Tag Archive for: malware

With new technologies, hackers are presented with more avenues to exploit vulnerabilities. So, what are the prevalent security challenges faced by organisations today? 

Excelien explores the top 10 security threats that every company should be conscious of:


Phishing attacks are becoming more frequent and intricate. These schemes can lead to data leaks, malware outbreaks, and identity theft. Cybercriminals are perfecting their phishing methods, making their emails seem more legitimate. 

People are often lured into clicking malicious links or downloading harmful attachments through sophisticated social engineering tactics. Signs of phishing include generic greetings like “Dear Valued Customer” and glaring grammatical mistakes. 

Suspicious attachments or unfamiliar website links are often red flags. Always be sceptical of urgent emails or those asking for personal details. If unsure, always verify the email’s legitimacy with the supposed sender.


Companies, regardless of size, grapple with malware issues. Cybercriminals deploy malware to infiltrate and control computer systems and sometimes disable entire networks. 

Malware can be disseminated via phishing emails, compromised websites, or malevolent ads. Once embedded, eradication is tricky. 

Defence against malware includes a reliable anti-malware system, continuous employee cybersecurity training, and regular software updates.


This malicious software encrypts user data, holding it hostage until a ransom is paid. Ransomware attacks can be crippling, especially without updated backups. 

Exercising caution with unfamiliar links and documents is vital. Employ robust security tools, including backups and anti-malware utilities, to fortify defences against ransomware.

SQL Injections 

SQL injections allow cybercriminals to execute harmful database commands. This potentially exposes sensitive client or proprietary details. Directly incorporating unscreened user input into SQL queries can lead to these vulnerabilities. 

Defend against these by properly configuring and shielding your database servers and deploying a reliable firewall.

Denial of Service (DoS) Attacks 

DoS attacks prevent users from accessing a particular site or service. Often targeting high-profile or smaller sites alike, these attacks are costly in terms of finance and downtime. 

A robust firewall can thwart these by screening suspicious traffic preventing system overloads.

Distributed Denial-Of-Service (DDoS) Attacks 

DDoS attacks harness multiple computers to overload a service with excessive traffic. Often executed using botnets, they primarily target renowned services, but smaller entities must be immune. Employ a web application firewall (WAF) to deter malicious traffic.

Cross-Site Scripting (XSS) 

XSS attacks allow hackers to inject harmful code into websites, potentially hijacking sessions or stealing user data. Defend against these by ensuring your website is securely coded, utilising security filters, and adopting a WAF.

Insider Threats 

These are threats from within—employees or contractors who misuse their access rights. Given their legitimate access, they’re often hard to detect. Effective access controls, stringent password policies, and secure physical access are essential.

Man-In-The-Middle Attacks

In MITM attacks, cybercriminals intercept communications between two entities. Such interceptions can lead to data theft or fraud. Encrypting all communications using methods like SSL or HTTPS and deploying VPNs can thwart these attacks. Also, consider two-factor authentication for added security.

Credential Reuse Attack 

These occur when stolen credentials from one platform are used elsewhere. The repercussions can be dire, leading to fraud or data breaches. Encouraging strong, unique password practices among employees is crucial.


Staying abreast of the ever-evolving threat landscape is a formidable challenge. Organisations must be vigilant about familiar threats and train employees to recognise and respond to potential dangers. Fundamental understanding and continuous learning are vital to staying one step ahead in cybersecurity.

Our Security Advisory Team has a comprehensive perspective, serving on both the vendor and client fronts. This unique vantage point has endowed us with unparalleled market acumen. Engage with our experts to fortify your cybersecurity posture.

Book a meeting with the Excelien Advisory Team

Hackers a difficult people to understand, they don’t discriminate, they’re looking for any open door, every opportunity, to steal data, make money whether small or large amounts, cause disruption in business and ultimately chaos!

Enterprise businesses to SMB can fall prey, and at Excelien, we work our clients to ensure they’re aware of the latest technology, with access to our security consultants and security assessments. We’ve all seen headlines with companies who you would expect to have a concrete fortress become victims. The pandemic seems to have accelerated some of the most significant breaches that have taken place in 2020. Here’s a reminder of some of the headline-grabbing attacks, and the stark reality and severity of these cyber attacks.

WHO – World Health Organisation

WHO has been giving guidance through this pandemic but in the midst of was part of a massive data leak of 25,000 email addresses and passwords unlawfully accessed. It was common belief to be part of a broader attempt to disrupt the battle against Coronavirus, with organisations such WHO, National Institutes of Health (NIH), and Centre for Disease Control and Prevention (CDC), Gates Foundation and more being hit by these team of elite hackers.

WHO confirmed a phishing campaign was used and targeted at its employees. WHO’s CIO, Bernardo Mariano stated, “Ensuring the security of health information for the Member States and privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic, We are grateful for the alerts we receive from the Member States and the private sector. We are all in this fight together.” It is still not clear if this cyber attack had any significant effect. According to WHO, the leaked information did impact an older extranet system, causing them to migrate to a more secure infrastructure.


