SpartanTec, Inc. Myrtle Beach SC: 07/03/21

Saturday, July 3, 2021

Bose Is Latest Company To Have Employee Data Breached

Bose is the latest in an unending parade of major companies to disclose that they've been the victim of a ransomware attack. In the company's data breach notification letter, they indicated that they first detected the incursion on March 7th, 2021, with the attack itself having occurred on April 29th.

Additionally, as is quite common in these cases, the company indicated that they immediately began working with both law enforcement and a third-party cybersecurity agency to continue the investigation. According to the official notification, Bose did not pay the demanded ransom, and was able to restore their corporate network to full functionality with minimal disruption to the company's business operations.

In terms of scope and scale, the company identified a small number of individuals whose data was impacted and notified everyone who was affected by mail. Based on the forensic analysis, the company determined that the files accessed by the hackers contained personal information related to an unspecified number of current and former employees, including names, social security numbers, salary, and other HR-related information.

Call Now

In the aftermath of the attack, Bose took the following steps to further bolster their security:

Enhanced malware/ransomware protection on endpoints and servers to further enhance our protection against future malware/ransomware attacks.
Performed detailed forensics analysis on impacted server to analyze the impact of the malware/ransomware.
Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
Changed passwords for all end-users and privileged users.
And changed access keys for all service accounts.

The bottom line is, although unfortunate, the company's handling of the incident has been commendable. We just hope that the day comes when there won't be quite so many stories like this one.

Call SpartanTec, Inc. now and let our IT support professionals to set up the most effective cybersecurity strategy to keep hackers at bay.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

SolarMarker Malware Stealing User Information Through PDFs

The hackers behind the malware called SolarMarker have begun using an innovative and unexpected means of distributing their poisoned code.

They've started publishing PDF documents filled with SEO (Search Engine Optimization) keywords in a bid to boost the visibility of malicious websites that pose as Google Drive, but in fact, are simply repositories for the malware itself.

A potential victim may get an email containing a PDF promising detailed information on attractive insurance rates or attractive credit card deals. Clicking on the links in the PDF will redirect the victim to a site designed to look like Google Drive, with instructions to download a different file on the drive. It is the act of clicking the file on the drive that dooms the user.

SEO is a tried and true marketing tactic used by legitimate business owners to drive traffic to their sites, co-opted, in this case, for a nefarious purpose. Unfortunately, it has proven to be a wildly effective thus far.

Call Now

As to the malware itself, SolarMarker is a backdoor malware that steals login credentials and other data from web browsers. So it's not harmful on its own, but it makes it easier for the hackers controlling it to introduce damaging malware down the road and/or steal a victim's identity and bypass computer security.

Crowdstrike was the first company to sound the alarm when researchers at the company first discovered the unusual marketing campaign for the malware. Note that thus far, at least, SolarMarker's makers seem to have focused the bulk of their attention on North America.

PDFs have been used for a very long time to deliver malicious payloads, but the unusual methodology used here makes this cyberattack noteworthy. Be on your guard against any PDFs you or your staff receive from unknown, un-trusted sources. Clicking links embedded in those files may net you much more than you bargained for, and not in a good way.

Call SpartanTec, Inc. now and let our team of IT support professionals help protect your company against malware and other online threats by developing an effective cybersecurity strategy.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

About Us

Started in 2002, SpartanTec, Inc. is a complete technology solution provider. We are 100% committed to making sure businesses have the most reliable and professional IT partner. Our team of talented IT professionals can solve your IT nightmares once and for all.

Our custom service packages deliver what you need and want without overstepping the boundaries of your budget. From cloud services or on-premise solutions to data backup, SpartanTec is here to team up with you and your company for expert support.

SpartanTec, Inc.

Myrtle Beach, SC 29577

843-418-4792

https://www.spartantec.com/

Pages

Saturday, July 3, 2021

Bose Is Latest Company To Have Employee Data Breached

Call Now

Call SpartanTec, Inc. now and let our IT support professionals to set up the most effective cybersecurity strategy to keep hackers at bay.

SolarMarker Malware Stealing User Information Through PDFs

Call Now

Call SpartanTec, Inc. now and let our team of IT support professionals help protect your company against malware and other online threats by developing an effective cybersecurity strategy.