforcement have successfully taken down part of the EMOTET botnet infrastructure and seized private data harvested by the cybercriminals. Europol had made it easy for users to check to see if their email is part of that compromised dataset. </p><p>Link to check: <a href="https://www.politie.nl/themas/controleer-of-mijn-inloggegevens-zijn-gestolen.html">https://www.politie.nl/themas/controleer-of-mijn-inloggegevens-zijn-gestolen.html</a></p><p><a href="{{#staticFileLink}}8669841086,original{{/staticFileLink}}" target="_blank"></a></p></div>