The Twitter breach was probably the most visible and famous attacks to date, with celebrities from all walks of life such reality star Kim Kardashian to tech guru Elon Musk to the ex-president Barack Obama. Though this was an attack which took place over a few hours, the exposure was huge.

The attack targeted a small group of Twitter’s employees through a phone spearphishing campaign, enabling hackers to gain access to Twitter’s internal support system, which then allowed them to target further employees. According to Twitter, using the acquired credentials, around 130 Twitter accounts had been hit, Tweeting from 45 of those, accessing the direct messaging feature of 36 and downloading the Twitter Data of 7. Twitter Support released a statement explaining, “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.” The actual outcome of this elaborate hack isn’t clear, the incident has led to significant distrust with Twitter and its security protocols, and will most likely live on as one of the largest in cybersecurity disasters to a social media platform.


The use of Zoom has skyrocketed through the pandemic to enable the working from home to be the new normal. Zoom overnight became the big name, the go-to for a virtual meeting – the cybercriminals saw this, and soon became a target.

Cyberattacks have relentlessly targeted Zoom in the past and in April 2020 did in fact experience a data breach. Over 500,000 Zoom passwords were stolen and available for sale or even being given away for free across dark web forums. The attack impacted everything from personal accounts to financial and educational organisations. Victims’ login credentials, private meeting URLs and HostKeys were released. It’s believed that attackers used old stolen credentials, some from 2013. They used a credential stuffing attack which used multiple bots to avoid the same IP address for numerous Zoom accounts and to prevent detection as a denial of service (DoS) attack.

Zoom responded, “We have already hired multiple intelligence firms to find these password dumps, and the tools used to create them, As well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials.” Zoom will continue to examine the breach, are shutting accounts which they have found to be compromised, prompting users to change their passwords to something more secure, and investing into more technology solutions to bolster Zooms efforts.

Marriott International

A very public and large-scale security breach at the beginning of this year with a leading hotel group, Marriott, led to the data of more than 5.2 million guests data having their data compromised. Marriott believes hackers might have gained login credentials of two employees either by credential stuffing or phishing and subsequently able to gain access to information for customers part of the Marriott loyalty scheme.

Even though Marriott disclosed the security breach on March 31, 2020, it’s concluded that the data had been taken around a month before and included personal information including names, birthdates, and telephone numbers, travel news, and loyalty program information. It isn’t the first time that the hotel has announced a significant data breach – in 2018, they encountered a cyber-attack leaving 500 million guests affected.

MGM Resorts

Although it started in 2019, the data breach experienced by major hospitality group, MGM Resorts, continues in 2020. And it may be much larger than initially reported – now understood to have affected more than 142 million hotel guests (14 times the 10.6 million reported in February).

The attack came to light in an ad published on the dark web marketplace offering to sell the data of 142,479,937 MGM guests for just over $2,900. According to the seller, MGM Grand Hotels data as part of this. Hijacked information is assumed to include name, phone numbers, home address, email addresses, and birth date of guests, including those of Twitter CEO Jack Dorsey, Justin Bieber and prominent government officials.

An MGM Resort spokesperson confirmed that impacted guests were notified about the data breach and added: “We are confident that no financial, payment card or password data was involved in this matter.” Although this is considered “phone book” information, a fear is that the personal data will continue to be sold, which opens up opportunities for spearphishing campaigns.


Garmin known for its smartwatch and wearables had shut several of its services in July to deal with a ransomware attack, that encrypted its internal network and some production systems.

The company is still planning to have some severe downtime following this attack as they prepare for a multi-day maintenance window to deal with the aftermath, this includes the website going offline, Garmin Connect and Garmin Aviation services, and even manufacturing lines within Asia.

Garmin said the outage had also impacted its call centres, putting the company in a situation of being unable to answer emails, calls, and online chats.

The attack didn’t pass quietly and caused headaches for the company’s customers, who rely on the Garmin Connect service to sync data about bike rides and runs to Garmin’s servers, all of which also went down on.

It wasn’t just consumer wearables effected, flyGarmin was also down which supports the company’s line of aviation equipment. Another blow, following this outage, updates weren’t available for this software an FAA requirement to run an up-to-date version of this database.

The extent of the breach continues unknown to third-party observers. Besides consumer sportswear, wearables and smartwatches, Garmin also delivers mapping, tracking solutions and equipment for the maritime and automotive industry. The actual impact of the ransomware attack on these services remains unclear.

What Can We Learn from These Cyber Attacks?

Businesses need to be diligent. Cybersecurity always needs to be in front of mind and system as well as routinely assessed. Companies from small to the enterprise can easily fall prey of phishing schemes, ransomware, DDoS, malware, and other attacks leading to data breaches.

Excelien works with you to take the necessary precautions is the best chance they have at staying secure. Along with detection and response tools, authentication protocols, and ongoing employee security awareness training can make the most significant difference.

Test your Phone Talk to a Human