Recent Data Breach Impacts Puma Sportswear
Recently, we learned that Puma Sportswear was affected by a data breach in 2021.
Important to remember that Puma's network were not directly attacked. Kronos, which is one the company's North American workforce management services providers, was targeted.
A recent data breach notification revealed that an unknown attacker stole personal information from the Kronos Private cloud. They also ransomware on Kronos' network.
Although the investigation into the breach continues, it appears that almost half of Puma employees were affected. Kronos sent a notice to all affected individuals. The letter contained very little actionable information and was rather rambling.
The letter says:
"Kronos confirmed on January 7, 2022 that certain of your personal data was among the stolen data. We notified PUMA about this incident on January 10, 20,22."
Experian IdentityWorks was offered to all affected individuals for two years free. This includes identity restoration, credit monitoring, identity theft insurance, as well as insurance against identity theft.
This hacking attack on Puma is the second in recent months. In August 2021, the company's network had been compromised and the source code of an internal application was stolen. This was then sold on the Dark Web.
The company stated that no customer data had been compromised and that the information stolen was only related to its employees.
This attack highlights the dangers and risks inherent in an increasingly connected world. Data breaches on the network of trusted vendors can have devastating effects on your business in ways that you may not have imagined. This means that no matter how much money you invest in IT security, your company could still be at risk if the vendor you rely upon doesn't take security seriously enough.
Now is the time to call Integrated Technology Systems to secure your company's date and employees.
An Android banking Trojan named Medusa steals sensitive information
Researchers from ThreatFabric discovered two new types malware that are quickly spreading among Android users. FluBot malware, and an Android banking trojan called Medusa are the latest examples. Worse, the malware attacks of the latest wave share many of the same infection techniques and delivery infrastructure.
FluBot is one of the most popular Android malware strains. It can steal banking details and passwords from infected devices. It can also access your contact list and send SMS to infected devices. It's success has inspired others to follow its lead.
It was initially a keylogger for Medusa. It can take screenshots and collect data about device use. To deliver their malicious payload, Medusa's creators used poisoned apps named FluBot's controllers to take screenshots and gather data about device usage.
Researchers had this to say about the subject.
"Medusa is not very common at the moment, but we are seeing an increased number of campaigns and sufficient campaigns. Medusa poses a threat to financial institutions in targeted regions due to its multiple remote access capabilities."
Users should only download apps from trusted and authorized vendors or the Google Play Store to reduce the risk of becoming infected with these types of malware. Don't install an app via a link from a website. It is just not worth the effort.
Hackers are breaking into Microsoft Teams and dropping malware
A warning was issued by them recently to anyone using Microsoft Teams. The latest statistics show that more than 270,000,000 people use Teams each month.
Avanan claims that hackers are hacking into Team chats and attaching malicious file to ongoing conversations. Although the files attached appear to be relevant to the conversations from all appearances, anyone who clicks on them will be infected.
It's unclear at this stage how hackers gained access to Teams. There are three possible options: compromise of a third-party vendor with which a company does business, phishing attacks or stealing Microsoft 365 email credentials.
This latest spate of attacks has one thing in common: it doesn't require any sophistication. This attack is the simplest one you can imagine. It's possible because Microsoft Teams is trusted almost universally by all who use it.
Once they are a part of the Teams framework, very few people consider security to be a concern.
Integrated Technology Systems recommends these steps to reduce your exposure and risk.
- Encourage end-users not to hesitate to contact internal IT or your managed service provider if they see an unfamiliar file
- Protect your files with a sandbox that allows you to inspect them for malicious content and downloads them all.
- Secure all business communications, including those between teams, with robust, multi-suite security.
You must ensure that you know who is leaving files in Teams chat
Even if all your employees follow these recommendations, it won’t offer bulletproof protection. However, it will make it less likely that an infection from this vector occurs.
Teams has strong file protection protocols already in place. But, Microsoft will likely be looking at it more closely in the coming weeks and months.
