Tag: cyber security news

  • Are you keeping track of breaches that are happening with your vendors? What small businesses can learn from the Klue/Salesforce breach

    Are you keeping track of breaches that are happening with your vendors? What small businesses can learn from the Klue/Salesforce breach

    When most small businesses think about cybersecurity, they think about their own systems first. Are our computers protected? Are our passwords strong? Is our email secure? Do we have backups?

    Those are all important questions. But there is another question that deserves just as much attention: Are the vendors we rely on putting our business data at risk?

    The recent Klue/Salesforce breach is a good reminder that small businesses do not operate in a vacuum. Even if your own network is locked down, your data may still live in someone else’s system. It may be stored in your CRM, marketing platform, accounting software, ticketing system, quoting tool, password manager, payroll provider, or any number of cloud applications connected to each other behind the scenes.

    In this case, public reporting indicates that attackers abused access tied to Klue, a competitive intelligence platform, to reach data connected through Salesforce environments. The important lesson is not just “Salesforce” or “Klue.” The bigger lesson is that connected vendor platforms can become pathways into sensitive business data.

    For small businesses, that matters a lot.

    You may not have a full-time security team watching every vendor announcement. You may not have a compliance department tracking every software integration. But you probably do have customer information, employee information, invoices, quotes, sales notes, passwords, emails, support tickets, or financial records spread across multiple vendors.

    That means vendor breach monitoring needs to be part of your normal security routine. A vendor breach does not have to involve your internal server, your firewall, or your employee laptops to affect you.

    If a third-party platform you use is compromised, attackers may be able to access customer records, support cases, contact lists, documents, billing details, or internal notes. Even when passwords are not exposed, stolen business data can still be used for phishing, impersonation, fraud, social engineering, or targeted scams.

    This is especially dangerous because vendor-related phishing can look very believable. If an attacker knows who your customers are, what services they use, who manages their account, or what projects are active, they can write emails that sound legitimate.

    For a small business, the damage can be immediate. Customers lose trust. Staff waste time investigating. Leadership has to figure out whether notifications are required. And if nobody was watching for the breach in the first place, the business may learn about it too late.

    Three steps small businesses can take to monitor vendor breaches

    1. Keep a simple vendor and data inventory

    You cannot monitor vendor risk if you do not know which vendors have access to your data.

    Start with a simple spreadsheet or shared document. It does not need to be complicated. List every cloud service your business uses, what kind of data it stores, who owns the relationship internally, whether it connects to other systems, and how critical it is to your operations.

    At minimum, track:

    • Vendor name
    • Type of data stored
    • Admin owner
    • Login method
    • Connected integrations
    • Business impact if breached

    Pay special attention to tools connected to email, CRM, file storage, accounting, remote access, security, payroll, and customer support. These systems tend to hold valuable data or provide access to other platforms.

    The goal is simple: if a breach happens, you should be able to quickly answer, “Do we use this vendor, what data is there, and what should we check first?”

    1. Subscribe to vendor security notices and monitor trusted sources

    Many small businesses only hear about vendor breaches from social media, a random news article, or a customer asking whether they are affected. That is not good enough. For your most important vendors, subscribe to their security advisories, status pages, email alerts, and trust center updates. If they offer a security notification list, use it. If they have a status page, bookmark it. If your vendor has an admin portal with security notices, make sure someone checks it.

    You should also monitor reliable cybersecurity news sources and breach notification feeds for vendors you depend on. This does not mean doom-scrolling every day. It means assigning someone to keep a light but consistent eye on the tools that matter most to the business.

    For managed IT clients, this is also an area where your IT provider can help. Vendor breach monitoring should not be treated as an occasional panic response. It should be part of normal operational security.

    1. Have a vendor breach response checklist before something happens

    When a vendor breach hits the news, the worst time to build your response process is after the fact. Small businesses should have a short checklist ready. When a vendor announces a breach, your team should know how to assess whether you are affected and what actions to take.

    A practical checklist should include:

    • Confirm whether your business uses the vendor or affected integration
    • Review what data the vendor stores or can access
    • Check vendor advisories for affected dates, systems, and data types
    • Revoke or rotate API keys, OAuth tokens, passwords, and connected app permissions where appropriate
    • Review admin accounts and recent login activity
    • Look for suspicious email, CRM, file, or support activity
    • Warn staff about phishing attempts tied to the incident
    • Determine whether customers, employees, insurers, legal counsel, or regulators need to be notified
    • Document what was reviewed and what actions were taken

    We have a simple template for this you can grab below that also covers breaches within your business:

    This does not need to be a 40-page incident response plan. It just needs to be clear enough that your team can act quickly and calmly. The big takeaway is that security does not stop at your own front door.

    Modern businesses are built on connected cloud platforms. That brings huge benefits, but it also creates shared risk. A vendor integration, API token, or connected app can become a weak link, even when your own systems are not directly compromised. Small businesses should not respond by abandoning cloud tools, that’s not realistic. The better response is to know which vendors matter, track where your data lives, monitor for breach notices, and have a plan for what to do when something goes wrong. You do not need enterprise-level complexity to do this well. You need consistency, ownership, and a clear process.

