E-Com Site Gearbest Exposed Millions of Records

Infosecurity Magazine | March 15, 2019

E-Com Site Gearbest Exposed Millions of Records
According to a blog post from vpnMentor’s research team, hackers were able to access different parts of Gearbest’s database, during which time they discovered more than 1.5 million records, ranging from product purchases and shipping addresses to customer names, email addresses and phone numbers. The team also accessed member and payments and invoice databases, finding sensitive data that included names, dates of birth, IP addresses and passport information. “Gearbest’s database isn’t just unsecured. It’s also providing potentially malicious agents with a constantly-updated supply of fresh data,” the team wrote. Misconfigurations have been the cause of multiple security incidents, with reports earlier this year that misconfigurations in Elasticsearch resulted in millions of banking and financial records being left exposed without a password.

Spotlight

Building a business case to justify fraud-prevention technology investments is, unfortunately, not as straightforward as one might expect. The impact of online fraud on a financial institution is multifaceted and complex.

Related News

DATA SECURITY

Balbix Extends Cyber Security Posture Automation to AWS

Balbix | November 02, 2021

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of the Balbix Connector for AWS. As a result of the new offering, customers gain a comprehensive inventory of their assets spanning on-premises and cloud as well as the ability to discover, prioritize and mitigate unseen risks, including unpatched software vulnerabilities, weak credentials, missing or poor encryption, trust issues and cloud infrastructure misconfigurations. A surge in cloud adoption has made modern IT environments more complex and increased the enterprise attack surface. While gains have been made in cloud security, visibility remains siloed. Proactive cybersecurity tools are typically split into on-premises and cloud silos, making it extremely difficult to get a consolidated view into both environments. In addition, the ability to identify and address the most pressing risks requires the assistance of automation to successfully scale. Improved AWS Security Posture Management The new Connector for AWS provides support for the most popular AWS Cloud services including core services like Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and AWS Identity and Access Management (IAM); database and container services like Amazon Relational Database Service (Amazon RDS), and Amazon Elastic Kubernetes Service (Amazon EKS); and analytics services like Amazon OpenSearch Service. As a result, teams overseeing security of their AWS environments can: Get comprehensive visibility into cloud assets and accurately categorize them into compute, storage, network, and containers Discover exposure to common cloud attack vectors, especially misconfigurations – the most exploited attack vector for the cloud Measure risks in terms of the likelihood and monetary impact of them being exploited in order to prioritize risks for remediation and report on the overall security posture Visibility Across the Entire Network With the addition of the Connector for AWS, Balbix merges cloud and on-premises visibility in one view, eliminating the need for security practitioners to look through multiple dashboards and allowing them to work more productively. "With a significant portion of our IT infrastructure already running in AWS alongside a longer-term cloud-first strategy to migrate most workloads to the cloud, the addition of the Balbix Connector for AWS enables us to drive down risk comprehensively across our enterprise," said Nate Miller, Senior IT Manager, Global Cyber Security and IT Compliance at Cooper-Standard. "However, we know some critical IT infrastructure will remain on-premises. The unified visibility provided by Balbix is key to enable our cyber security teams to make the best decisions for the business and most efficiently minimize the risk of breach." Advanced Risk Analysis AWS data is analyzed using purpose-built AI algorithms to produce a comprehensive view of cyber-risk for organizational cloud assets, along with relevant context and recommended action items. Risk is measured in dollars, which provides a common language that organizations can use to prioritize projects, spending and track the effectiveness of their overall cybersecurity program. "Traditionally, cyber posture tools have been siloed, only offering views for cloud or on-premises, never both,We are excited to introduce the Balbix Connector for AWS to break down the siloed approach and offer AWS customers a holistic view of their overall corporate risk, along with new insights to manage security under the shared responsibility model." Gaurav Banga, CEO at Balbix About Balbix Balbix is the world's leading platform for cybersecurity posture automation. Using Balbix, organizations can discover, prioritize and mitigate unseen risks and vulnerabilities at high velocity. With seamless data collection and petabyte-scale analysis capabilities, Balbix is deployed and operational within hours, and helps to decrease breach risk immediately. Balbix counts many global 1000 companies among its rapidly growing customer base and was named a "Cool Vendor" by Gartner in 2018.

