Posts

Ghost-Ransomeware-Attack

Ghost Ransomware Widespread Attacks on Organizations Internet-Facing Devices

/in , , , /by

Frank Costa, President, Nexgen Protection Services on Ghost Ransomware: 

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint advisory on Ghost ransomware (also known as Cring).

The advisory, which is primarily aimed at network defenders, provides critical details on Ghost ransomware activities, including:

  • Indicators of compromise (IOCs)
  • Tactics, techniques, and procedures (TTPs)
  • Detection methods

The data used to compile the advisory comes from FBI investigations into Ghost ransomware incidents. It highlights how Ghost actors are launching widespread attacks by targeting organizations that use outdated software and firmware on internet-facing devices. These threat actors often exploit publicly available code linked to Common Vulnerabilities and Exposures (CVEs) to gain access to vulnerable systems.

The advisory urges network defenders to carefully assess the risks and take appropriate measures to mitigate them. CISA also recommends reviewing the advisory and implementing its suggested mitigations. For additional guidance on ransomware protection, detection, and response, refer to the #StopRansomware initiative and the associated guide. More information on CISA’s Cross-Sector Cybersecurity Performance Goals (CPGs), including recommended baseline protections, is available on their website.

Source:
Alger, J. (February 21, 2025). CISA and FBI Issue Warning for Ghost Ransomware Activity. Security Magazine.
Hashtags: #protectionservices #securitystandards #publicsafety #mobilesecurity #securitythreats

 

Phishing Threats Are on the Rise: Organizations Must Assess Their Vulnerability

/in , , , , , /by

Frank Costa, President of NEXGEN Protection Services on Phishing Threats:

As AI-powered tools become more accessible, phishing threats are aon the rise. Attackers are increasingly targeting multiple channels to bypass security measures, beginning with phishing emails that contain links to video meetings featuring a deep fake.

Phishing attacks are becoming increasingly sophisticated, making it essential for organizations to assess their vulnerability. Hackers now have access to advanced AI-powered tools that enable them to craft email messages, create malicious payloads, and even generate deep fakes. These technologies—and the cyberattacks they facilitate—are more accessible than ever, particularly as cybercriminals tap into the growing “Crime as a Service” (CaaS) ecosystem. Providers now sell everything from attack tools to pre-packaged phishing kits designed to bypass native defenses and secure email gateways (SEGs).

Threat actors can leverage AI at every stage of a phishing attack, from speeding up the intelligence-gathering process on potential targets to automating the creation and distribution of highly personalized attacks. The use of AI accelerates and scales up attack creation, allowing even less-experienced cybercriminals to launch sophisticated campaigns. 

Impersonation attacks are another common tactic. The most frequent form involves attackers posing as the recipient’s company, accounting for 16% of phishing emails. The Human Resources (HR) department is often impersonated in these attacks. Cybercriminals also use platforms like LinkedIn, company websites, and news announcements to identify new hires at target organizations. These newly hired employees are then targeted in impersonation and social engineering attacks. New employees are frequently the victims of phishing emails impersonating VIPs, particularly in CEO fraud schemes.

To strengthen defenses, organizations can adopt best practices that help build a “human firewall.” The first step is to understand and communicate what constitutes normal behavior for brands and suppliers, which can aid in detecting impersonation. Organizations should also standardize and validate communication channels, especially for roles like HR and IT. Finally, companies should assess their vulnerability to supply chain and vendor-based compromises.

Source:
Alger, J. (February 20, 2025). Mobile Phishing Threats Are Evolving, According to New Research. Security Magazine.

 

Loss Prevention Strategies

Loss Prevention Strategies for Combating Organized Retail Theft

/in , , , , , , , /by

Frank Costa, President of NEXGEN Protections Services on Loss Preventions Strategies:

Organized retail theft (ORT) impacts more than just a retailer’s bottom line; it creates dangerous environments for both staff and shoppers. The increasing incidents of violence and aggression have pushed retailers to invest heavily in loss prevention strategies. In response, major retailers are partnering with technology innovators to strengthen their defenses. 

(ORT) involves coordinated efforts by professional thieves to steal large quantities of merchandise from retail stores. Unlike casual shoplifting, ORT is systematic, with stolen goods often resold through various channels, including online marketplaces. This form of theft has seen a significant rise in recent years, resulting in billions of dollars in annual losses for retailers.

Companies such as Walmart, Target, Lowe’s, Kroger, Macy’s, CVS, and others are at the forefront, using cutting-edge technology to deter and detect criminal activity. From advanced video surveillance systems to biometric cameras and autonomous security robots, retailers are deploying a formidable arsenal to combat the growing threat of ORT. Central to this technological revolution is the integration of artificial intelligence (AI), which enhances the sophistication and effectiveness of existing security measures.

Source:
Danielson, R. (February 20, 2025). Retail Resilience: Technology Strategies to Combat Organized Theft. Security Magazine.
Hashtags: #protectionservices #securitystandards #publicsafety #mobilesecurity #securitythreats



Mitigate Losses to the Supply Chain with Robust Security Protection

Mitigate Losses to the Supply Chain with Robust Security Protection

/in , , , /by

Frank Costa, President, Nexgen Protection Services

Companies lose billions of dollars annually due to cargo theft. Many manufacturers don’t realize their shipments have been stolen until it’s too late, often discovering the issue only when the shipment fails to arrive on the expected date.

To mitigate losses in the supply chain caused by security threats, key protection measures include:

  • Thorough vendor vetting
  • Robust access controls
  • Data encryption
  • Continuous monitoring
  • Incident response planning
  • Supply chain visibility through technology
  • Diversifying suppliers
  • Implementing strong cybersecurity practices across all tiers of the supply chain, ensuring all partners adhere to the same security standards.

Source:
Fryer, N. (2025, January 18). How transportation management systems mitigate supply chain risks for manufacturers. Security InfoWatch.

#protectionservices #securitystandards #publicsafety #mobilesecurity #securitythreats



Supply Chain Attacks: Exploiting Third-Party Vulnerabilities

Supply Chain Attacks: Exploiting Third-Party Vulnerabilities

/in , , , , , , /by

Frank Costa, President, Nexgen Protection Services

The cybersecurity landscape continues to evolve at an unprecedented pace. With the rise of sophisticated attack methods, the integration of new technologies, and increasing connectivity across sectors, businesses are facing more complex cybersecurity threats than ever before. Staying informed and prepared is critical to protecting data, maintaining trust, and ensuring business continuity.

Supply Chain Attacks

As businesses increasingly rely on external vendors and partners, supply chain attacks have become a significant cybersecurity concern. In these attacks, threat actors infiltrate a company’s system by compromising a third-party provider, gaining access to multiple organizations through a single vulnerability.

How to Prepare:

  • Vendor Risk Assessments: Conduct thorough security assessments for all vendors and partners to identify potential vulnerabilities.
  • Contractual Security Requirements: Include cybersecurity clauses in vendor contracts to ensure security standards are upheld.
  • Network Segmentation: Isolate critical systems from external partners to prevent attackers from moving freely within your network.
  • Continuous Monitoring: Use real-time monitoring to track vendor activity and detect any unusual behavior early.

 

SOURCE: 

Top Cybersecurity Threats to Watch in 2025: How Businesses Can Prepare, Boston Institute of Analytics, 11/14/2024.
#protectionservices #securitystandards #publicsaftey  #mobilesecurity #securitythreats

 

Building a Diverse, Resilient Team to Enhance Effectiveness

Building a Diverse, Resilient Team to Enhance Effectiveness

/in , , , , , /by

Frank Costa, President, Nexgen Protection Services

 

Resilient teams possess four key traits that contribute to their success: collaboration, diverse skill sets, camaraderie, and positivity.

In today’s fast-paced and ever-changing business landscape, resilience is essential. It is the ability to respond to events or crises in a coordinated manner, minimizing damage and enabling a sustainable path forward. And it all starts with building resilient teams.

These teams are prepared to navigate disruptive events—or a series of events—with cohesion and precision. As a result, when they emerge on the other side, the need for damage control is minimal, and resuming operations and returning to business as usual is both straightforward and sustainable. That’s the goal.

Don’t avoid conflict—tackle it head-on. Even if it’s as subtle as a silent expression in a meeting, leave no stone unturned when it comes to gauging your team’s sentiments and perspectives. Build a culture of transparency and honesty, and make sure to listen to your people.

 

SOURCE: 

Horton, M. Building organizational resilience for sustainable success, Security Magazine, 10/03/2024.
#protectionservices #securitystandards #publicsaftey  #mobilesecurity #securitythreats

 

Cargo Theft is Real and You Need to Protect Your Assets

Cargo Theft is Real and You Need to Protect Your Assets

/in , , /by

Frank Costa, President Nexgen Protection Services – 

A new form of theft has developed – strategic cargo theft. Strategic cargo theft is defined as deceiving a party at various points within the supply chain to hand over their freight to thieves. This form of theft involves the manipulation of data, paperwork, and identities from a distance to gain access to freight under false pretenses.

Use dedicated, asset-based carriers to move your freight. An asset-based carrier is a company that owns its trucks and hires its own drivers. This allows you to clearly vet the company you will be doing business with.

Insist on placing disposable GPS trackers inside your high-value loads. These cost-effective devices eliminate reverse logistics and device management while providing complete visibility of your freight, in real-time, from anywhere around the world. 

 

SOURCE: 

Tabor, J. Strategic Cargo Theft: What It Is, How It Started, and What You Can Do to Stop It, Loss Prevention Magazine, 12/2/2024.
#protectionservices #securitystandards #publicsaftey  #mobilesecurity #securitythreats

 

Cargo theft involves the manipulation of data and identities to gain access to freight under false pretenses.

Cargo theft involves the manipulation of data and identities to gain access to freight under false pretenses.

/in , , , , , /by

Frank Costa, President Nexgen Protection Services – 

Organized retail crime (ORC) has been the buzzword in the retail loss prevention world for well over the past decade. During that time, the lack of support from the criminal justice system has certainly negated most of those efforts.

Criminals will establish fake trucking and brokerage companies with the sole intention of stealing cargo. They go through the same process as legitimate carrier information, registration, obtaining insurance, and operating authority. These companies then start completing legitimate jobs to establish a history of work performed. Once established, the thieves target high-value loads within their customer network to steal.

Insist on placing disposable GPS trackers inside your high-value loads. These cost-effective devices eliminate reverse logistics and device management while providing complete visibility of your freight, in real-time, from anywhere around the world. If and when a theft were to occur, you could follow the load in real-time from your phone to assist law enforcement in finding its exact location.

As of now, there is no silver bullet that will stop these thefts from occurring. But understanding the problem, training your staff, and installing protective measures will certainly act as a shield to help fend off these criminals.

SOURCE: 

Tabor, J. Strategic Cargo Theft: What It Is, How It Started, and What You Can Do to Stop It, Loss Prevention Magazine, 10/01/2024.
#protectionservices #securitystandards #publicsaftey  #mobilesecurity #securitythreats

 

Retailers' Concern for Safety and Security have heightened

Retailers’ Concern for Safety and Security have heightened due to the Growing Threats.

/in , , , , , /by

Frank Costa, President Nexgen Protection Services – 

Break-ins and break-in attempts are always a concern for retailers for safety and security reasons, and these concerns have heightened due to the growing threats faced in recent years.

Before the pandemic, physical security’s role in business intelligence and operations was already growing, but over the last few years, it has proven to be a strategic asset in coping with a variety of challenges.

Security measures need to be integrated to manage potential threats to create the safest, most secure environments. 

SOURCE: 

Wolfe, C. LPM Survey: Storefront Security and Emergency Response 2024. Loss Prevention Magazine, 07/09/2024.
#protectionservices #securitystandards #publicsaftey  #mobilesecurity #securitythreats

Organized Crime and Shrinkage are on The Rise

Organized Crime and Shrinkage are on The Rise, Security Protection Is Essential to Offset Losses.

/in , , , , , /by

Frank Costa, President Nexgen Protection Services – 

The final stage of the supply chain process in retail, is getting products off trucks and into stores. Retailers face rising security threats, such as theft, shoplifting, internal fraud, vandalism, and even violence. Matters are intensified by self-checkout systems and the complexities of post-pandemic retail environments. 

Whether managing day-to-day retail operations or responding to disasters and large-scale events, retailers must be prepared for the unexpected. Nexgen Security offers scalable solutions to meet these challenges head-on, enabling businesses to enhance security, reduce losses, and maintain operational integrity.

 

SOURCE: 

Wolfe, C. WHITEPAPER: The End-of-Sale Process in the Retail Supply Chain. Loss Prevention Magazine, 10/20/2024.
#protectionservices #securitystandards #publicsaftey  #mobilesecurity #securitythreats