    Vendor breaches are no longer rare edge cases. They are part of doing business in a cloud-connected world. The businesses that handle them best are not the ones that never use vendors. They are the ones that know their vendors, monitor their risk, and respond quickly when the situation calls for it. At Valley Techlogic, we act as a vendor liaison for clients and can help you monitor and respond to breaches even if they’re not happening to your organization directly. Learn more today through a consultation.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic

  • Toothbrush or threat vector? Turns out it was both for 3 million smart toothbrushes utilized in a recent DDoS attack

    Toothbrush or threat vector? Turns out it was both for 3 million smart toothbrushes utilized in a recent DDoS attack

    When it comes to cyber attacks it seems like anything can be utilized (see Amazon Fire Stick on the recent attack on Rockstar Games) but even our toothbrushes?

    It’s true, while details are still coming out it’s been reported that 3 million malware infected toothbrushes were used to bring down a Swiss company’s website at the cost of millions of Euros.

    No details have emerged yet on either the brand of toothbrush or the specific company that was targeted but we know the toothbrushes were running on Java which is a popular operating system for IoTs (Internet of Things) devices.

    It highlights the point that any device connected to the internet can be used for malicious intent. We’ve all probably heard about threat actors utilizing home security cameras or baby monitors to gain unwanted access to our homes or to just be creeps. Or how about the study on smart fridges that found out they were collecting a lot of your data unknowingly.

    With so many of us having smart devices scattered throughout our homes it’s long overdue that we think about what security needs to be in place to prevent these devices from being a danger to us or others. That includes both the obvious devices like our computers and the less obvious devices like our internet connected home gadgets.

    In a recent study by the SANS Internet Storm Center they tested how long it would take for an unprotected, unpatched PC to become infected with malware when exposed to the internet. Their calculations came back that it would only take 20 minutes on average for that PC to be infected, this is down from 40 minutes back in 2003.

    Even if you consider yourself tech savvy and “careful”, attackers are relentless when it comes to looking for the latest exploits and staying ahead of the curve. It’s the unfortunate truth that they can put more time into their nefarious activities than you as a business owner can dedicate to outsmarting them.

    For them it’s a numbers game and the more nets they cast and the more avenues they look for to gain access the more likely they are to be successful, and even items such as a toothbrush are not safe.

    That is, unless you follow these steps when securing your network and IoT devices.

    On top of these simple steps to secure your network and maintain your devices, you can also work with a provider like Valley Techlogic.

    We utilize best in class tools that prevent cyber attacks from occurring in the first place. Our partners have the resources to stay on top of and mitigate threats (even zero-day attacks) and with ongoing maintenance included in our service plans we can prevent your devices from becoming a threat vector to you or to another business.

    Schedule a meeting with us today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • The biggest cyber security breaches of 2023

    The biggest cyber security breaches of 2023

    Now that it’s 2024 we’re reflecting on the biggest events in tech that occurred in 2024, and in today’s article we want to talk about the biggest cyber security breaches that occurred in 2023.

    Before we get into it, let’s talk about the hard numbers.  Across the board, cyber threats are up year over year and 2023 was no exception. Here are 8 eye opening statistics on cyber threats as of writing:

    1. The global average cost of a data breach is $4.45 million and a ransomware attack $5.13 million as of 2023.
    2. The average lifecycle (discovery to remediation) of a data breach is 277 days.
    3. 74% of data breaches still involve a human element in 2023.
    4. 64% of Americans have not checked to see if there data has been lost in a data breach.
    5. Almost half (46%) of all cyberattacks were on US targets.
    6. More than 1 million identities were stolen in 2023.
    7. 30% of those people were a victim of a data breach in 2023.
    8. 54% of office works express feeling “cybersecurity fatigue” in regards to news of data breaches.

    Unfortunately, public apathy towards cybersecurity preventions from ongoing, sustained attacks and the lucrative nature of successful attacks performed on business entities makes for a potent recipe in these attacks only continuing to increase in 2024.

    We want to take a look back at the biggest breaches that occurred in 2023 and also present our solution for preventing an attack of this nature from occurring to your business.

    1. MGM – Occurring in September, the unusual way MGM was breached made headlines because it did not initially involve a computer. Instead, attackers posed as people of importance to the company via a phone call and gained access to their systems, causing a loss of reputation, $100 million in damages, and 5 class action lawsuits to be filed.
    2. ChatGPT – Not even AI is safe when it comes to targeted attacks from hackers, in March of 2023 a bug in their source code exposed the personal information of a 1.2% of their Plus Subscribers including home addresses, full names and email addresses.
    3. MOVEit File Transfer System – The fallout from this breach that occurred in June 2023 extended far beyond the file system management software company itself, including California’s biggest pension fund holders CalPERS and CalSTRS.
    4. RockStar – RockStar is another example like MGM that proved hackers don’t need expensive equipment to breach insecure systems, with this breach being conducted using a cellphone, a hotel room TV and an Amazon FireStick.
    5. The City of Oakland – An entire city was the target of a hack that occurred in February of 2023, the sustained attack which lasted more than a week prompted the city to even declare a state of emergency while systems remained offline. Class actions lawsuits were also filed in the aftermath of the attack in this case.

    These are just five attacks that made major news last year, but there were thousands more that did not make major news. When an attack occurs on a small business many times it leaves the owners with no choice but to close up shop (60% of small businesses that are the victim of a cyber attack close within 6 months).

    As IT providers it’s a frustrating topic for us as so much of this is preventable. If more preventions were put in place and it was more difficult for attackers to realize their goals than it would have a cumulative positive effect overall. As the saying goes, an ounce of prevention is worth a pound of cure. Let us help you meet your cybersecurity goals in 2024 by clicking on the image below.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.