Read More

DATA SECURITY

Morphisec Announces New Incident Response Services as Enterprise Attacks Escalate

Morphisec | August 16, 2021

Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced the launch of its new incident response services at HIMSS21. The service will help organizations across the healthcare industry, and various other markets, identify, contain, and report on security incidents in progress while validating or verifying the lack of a breach. Morphisec adds this service at a time when a flood of cyber threats have placed businesses under increasing pressure, making incident response necessary for industries like healthcare and manufacturing that need to be operational 24/7. In fact, Morphisec’s Consumer Healthcare Cybersecurity Threat Index found earlier this year that 1 in 5 Americans had a healthcare provider affected by cyberattacks over the last twelve months. Morphisec’s new IR services aims to assist these organizations with containing in-progress incidents, reducing damage, providing recommendations for long-term risk reduction, and auditing critical infrastructure to ensure the lowest possible risk exposure to a cyberattack. The company's highly experienced and on-demand IR team will be led under the direct supervision of the CTO’s office. “In this worsening threat landscape, it’s vital that all businesses have access to the expertise they need to keep their business up and running in the event of a breach -- even if they lack dedicated security professionals,” said Michael Gorelik, Morphisec’s CTO and head of incident response. “Morphisec’s incident response services help every organization under attack to quickly contain the incident, ensure business continuity, and minimize direct and indirect losses. With extensive experience in security incident investigation, companies are in good hands with our talented IR team who will go above and beyond to help them protect their assets from backdoors and persistent malware.” Morphisec’s incident response services will leverage the company’s zero trust at runtime solution to quickly pinpoint and contain threats, promising immediate results before forensic activities are even finalized. Responders will also educate businesses on the root cause of the incident and, in turn, the required corrective actions to improve their current tools and processes. Forensic collection and investigation of affected assets, including the building of an activity timeline, supplying indicators of compromise (IOCs), scoping the impact, mapping of exfiltrated IP, and more Malware analysis: In-depth analysis of a given malware, backdoor, or fileless code, to identify the potential impact Working around the clock during the investigation, with availability whenever we’re needed The option to develop customized scripts to minimize follow-up impact “As cyberattackers continue to target our critical industries such as healthcare, we’re proud to offer this crucial service to organizations who simply cannot afford downtime,” added Gorelik. “Morphisec's impressive suite of cloud-delivered endpoint and server security solutions are already protecting our customers across 8 million endpoints, and the addition of our new incident response service adds a vital layer to triage critical security incidents and reduce the risk of attack for the future.” About Morphisec Morphisec is the world leader in providing advanced security solutions for midsize to small enterprises around the globe. The company’s security products simplify and automatically block modern attacks from the endpoint to the cloud. Unlike traditional security solutions relying on human intervention, Morphisec delivers operationally simple, proactive prevention. This approach protects businesses around the globe with limited security resources and training from the most dangerous and sophisticated cyber attacks.

Read More

DATA SECURITY

Strangeworks and Quantinuum Collaborate to Integrate Quantum-enhanced Cryptographic Key Service

Quantinuum | January 06, 2022

A global leader in quantum computing software, Strangeworks, announced its collaboration with the largest integrated, stand-alone quantum computing company in the world, Quantinuum. Quantinuum offers various vertically integrated solutions, such as comprehensive, hardware-agnostic quantum software and the highest-performing quantum computer. This collaboration aims at implementing quantum-enhanced cryptographic keys, Quantum Origin, and Quantinuuminto the Strangeworks ecosystem. As the world's first commercial product to generate cryptographic keys using quantum computers, Quantum Origin will become an essential ecosystem component. It will also provide seamless access to superior cryptographic keys to its users to help protect them against current security threats. "It's fitting that Strangeworks would expand its industry-leading platform to include quantum technology to help defend against today's cyber threats,We are excited to integrate Quantum Origin to generate the strongest cryptographic keys for Strangeworks and their customers, based on verifiable quantum randomness." Duncan Jones, Head of Cybersecurity at Quantinuum and Cambridge Quantum Strangeworks, as the world's leading Quantum Service Provider™, is constantly improving to provide its users with the latest quantum-based security offerings through the ecosystem. It is crucial to enable the latest in cybersecurity technology, such as the variety of quantum systems available and the data sharing with its users. Once they implement Quantum Origin, they will become the first to do it. "We're excited to welcome Quantinuum into the Quantum Syndicate. Expanding our managed quantum services to encompass cyber security is a natural addition to our enterprise offerings," said William Hurley, founder and CEO of Strangeworks. "The integration of Quantum Origin enables enterprises around the world with a seamless path to quantum-generated cryptographic keys to protect their sensitive data."

Read More

Spotlight

Building a business case to justify fraud-prevention technology investments is, unfortunately, not as straightforward as one might expect. The impact of online fraud on a financial institution is multifaceted and complex.