Data Breach Report: Popular Digital Wallet App Key Ring Exposes 14 Million Users

securitymagazine | April 03, 2020

Data Breach Report: Popular Digital Wallet App Key Ring Exposes 14 Million Users
Led by Noam Rotem and Ran Locar, vpnMentor’s research team of ethical hackers, recently discovered a data leak by the popular app Key Ring, that compromised the privacy and security of their 14 million users. Key Ring allows users to upload scans and photos of membership and loyalty cards onto a digital folder on one’s phone. However, many users also use it to store copies of IDs, driver licenses, credit cards, and more. A misconfigured Amazon Web Services (AWS) S3 bucket owned by the company exposed these uploads and revealed their owners’ private data. During the team’s investigation, they also found four additional unsecured S3 buckets belonging to Key Ring, exposing even more sensitive data as they were publicly accessible to anyone with a web browser.

Spotlight

How does company size dictate information security posture? A NeweggBusiness customer survey reveals differences in how companies large and small approach cybersecurity. Some findings fell in line with expectations; others defied the conventional understanding of how security professionals operate in businesses of scale.

Related News

DATA SECURITY

GetApp Annual Data Security Report Reveals Information Security a Top Concern for Businesses

GetApp | September 29, 2021

GetApp, a recommendation engine that helps SMBs make informed software purchasing decisions, released findings from its 2021 Data Security Report. The results reveal that, regardless of industry, information security incidents have become more of a targeted threat for businesses, increasing in amount and efficacy. Of all the security incidents identified by over 900 surveyed employees at U.S. businesses, the three most threatening incidents were: increasingly severe ransomware attacks, more effective phishing schemes, and rampant reusing of passwords. Respondents reported phishing emails have nearly tripled in effectiveness over the past two years. Phishing emails are rapidly becoming more difficult to spot and thus far more destructive. Over the past year, ransomware attacks have increased by 25%. Ransom demands were significantly higher than average for businesses in specific industries, such as banking and financial services and construction, with higher payouts. The report found that password reuse is strongly associated with higher incidences of security breaches. Reported account takeovers were three times as common among people who reuse passwords as those who don’t. Data security threats are becoming more targeted to individual victims, whether that’s a phishing scheme aimed at a specific person or ransomware attacks on a particular company.Companies must redouble security training efforts and fortify their networks to protect against today’s increasingly sophisticated cybercriminals. Zach Capers, senior analyst at GetApp. Alarmingly, 23% of the IT security managers surveyed say their company doesn’t have protocols in place to report a suspected cyberattack and 33% don’t have a formal cybersecurity incident response plan. Read the in-depth report for further insight regarding sensitive data, cyberattacks, and how your industry is keeping up with data security needs. About GetApp GetApp is the recommendation engine SMBs need to make the right software choice. GetApp enables SMBs to achieve their mission by delivering the tailored, data-driven recommendations and insights needed to make informed software purchasing decisions. GetApp is a Gartner company. For more information, visit www.getapp.com. Survey methodology GetApp’s 2021 Data Security Survey was conducted from August 20 to August 24 among 973 respondents to learn more about data security at U.S. businesses. Respondents were screened for full-time employment and 90 identified as their organization’s IT security manager.

Read More

DATA SECURITY

Balbix Allows CISOs to Quantify their Cybersecurity Posture Risk in Dollars

Balbix | August 04, 2021

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the launch of its Automated Cyber Risk Quantification (CRQ) solution. Balbix's new offering allows organizations to produce a single, comprehensive view of their cyber risk in dollars (or other currencies) so they can prioritize and fix security vulnerabilities faster and reduce breach risk by 95% or more. For example, to protect itself against ransomware attacks, an organization could use Balbix to identify the assets that would be most costly if held to ransom and quickly act to reduce these risks. Automated cyber risk quantification Calculating breach risk in monetary terms provides a common language that organizations - from security engineers and IT admins to the CISO, CFO and CIO - can use to prioritize projects and spending, and track the effectiveness of their overall cybersecurity program. However, most organizations have struggled with measuring cyber risk due to their reliance on complicated manual processes and dozens of isolated IT, security and business tools. The Balbix Automated CRQ solution uses machine learning and automation to quantify both the likelihood and the impact of a potential breach, and remove complex and error-prone tasks. As a result, organizations can: Build a unified cybersecurity asset management program Prioritize enterprise vulnerabilities Quantify cyber risk in monetary terms Customize security analytics and board-level reporting "Balbix is an industry-leading platform that consolidates cyber risks into a single reportable model," said Rhonda Gass, Chief Information Officer at Stanley Black & Decker. "This technology is enabling us to scorecard our risk remediation performance and gain continuous visibility into open security issues." "The Infosec industry has struggled for a long time to quantify the security posture of their organizations in clear cyber risk terms denominated in Dollars (or Euros, Pounds, Yen, etc.),'' said Jon Oltsik, Senior Principal Analyst and Fellow at ESG. "As a result, the right decisions don't get made, leaving the enterprise vulnerable to attack and compromise. Balbix's innovative offering has the promise of changing this equation." Seamless data collection Balbix also released new streaming and snapshot connectors. Streaming connectors are agentless and connect via API to the data source and pull in data on a specified schedule and thus are easy to deploy and manage. Snapshot connectors are used to ingest data using .csv or other formats. Organizations can use these connectors to ingest data from dozens of data sources including vulnerability assessment tools, CMDB, EDR, firewalls, SIEM, MDM systems, AppSec systems, OT/IoT management systems, Active Directory, DNS/DHCP and cloud infrastructure APIs. Moreover, the connectors are highly scalable. For example, Balbix typically ingests several 100s of terabytes per day from customers with environments containing 250,000 assets. "We are very pleased to introduce our new cyber risk quantification offering," said Gaurav Banga, Founder and CEO of Balbix. "Cybersecurity tools generate mountains of data. Traditionally, infosec teams have had to sift through massive vulnerability scans, attack simulation reports and app vulnerability results to prioritize issues that should be addressed first. Then they had to explain their actions to non-cyber stakeholders in business risk terms. This has been an impossible job. The new Balbix Automated CRQ solution makes easy work of this task by automating much of the workflow." About Balbix Balbix provides the world's leading platform for cybersecurity posture automation. Using Balbix, organizations can discover, prioritize and mitigate unseen risks and vulnerabilities at high velocity. With seamless data collection and petabyte-scale analysis capabilities, Balbix is deployed and operational within hours, and helps to decrease breach risk immediately. Balbix counts many global 1000 companies among its rapidly growing customer base and was named a "Cool Vendor" by Gartner in 2018.

