Friday, November 16, 2018

Hackers are Bundling Up This Fall.

Well, it’s nearing the end of the year. You know what that means: it’s time for the ‘best of 2018’ collections to start coming out. One category is Best Movies of 2018… personally, I think The Incredibles 2 is at the top of that list. Another category is Best of Ransomware. Yes, there is a ‘best of the year’ collection for cybercriminals. To the surprise of no one, the ransomware collection is being sold on the Dark Web, but there are many surprising elements to the bundle.
First off, the fact that the year’s most dangerous ransomware variants are being sold as a package deal at a reduced price should show the... professionalism… of the Dark Web marketplaces, as strange as it is to use that word to describe cybercriminals. This crime-as-a-service model is nothing new, but this bundle is undoubtedly a step above the norm. There are 23 ransomware variants included in the bundle, including SamSam. Yes, the notorious SamSam ransomware is included in the bundle. If you don’t know what SamSam is, it is a variant of ransomware that is infamous because of the high-profile targets it has been used against and because until now, it was under lock and key deployed only by a highly specialized group.
This bundle is not for inexperienced hackers, however, which would be worse than the current situation. An unskilled hacker would find difficulty putting most of the bundle to use. The bundle will be removed from the marketplace after sold 25 times, according to the seller, although it is unclear why this is the case. Don’t let one of the hackers who buy this bundle use it against your business! See last week’s The Week in Breach for tips on avoiding ransomware.

Need help? Give us a call at 877.860.5831

Thursday, November 15, 2018

Webinar | Is Your Business Protected Against the Dark Web? Find Out Now!

Did you know that your digital credentials can be sold for $1 in the secretive corners of the Dark Web? It's a small price for a cyber crime that steals your identity, breaches your data, and could cost your company millions. 
User names, passwords, business applications, and online services -- they're all vulnerable to lurking cyber criminals. They're easily compromised and you might not even know it until it's too late.
Worried yet? You should be.
Find out if your critical assets are exposed before the damage is done with Dark Web Monitoring, a cutting-edge threat intelligence and identity monitoring solution.
In this webinar, you will learn:
  • What makes up the Dark Web & why it's so lethal
  • How everyone in your organization is at risk of exposure
  • The ways Dark Web Monitoring provides real-time awareness of compromised credentials before identity theft or data breaches occur
  • How Dark Web Monitoring will safeguard your business & protect your assets, employees & customers from threats
Sign up to attend this webinar & receive a free, one-time scan of your ID credentials to see if you're exposed!

Register here:

Monday, October 29, 2018

Multi-factor fact

The Dark Web Monster

The Dark Web MonsterWhen looking for a job, usually you would check one of the many job hunting sites you see in commercials or circle ads in newspapers (at least at one point you did). Some people do something very similar… but on the Dark Web searching for an illicit job. Many job postings on the Dark Web seem like normal job ads. But when you look closer you will notice that advert for a driver not only needs the person to drive but also transport drugs. The driver would make $1,000 for a week of work, not including the living expense compensation. One of the more lucrative opportunities on the Dark Web job market is the corporate insider. The most common target is financial employees who, in one example, are offered $3,150 to get a loan or increase cash withdrawal limits on a card. Postal workers are also targeted to steal packages.
The Dark Web is lucrative for those willing to risk their job and possibly their freedom for money. Be careful of both insiders and the wide array of illicit software sold there.

Thursday, October 25, 2018


This week Tumblr was breached and we explore Dark Web job postings.
Dark Web ID Trends:
  • Total Compromises: 3,767
  • Top Source Hits: ID Theft Forum (1,429)
  • Top PIIs compromised: Domains (3,761)
    • Clear Text Passwords (876)
  • Top Company Size: 11-50
  • Top Industry: Business & Professional Services and Finance & Insurance

