February Security Recap

2 years ago

Welcome the second instalment in our blog series The Security Recap. This week we’ll be recapping the MGM Resorts data breach, the Scott Morrison phishing email & more.

You can read the previous blog instalment July Security Fails.

MGM Resorts Data Breach

MGM Resorts have had a lawsuit filed against them over a data breach that occurred last year. MGM have alleged that โ€œthey discovered unauthorised access to a cloud server that contained a limited amount of information of certain guestsโ€. A spokesperson also said that the majority of the stolen data was guestโ€™s names and phone numbers, they did not disclose the number of affected guests at the time.

However, this week ZDNet reported that the personal details of approximately 10.6 million guests at MGM were published on a hacking forum. The leaked details included guestโ€™s full names, D.O.Bโ€™s, home addresses, phone numbers & email addresses.

The law firm Morgan & Morgan and lawyer John Yanchunis are handling the lawsuit against MGM resorts. Yanchunis has previously been associated with other data breach lawsuits including the Yahoo & Equifax data breaches. He was also involved in the case against Facebook and Cambridge Analytica for unlawfully obtaining users data back in 2017.

Prime Minister Phishing Scam

Towards the end of last month, a phishing email impersonating the Australian Prime Minister, Scott Morrison, began circulating. The email is seemingly legitimate with the email domain name being โ€˜@pm.gov.auโ€™.

The email contains an image of Scott Morrison and a message that says โ€˜Invitation from the Prime Ministerโ€™ along with a malicious hyper-linked PDF that redirects users to a SharePoint branded phishing website.

Google AdSense Ransomware

A new type of ransomware attack is currently making the rounds. Traditionally, ransomware has used social engineering and emails as its predominant method of attack. However, this particular type of ransomware targets Google AdSense users.

Google AdSense is a cost-per-click (CPC) advertising program, it gives incentives to websites for advertising. The ransomware threatens to flood userโ€™s ads with bot traffic which would trigger Googleโ€™s anti-fraud system and subsequently, the userโ€™s account would be suspended. The attackers demand $5000 dollarsโ€™ worth of Bitcoin in exchange for not sending bot traffic.

NSW Man Charged with Unauthorised Access

A NSW man has been charged by police for accessing the servers of a company he was employed as a contractor to without authorisation.

Police will allege that the man โ€œremotely accessed the server and downloaded documentsโ€. The man is also alleged to have โ€œdeleted 350 downloaded files after a court order was issued to access his computerโ€.

The Issue

Security threats are continually expanding and evolving. This instalment of The Security Recap saw a multi-million-dollar corporation become the victims of a data breach and a Sydney business become the victim of corporate espionage.

A security incident can be detrimental to your businessโ€™ reputation. Security as a Service is an integral part of Managed IT Services. Call Milnsbridge today to safeguard your business from security risks on 1300 300 293.

Letโ€™s get started

Get in touch today and speak with one of our friendly staff. We will take the time to assess your business requirements and provide an obligation-free quote.ย 

Facebook
Twitter
LinkedIn

CORE

All the essentials
$ 69 Monthly
  • 3 Hours Remote Support
  • Support Hours 8am - 5.30pm M-F
  • Best Effort Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment

Growth

Unlimited Support + Security
$ 89 Monthly
  • Unlimited Remote + Onsite Support
  • Support Hours 8am - 5.30pm M-F
  • Guaranteed Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment
  • Keeper Password Manager
  • Duo Multi Factor Authentication
  • DNS Filter Internet Protection
Popular

Enhanced

Unlimited Support 24x7 + Security
$ 159 Monthly
  • Unlimited Remote + Onsite Support
  • 24 Hours Support - 7 Days a Week
  • Priority Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment
  • Essential 8 Assess & Report
  • Monthly Vulnerability Scanning
  • Threatlocker Application Control
  • Keeper Password Manager
  • Duo Multi Factor Authentication
  • DNS Filter Internet Protection