13 Oct Security Breach – 13 Oct 2023
In today’s fast-paced cybersecurity world, with zero-day exploits and novel cyberattacks lurking around every corner, companies need to ensure that they haven’t left any gaps in their defences. Cybercriminals are constantly evolving their tools and techniques, and companies need to stay a step ahead to keep them out of their systems and data. One essential method for companies to do that is to do penetration test. This security tool gives companies insight into the resilience of their defences to help the company locate security flaws before those flaws are exploited in a cyberattack.
A penetration test, often called a pen test, is a security tool that launches mock cyberattacks to find vulnerabilities in a computer system. This testing enables IT professionals to find security gaps and identify how bad actors could circumvent the security features of an application, system or network. Most penetration tests involve looking for combinations of vulnerabilities on a single system or multiple systems that can be used to gain more access than could be achieved through a single vulnerability. Penetration tests play a crucial role in helping organisations proactively identify and mitigate security threats before malicious actors can exploit them, thereby enhancing their overall security resilience.
Recent Breaches
Australia – Royal Women’s Hospital – Medical Centre
Exploit: Credential Compromise
Risk to Business: Moderate: The Royal Women’s Hospital in Melbourne has fallen victim to a data breach. The hospital said that cybercriminals had gained unauthorised access to a staff member’s private email account, which had been used to review and coordinate patient appointments and care strategies. An investigation uncovered that personal information belonging to 192 patients may have been exposed. Officials were quick to emphasise that there was no breach of the hospital’s official email or IT systems and that the electronic medical records of patients remain secure.
Japan – Sony – Electronics and Entertainment Conglomerate
Exploit: Ransomware
Risk to Business: Severe: Sony revealed that it has suffered a data breach related to the MOVEit vulnerability. The company said that 6,800 current and former employees had data exposed in this indent. The Cl0p ransomware group, the gang behind the hack, added Sony to its leak site in July, but Sony just confirmed the hack. The company said that the incident occurred on May 28, just two days before the vulnerability was made public.
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
13/10/2023
Related Articles:
Ransomware Pretending to be a Windows Update
32.4% of employees will fall for phishing scams