FSB contractor breach exposes secret cyber weapons program leveraging IoT vulnerabilities

SC Magazine | March 23, 2020

FSB contractor breach exposes secret cyber weapons program leveraging IoT vulnerabilities
Digital Revolution, a Russian hacking group, has claimed credit for the April 2019 breach of subcontractor ODT (Oday) LLC, which was working with frequent Russian Ministry of Internal Affairs contractor InformInvestGroup CJSC, and published 12 technical documents revealing what the FSB has dubbed the Fronton Program. Inspired by the Mirai botnet, the program developed in 2017 and 2018, according to a ZDNet report, suggests creating an IoT botnet for the FSB marshalling devices – particularly internet security cameras and digital recorders – that still use default logon credentials or easy-to-crack user names and passwords. Once pulled into the botnet, the devices could be used to execute DDoS attacks. “If they transmit video, they have a sufficiently large communication channel to effectively perform DDoS,” the report cited an expose by BBC Russia as saying.

Spotlight

Endpoint security is a client/server information security (IS) methodology for protecting a corporate network through focusing on network devices (endpoints) by monitoring their status, activities, software, authorization and authentication. Security software is installed on any endpoint device, as well as network servers. Such software may include antivirus, antispyware, firewall and a host intrusion prevention system (HIPS).

Spotlight

Endpoint security is a client/server information security (IS) methodology for protecting a corporate network through focusing on network devices (endpoints) by monitoring their status, activities, software, authorization and authentication. Security software is installed on any endpoint device, as well as network servers. Such software may include antivirus, antispyware, firewall and a host intrusion prevention system (HIPS).

Related News

DATA SECURITY

5WPR Announces Dedicated Cybersecurity PR Practice

5WPR | June 30, 2021

One of the largest independently-owned PR firms in the U.S., 5W Public Relations, proudly announces its creation of a specialty cybersecurity practice. The new specialty division will concentrate on PR services connected to anti-fraud, cybersecurity, privacy, and compliance companies for B2C and B2B categories. As a prominent agency and innovator in the PR space, the cybersecurity specialty team holds broad experience operating in privacy, IT infrastructure, SaaS, blockchain, telecom, no-code development and logistics, and artificial intelligence. It also possesses a deeper understanding of these multifaceted technologies. In addition, the cybersecurity specialty team of 5W is also profoundly rooted in cybersecurity culture and hacking, ready to position their customers for the subsequent trending subject. 5WPR was named agency of record for more than a few leaders in the cybersecurity space, including fraud protection solutions, mobile identity systems, parental control monitoring apps, and enterprise technology solution providers used to back our national security. PR services offer the clients services including media relations, messaging and positioning, new market expansion campaigns, initial public offering media strategy, content creation, visibility programs, digital media campaigns, sponsorships/partnerships, event planning, speaking opportunities, and thought leadership. About 5WPR 5W Public Relations, a full-service PR agency in NYC, is well-known for innovative programs that engage with various businesses, ideas, and issues. More than 200 professionals serve clients in B2C and B2B business models for Public Affairs, Crisis Communications, and Digital Marketing. 5W helps businesses with a resourceful, results-driven, and bold approach to communication. 5W was awarded 2020 PR Agency of The Year, and CEO Ronn Torossian was named 2020 Entrepreneur of the Year by the American Business Awards.

Read More

NETWORK THREAT DETECTION

Cybersixgill's industry-leading, automated threat intelligence is now available on the Swimlane Platform.

Cybersixgill | March 18, 2021

Cybersixgill, the pioneer in danger knowledge enablement, today reported that Darkfeed will be accessible through Swimlane's security robotization stage. Presently, Swimlane users can upgrade their danger research and occurrence response by coordinating noteworthy alerts from the industry's broadest and most comprehensive insight assortment from the profound and dull web. "Accurate and actionable intelligence is the key to successfully scaling cyber security operations," said Ron Shamir, VP products and technology alliances at Cybersixgill. "With Darkfeed, Swimlane users gain access to an automated stream of threat intel that they can tailor to meet the needs of their organization's risk posture and tolerance. This marks the beginning of a growing partnership with Swimlane." Controlled by the broadest computerized assortment from the profound and dim web, Cybersixgill Darkfeed is a feed of malicious indicators of compromise (IOCs), including domains, URLs, hashes and IP addresses. With Darkfeed, IOCs are consequently extricated and conveyed progressively. It is noteworthy, permitting Swimlane customers to get and preemptively block items that undermine their association straightforwardly from the Swimlane stage. "Cybersixgill is a natural partner for us as we continue to help customers identify new ways to automate some of security's most time and resource-intensive processes," said Karen Rhys Wood VP global alliances, at Swimlane. "By integrating Darkfeed directly into Swimlane's extensible security automation platform, which was designed with an automation engine as its core and differentiates our platform from other SOAR solutions out there, security operations teams gain industry-leading threat intelligence while eliminating time consuming, manual tasks." Through this joining, common customers can computerize a response to threats ahead of time by using a superior, mechanized danger insight solution based on the most comprehensive information sources from the profound, dim and surface web. Users will actually want to improve their danger chasing activities and direct profound analysis of malware accessible on the dim web. Likewise, they can clandestinely screen basic assets and priorities, as well as respond to threats straightforwardly from the Swimlane stage.

Read More

Terranova Security Recognized as a computer-based software framework for security awareness Representative Vendor in the Gartner

prnewswire | August 26, 2020

Gartner, Inc. has recognized Terranova Security as a Security Awareness Program Platforms Representative Vendor in its 2020 Market Guide for Security Awareness Computer-Based Training (SACBT). Terranova Security, a 2019 Gartner Peer Insights Customers' Choice vendor for SACBT, received the Peer Insights distinction as a vendor in a market that includes ready-to-use, interactive software modules. The effectiveness of the Terranova Security Awareness Platform is based on its content delivery capabilities, sophisticated and scalable reporting metrics, integrations with broader corporate learning systems, and the ability to test and evaluate the awareness training efficacy across a given end-user population. These capabilities help global organizations tackle some of the biggest challenges for security awareness programs: measuring security awareness activities, tailoring messaging for different audiences, and building a security-centric culture.

Read More