Detection Limited Hacker Access to EWN Database

Infosecurity Magazine | January 08, 2019

Detection Limited Hacker Access to EWN Database
Swift detection of a malicious insider that used stolen credentials to gain unauthorized access to Australia’s Early Warning Network (EWN) allowed EWN staff to shut down systems and limit the number of messages the hacker was able to disperse, according to a 7 January 2019 update on the company’s website. The anomalous activity of the hacker who had illegally accessed the EWN alert system was detected around 9:30 EDT on 5 January 2019. While news of companies being hacked becomes more commonplace, the ability to swiftly detect and respond to malicious insiders continues to be critical to an organization’s overall security strategy. After gaining access to the alert system – which is designed to alert users to weather emergencies – the attacker was able to send what the company describes as “nuisance” messages by way of email, text messages and phone calls to landlines, then to part of EWN’s database.

Spotlight

Cyber-attacks have become far more targeted and sophisticated. Even when you have deployed effective cybersecurity controls and tools, it is a best practice not to assume of 100% security. Capgemini’s Threat Hunting team provides the tools and specific expertise to find the threats hiding in your system.

Related News

PLATFORM SECURITY

Anxinsec proposed a protection solution for advanced threats to defend against 0-day exploits and fileless attacks

Anxinsec | August 30, 2021

In the Beijing Cyber Security Conference 2021 from August 26th to 28th, Anxinsec was invited to attend along with more than 200 top domestic and international cyber security experts. During the conference, Anxinsec, a pioneer and leader in memory protection, presented a novel solution to prevent advanced threats. Recently, the world witnessed the rise of massive ransomware attacks, such as the SolarWinds attack or the Kaseya supply chain attack. These kinds of advanced threats are usually deliberate attempts by professional hacking organizations performing long-term infiltration strikes with the ultimate goal of destroying or stealing data in order to achieve a political or economic result. The rise of massive attacks have raised the alarm for the global cyber security defense system and proved that the current endpoint security isn't enough against today's advanced threats. Today's advanced threat happened in memory and kernel space are increasingly common. In May 2020, Google engineers counted 912 security flaws with high and critical levels in Chrome since 2015 and found that 70% were memory-level vulnerabilities. Microsoft security engineer said at the 2019 Israel Cyber Security Conference, 70% of the vulnerabilities fixed in Microsoft's products in the past 12 years are memory security flaws. With the growing trend of threat actors moving lower in the stack into hardware and firmware, 0-day vulnerability exploits and files attacks account for a large proportion of the prevailing attack methods today. These attacks are extremely destructive and less visible with the current EDR techniques. Chinese cyber security start-up Anxinsec provides a novel solution to this rising threat. Through implementing hardware virtualization technology, it lowers the line of defence from the application level to system and hardware level. The Anxinsec memory protection solution based on CPU instruction and memory set can effectively prevent the risk of data breaches and tampering at the memory level. Meanwhile, Anxinsec has a strong expert service team, can provide industry-leading security consulting, penetration testing, security maintenance, security operations and emergency response services. One of the main services the company provides in UAE is security expert service. Other services include enterprise mobility management (EMM), which includes mobile device management, mobile application lifecycle management, building enterprise mobile security framework, and unified endpoint management.

Read More

DATA SECURITY

Trend Micro Demonstrates Threat Expertise at Virtual Black Hat USA 2021

Trend Micro | August 03, 2021

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced its participation at virtual Black Hat USA 2021, July 31st - August 5th. Attendees can visit the virtual booth to test their skills in the Exploit Elimination Challenge, as well as see how threat intelligence fuels Trend Micro's platform security and attend sessions with Trend Micro's industry experts. Trend Micro Research is at the heart of the company's ongoing innovation to anticipate and protect against existing, emerging and future threats. The company's cybersecurity platform delivers visibility and extended detection and response (XDR) using telemetry across endpoints, email, cloud workloads and networks. Built-in threat intelligence informs correlated detections and actionable alerts to ease the workload of security teams. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.

Read More

Microsoft shares threat intelligence, security guidance during global crisis

CXOtoday | April 23, 2020

With much of the world now transitioned to virtual work, digital safety has become a key area of concern. This is not something security professionals, were given time to prepare for, yet many of our customers have been thrust into a new environment and challenged to respond quickly.Our threat intelligence teams at Microsoft are actively monitoring and responding to this shift in focus. Our data shows that these COVID-19 themed threats are rethreads of existing attacks that have been slightly altered to tie to this pandemic. This means we’re seeing a changing of lures, not a surge in attacks. Our intelligence shows that these attacks are settling into a rhythm that is the normal ebb and flow of the threat environment.

Read More

Spotlight

Cyber-attacks have become far more targeted and sophisticated. Even when you have deployed effective cybersecurity controls and tools, it is a best practice not to assume of 100% security. Capgemini’s Threat Hunting team provides the tools and specific expertise to find the threats hiding in your system.