Week in Breach- last post of 2018

Databreach

This week, Caribou Coffee gets roasted, and memes are being used as code.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (100%)
Top Compromise Type: Domains
Top Industry: Legal
Top Employee Count: 251 – 500 employees (50%)


United States – Caribou Coffee

https://www.zdnet.com/article/caribou-coffee-chain-announces-card-breach-impacting-239-stores/

Below is a link to the notification published by Caribou regarding the affected locations: https://assets.coffeeandbagels-static.com/cariboucoffee/Data-Security-Notice.pdf

Exploit: Compromise of POS systems.
Caribou Coffee: A large coffee chain in the United States.

correct severe gauge Risk to Small Business: 1.777 = Severe: A breach of this magnitude would have a negative impact on any organization for a long time. Around 40% of the company’s locations were affected by the breach, with all cards used during the breach being considered accessed.
correct moderate gauge Individual Risk: 2.428 = Severe: Those affected by this breach are at an increased risk of identity theft. Those who used a credit or debit card at the organization between August 28, 2018, and December 3, 2018.

Customers Impacted: 239 of the organization’s stores were affected by the breach.

How it Could Affect Your Business: Credit card information being accessed is never good for business. Customers tend not to forget the company whose breach resulted in them losing money.

ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type.
Learn more:Learn more: https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United Kingdom – Steelite

https://cyware.com/news/pottery-giant-steelite-international-hit-by-a-massive-cyber-attack-0b640be8

Exploit: Ransomware.
Steelite: A Middleport-based company that manufactures tableware for the hospitality industry.

correct severe gauge Risk to Small Business: 1.888= Severe: The risk to small business in this scenario is very high. Ransomware is becoming more and more prevalent in the cyber-crime scene as it is a low-risk/ high reward attack vector.
correct moderate gauge Individual Risk: 2.571= ModerateIt is unclear if payroll information was accessed, but due to the sensitive nature of the encrypted files, it would be best to be cautious.

Customers Impacted: The employees who work at the organization are the ones at risk.

How it Could Affect Your Business: Payroll information is vital for operating a business, which makes this attack particularly damaging. Many organizations would not have the resources available to rebuild their payroll servers so quickly, which would leave them in a precarious situation.

ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go to https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:
Facebook, What Are You Doing?
Facebook continues to let down its users this week… this time by providing user data to a wide variety of large companies for commercial purposes. Some of the companies that took advantage of Facebook’s fast and loose outlook on its customers’ data include Apple, Amazon, Microsoft, Spotify, and Netflix. The information even included private messages between users. When Amazon was asked about how it used the user data Facebook provided them, their official statement stated they used the data “appropriately,” which is not very comforting.

https://www.theverge.com/2018/12/18/18147616/facebook-user-data-giveaway-nyt-apple-amazon-spotify-netflix

What We’re Listening To
Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e



Twitter Memes
Researchers have discovered a malware that is being distributed by hackers, which receives instructions from… memes.

That’s right, this form of malware that targets Windows systems can “capture local screenshots, enumerating applications on the system, checking for vulnerabilities in them, capturing clipboard content, and sending files back to the attacker.” It also can receive instructions from Twitter memes. This type of communication is known as stenography and hypothetically could be used to instruct many people at once with memes, while surpassing most detection systems.

So, stay frosty this holiday while perusing the interwebs for memes! Make sure all your systems are up to date and your credentials aren’t compromised… better to enjoy this season!
https://www.darkreading.com/threat-intelligence/memes-on-twitter-used-to-communicate-with-malware/d/d-id/1333518

About Vic Levinson
Telecommunications and IT professional with over 25 years experience in Business Technology Solutions. Specializing in managed technologies solutions : hosted VoIP, cyber security, help desk, remote monitoring and maintenance, cloud work space and - the works. Founded Prime Telecommunications in 1993 and providing business communications solutions. Cloud Applications- everything from hosted network security, hosted Disaster Recovery, hosted printer management, data centers and colocation solutions for businesses.

Comments are closed.

%d bloggers like this: