CDK Global, a leading provider of integrated technology solutions to the automotive industry, suffered a severe ransomware attack. The attack was attributed to the BlackSuit ransomware group, known for its sophisticated and targeted operations. The impact of the attack was widespread, not only affecting CDK Global’s operations but also had a ripple effect on thousands of auto dealerships that rely on CDK Global’s dealer management systems (DMS) and service operation solutions. The incident caused significant operational disruptions and is expected to have a large, but unknown impact on dealership financial losses due to the downtime during a high-volume season.
Lessons Learned From the CDK Global Ransomware Attack
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Protection, risk
QR Code Scams: How to Help Your Employees Avoid Them
We've all become familiar with QR codes — those square bar codes that seem to be everywhere. You scan them with your phone camera and they take you directly to a website. QR codes are an incredibly convenient way to access information, but scammers are clever and already use them as part of their scam arsenal. Fortunately, everyone can protect themselves from QR scams by learning how they work and remaining vigilant.
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Protection, risk
Rolling the Dice on Cybersecurity: Lessons from the MGM Breach
You may have seen it in the news, but another major company has been a victim of a nasty ransomware attack that disrupted services and customers for over ten days. This time, the victim was MGM Resorts in Las Vegas.
What separates this major incident from others is that the hackers pulled the malicious attack off using one of the oldest tricks in the book: social engineering. So, what happened, and what can we learn from this?
Topics: Cybersecurity, Network Security, Data Breach, Data Security, security incident handling, risk, Ransomware, social engineering
Any time we log in to socials, we should be cognizant of the information we're willing to reveal and how for-profit actors could use that personal data. Sharing our time, tastes, and feedback with online communities is what draws us to the apps, but it’s easy to “overspend” your seemingly limitless personal data in exchange for entertainment. The TikTok application is unlike its contemporaries because its information-gathering technology is steps ahead and much more powerful. That information is primarily used to tailor the user’s feed and promote engagement with targeted advertisements.
Topics: Cybersecurity, Data Security, risk, Social Media
Sophisticated Threat Actors are using LinkedIn to Phish Employees
Phishing via employment-focused social media is on the rise. While performing incident response over the last few months, ProCircular encountered multiple incidents where LinkedIn was used in employee phishing attacks. Several news articles raised awareness of this phishing vector over the last year, and the trend continues with a new wave of attacks by sophisticated threat actors.
Topics: Incident Rsponse, hacking, risk