Read More

NETWORK THREAT DETECTION

Solvo ReInvents Cloud Identity and Access Management with IAMagnifier

Solvo | November 30, 2021

Solvo, a security automation enabler for cloud development and production environments", announced today the availability of its "IAMagnifier" – a cloud SaaS security platform, enabling developers, DevOps and cybersecurity stakeholders working in cloud development environments to reduce potential cybersecurity threats caused by misconfigured access permissions to cloud assets. To truly enable a secured, yet productive development environment, a "least-privileged" permission mechanism should be employed – by using this methodology, the access level for each asset is defined by answering the question "How can I prevent access to that asset from anyone or anything other than anyone or anything that is supposed to access it to perform their intended task?". Today, security-minded developers and security stakeholders within the organization had to manually inspect security permissions configurations for each asset, compare the permission levels found within the specific asset's configuration to the permission level stated by the relevant organizational policies, and if the actual permission level is too lenient – rectify the situation by updating the asset's permission configuration. In addition to the need to perform these set of activities for each individual asset, a task which might entail an enormous waste of time and effort, the permission level to which the "wrong" configuration should be updated to may not be the best one according to the specific characteristics of each individual asset. "Solvo's IAMagnifier turns this cumbersome, lengthy, inefficient, and error-prone process of managing cloud assets' access permissions, into an automated, centralized, fast and decision-assisted experience,It does so by constantly inspecting the assets' access permissions configurations, analyzing gaps between the current and desired permission level, suggests the needed changes to the configuration, and performs these changes if approved by the user." Solvo's Co-founder and CEO, Shira Shamban To present the most relevant and updated data about permission levels and potential risks derived from permission level gaps, Solvo's IAMagnifier offers visual experience, which turns boring tables and records into easy to comprehend mapping of connections and dependencies between Roles, Policies, assets and users. The IAMagnifier also highlights what its analyzer has declared as "excessive permissions", and suggests an alternative, least-privileged permission policy, which can then be enforced by the user just by approving the suggestion. Unlike traditional infrastructure default definitions or human-set definitions, the "excessive" permission status definition and the alternative permission suggestion the IAMagnifier highlights and suggests are derived from analyzing actual real behaviour of the application and finding the balance between preventing unrequired access by irrelevant stakeholders, and keeping an uninterrupted workflow for relevant stakeholders (i.e least-privileged). Sylvie Veilluex, Solvo's advisor and former CIO of Dropbox, added: "The team has been offering early access to the IAM Magnifier to selected customers, and the feedback has been nothing short of amazing. One of the CEO whose company was using the IAMagnifier went on to declare the ability to easily see the company's security posture, and effortlessly enhance it, made scaling the company's cloud and business infrastructure frictionless and even enjoyable." Solvo's team will present IAM Magnifier during AWS' Re:Invent conference, which takes place in Las Vegas, NV, between November 29th and December 3rd, 2021. Solvo will also be providing a free AWS S3 Bucket policy auditing during the conference, and visitors can schedule a meeting with the team for a chance to get back from Vegas with a win. About Solvo Solvo allows security teams to empower software developers and accelerate their cloud delivery. The developer-centric security platform creates and maintains a least-privilege security policy for cloud native applications. It adapts the security configuration to every environment, creates it from scratch and monitors for changes, integrating with existing workflows seamlessly and automatically.

Read More

Spotlight

How does company size dictate information security posture? A NeweggBusiness customer survey reveals differences in how companies large and small approach cybersecurity. Some findings fell in line with expectations; others defied the conventional understanding of how security professionals operate in businesses of scale.