Exploit: Exposed database.
Magen David Adom: The state of Israel’s aid and disaster relief organization.Risk to Small Business: 1.444 = ExtremeA large breach of medical and payment information is highly damaging to business and could take a significant amount of time to regain the trust of its clients.Individual Risk: 2.285 = Severe: Those affected by this breach will be at a high risk of identity theft.Customers Impacted: Not disclosed.How it Could Affect Your Customers’ BusinessThe negative impact of a breach of this nature could influence relationships with customers and other businesses for years to come.ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that is vital for those affected by a breach such as this. Learn more: Levels:1 - Extreme Risk2 - Severe Risk3 - Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
United States – Disqus Exposed DatabaseDisqus: A network community platform that allows users to blog or comment on other company’s websites. It can be installed as a plug-in or drop-in code. Disqus collects user data on the back end and allows companies to use this information for customer analytics, etc…Risk to Small Business: 2.4444 = Severe: Although roughly 1/3 of the 17.5 million records compromised involved passwords, they happened to be salted/hashed. The company also discovered and announced the breach in a quick manner and notified the affected customers.Individual Risk: 2.4286 = Severe: Those affected by this breach will be at a high risk of identity theft.Customers Impacted: 5.8 millionHow it Could Affect Your Customers’ BusinessThe breach involved a large number of customers; however, the database was from 2012 and most credentials could have already been changed. While this is damaging to Disqus’ reputation, they followed protocol and demonstrated how to do breach disclosure the proper way.ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that is vital for those affected by a breach such as this. Learn more:
United States – Tumblr Bug.Tumblr: A popular blogging website.Risk to Small Business: 2 = Severe: While Tumblr deserves some credit for 1. Having a bug bounty program that resulted in catching this bug, and 2. Fixing the bug in less than 12 hours after it was discovered, many customers will not appreciate their personal information being leaked and will react accordingly. Tumblr’s timely response, disclosure of the breach, and its bug bounty program will likely reduce the impact on the business significantly.Individual Risk: 2.714 = Moderate: Email addresses were leaked so those affected by the breach are at a higher risk of spam.Customers Impacted: All of the ‘recommend blogs’ shown on Tumblr.How it Could Affect Your Customers’ BusinessA breach that exposes user information is always going to have a negative effect on business, but every organization should take a page out of Tumblr’s book here regarding their response to the event and how they discovered it. Customers lose trust in businesses that mishandle their information, but they also respect when a company is making a serious effort to locate vulnerabilities and can handle a problem when it arises with swift action.ID Agent to the Rescue:  Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach such as this. Learn more: Levels:1 - Extreme Risk2 - Severe Risk3 - Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Wednesday, October 24, 2018

Educational Cybersecurity Awareness Month

October is the month for cybersecurity awareness, and the perfect time to educate your employees on steps they can take to protect your network. From password protection measures to becoming aware of common phishing tactics, awareness is a vital step in protecting your business from cybercrime. Here are some tips you can share with your employees today!

Email Security:
- Never use personal email accounts for company business, nor business credentials for personal logins.
- Use two-factor authentication whenever possible.
- Use unique passwords for all email accounts.
- Maintain suspicions when opening attachments in emails. When in doubt, place a quick call to verify the validity of an email.

Password Security:
- Use complex passwords (not your dog’s name with a number at the end!)
- Consider a password manager.
- Always monitor the Dark Web for stolen credentials.

File Sharing and USB Drives:
- Use application-level encryption to protect the information in your files.
- Monitor your network for unapproved file sharing programs.
- Use file naming that doesn’t disclose the type of information being shared.
- Free file sharing methods do not provide the legal protection to help secure sensitive information.
- Scan USBs for external viruses and malware.
- Disable auto run.
- Encrypt USB drives.
- Keep personal and business USB drives separate.

Mobile Protection:
- Update mobile software regularly.
- Download apps from trusted sources and read reviews to check the validity of apps.
- Always use passcodes or fingerprint recognition when available.
- Turn off discovery mode.
- Activate “find device” and “remote wipe.”

Take the next steps to protecting your network! To learn more about 3bSecurity services Contact us at 877.860.5831 x190

Hackers are Bundling Up This Fall.