CDK Global, a leading provider of integrated technology solutions to the automotive industry, suffered a severe ransomware attack. The attack was attributed to the BlackSuit ransomware group, known for its sophisticated and targeted operations. The impact of the attack was widespread, not only affecting CDK Global’s operations but also had a ripple effect on thousands of auto dealerships that rely on CDK Global’s dealer management systems (DMS) and service operation solutions. The incident caused significant operational disruptions and is expected to have a large, but unknown impact on dealership financial losses due to the downtime during a high-volume season.
Lessons Learned From the CDK Global Ransomware Attack
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Protection, risk
Top 5 Business Roles Targeted by Cyber Attacks and How to Mitigate Risks
Cybercriminals in today's digital landscape employ sophisticated tactics to infiltrate organizations and steal valuable data. Specific business roles within companies often become targets of cyber attacks due to their access to sensitive information or ability to influence decision-making. These roles are also usually visible and known individuals in the public, and harvesting information can be used against them. It is much easier than going after the paranoid I.T. Guy!
Topics: Cybersecurity, Data Breach, Data Security, Data Protection, cybersecurity plan, Ransomware
QR Code Scams: How to Help Your Employees Avoid Them
We've all become familiar with QR codes — those square bar codes that seem to be everywhere. You scan them with your phone camera and they take you directly to a website. QR codes are an incredibly convenient way to access information, but scammers are clever and already use them as part of their scam arsenal. Fortunately, everyone can protect themselves from QR scams by learning how they work and remaining vigilant.
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Protection, risk
We often spend time with CEOs and board members of various companies, in verticals such as healthcare, finance, transportation, and education.
Topics: Cybersecurity, Data Breach, Data Protection, budgeting
When in doubt, try "Password123" - How I guessed your password
During a penetration test, login credentials are a highly sought-after item. While it is common to harvest that information via email scams (phishing attacks), it is not always the most practical or effective tactic to gain unauthorized access. That access, however, still requires a valid set of credentials. This poses a challenge. How does an attacker find valid accounts without social engineering? There are two main options: breached credentials and password spraying.
Topics: Cybersecurity, Network Security, Data Protection, Personal Data Protection, Security Awareness Training, Passwords, Monitoring