Security Breach Update
17 May 2019

New RansomwareAs you’ve probably noticed from tuning into our weekly newsletter, ransomware attacks are increasing in scope and severity at an alarming rate.

Security researchers are now tracking a new ransomware that is infecting computers by disguising itself as anti-virus software. Talk about a malicious advancement for an already meticulous cybersecurity threat.

This latest file-locking malware is disguised as an anti-virus installation that users willingly download on their computers. Victims are lured by the false request through phishing emails that prompt users to “update and verify” their anti-virus software with an embedded link.

When users click on the link, the malware downloads ransomware and an outdated anti-virus software. The download begins encrypting files in the background while unknowing users complete the anti-virus software installation.

While this tactic isn’t necessarily new, its re-emergence should compel companies to train their employees to spot malicious materials and to create a comprehensive plan for dealing with phishing scams, malware, and ransomware attacks.

Recent Breaches

United States – Wyzant – Online education marketplace that matches tutors with students.

Exploit: Database infiltration

Risk to Small Business: Severe: Hackers took advantage of a database anomaly to steal personally identifiable information (PII) from an undisclosed number of users on April 27, 2019. The tutoring company issued a patch to the database, and a more in-depth investigation is underway.

Risk to Exploited Individuals: Severe: Although it’s unclear how many users were impacted by the breach, PII was definitely made available to hackers. This data includes names, email addresses, zip codes, and more. The company’s platform lets users sign in using their Facebook credentials, enabling hackers to siphon off .jpegs of Facebook profile pictures, which can be leveraged to facilitate phishing scams.

Customers Impacted: Unknown.

Canada – Freedom Mobile – Canada-based Telecommunications Company

Exploit: Server leak

Risk to Small Business: Severe:  Security researchers located an unencrypted company database that contained sensitive personal information for thousands of customers. Not only was the server without a password, the company took a week to secure the leaked data. So far, it is believed that the database is part of a logging system used to determine glitches and errors. However, all information was recorded in plain text, instead of being anonymized and encrypted.

Risk to Exploited Individuals: Severe: The compromised database included customers’ email addresses, phone numbers, home addresses, dates of birth, Freedom account numbers, and IP addresses. At the same time, unencrypted financial data was exposed, including credit card numbers, security codes, and credit score responses.

Customers Impacted:  15,500.

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
17/05/2019

Follow us on LinkedIn:

Related Articles:
The Rise of Security Attacks on Australian Businesses
SonicWall Cyber Threat Report 2019

Written by