Security Breach – 26 Jul 2024

pen testing

Security Breach – 26 Jul 2024

Amidst the range of cybersecurity strategies, penetration testing or pen testing stands out as a vital, proactive practice. Traditionally, due to an unpleasant mix of costs and headaches, businesses would only run pen tests at a frequency demanded by compliance with regulations or insurance requirements. Unfortunately, new zero-day vulnerabilities and innovative cyberattacks emerge at a faster pace than ever before, making pen testing to find security gaps critical for avoiding costly cyberattacks.

The good news is that advances in technology like automation have made pen testing much more affordable, making it possible for cost-conscious businesses to pen test monthly. As businesses navigate the complexities of the digital world, frequent pen testing is a smart move. Proactive cybersecurity is not only a necessity but also a strategic imperative in the ongoing battle against cyber threats.

Recent Breaches

 

Australia – Wattle Range Council – Regional Government Body

Exploit: Ransomware

Risk to Business: Severe: A South Australian council fell victim to the LockBit ransomware gang, which posted details of the attack and stolen data on their darknet site. LockBit claims to have stolen 103 gigabytes of data, including 46,248 files in over 7,000 folders. The stolen documents include complaint notices, rate notices, banking applications, tax invoices, and customer information from the Southern Ocean Tourist Park. The documents, accessed between June 20 and 24, appear legitimate. LockBit has set a ransom deadline of August 4.

United States – Life360 – Location App

Exploit: Hacking

Risk to Business: Severe: Nearly 500,000 Life360 customers just had their data leaked on the dark web. The leak follows a suspected March 2024 data breach. A threat actor using the moniker “emo” released the data on a dark web forum. The hacker said the breach occurred when a flaw in the site’s login API was exploited, exposing users’ first names and phone numbers. The issue has since been fixed. Life360 also owns Tile, the location tracking company that fell victim to a hacker attack a few weeks ago.

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown
26/07/2024

Related Articles:
Vulnerability Management
Ways to Prevent Cloud Breaches