Hackers Access Files Of US-Based Cyber Security Firm

Express Computer | July 30, 2019

Hackers Access Files Of US-Based Cyber Security Firm
Using an email address and password mistakenly exposed on the Internet, a hacker gained access to the internal files of US-based cyber security company Comodo, bringing the credibility of the company under question. The credentials were found in a public GitHub repository owned by a Comodo software developer, TechCrunch reported. The account was not protected with two-factor authentication and with the email address and password in hand, the hacker could enter the company’s Microsoft-hosted cloud services. The leaked credentials were discovered by a Netherlands-based security researcher Jelle Ursem who reached out to Comodo Vice-President Rajaswi Das. According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive and the company’s organisation graph on SharePoint, allowing him to see the team”s biographies, contact information, like phone numbers and email addresses, photos, customer documents and calendar.

Spotlight

"Security architecture, based on deception strategies can effectively change the starting point of the legitimate network, providing additional time to prepare adequate defenses. Through configurable logical networking, a virtual network can be designed to monitor, capture, and lure malicious activity deeper into a virtual labyrinth, away from the real network. By incorporating the use of dynamic threat lists, offered by specific security tools, signatures can be created to strengthen the defenses of the internal network before the malicious actions reach the boundary. Using honeynet architecture, the virtual labyrinth can be dynamically and continually created providing protection from attackers. Through real-time knowledge gathering of the attacker’s exploitation techniques, the Labyrinth provides defenders with time to prepare effective countermeasures. In this paper, the demonstration on how the use of honeynet architecture can allow defense teams to strengthen their perimeter, by using customized dynamic threat lists created from a completely configured and monitored environment."

Related News

DATA SECURITY

Area 1 Security and SolCyber Partner to Deliver the Only Managed Preemptive Cloud Email Security to the Midmarket

Area 1 Security | October 22, 2021

Area 1 Security has been selected as the primary cloud email security provider for all customers of SolCyber, the first modern MSSP for the midmarket. Area 1's industry-first preemptive cloud email security stops phishing campaigns 24 days (on average) before they launch — keeping inboxes clean of threats that cause 95% of cybersecurity incidents. The SolCyber and Area 1 partnership brings best-in-class email protection to midsize organizations, which are increasingly targeted by phishing attacks. According to a recent survey by RSM US LLP in partnership with the U.S. Chamber of Commerce, 45% of mid-market executives said that social engineering attacks were successful last year — despite 90% of their organizations providing security awareness training. Additionally, 33% of mid-market executives disclosed that they experienced a ransomware attack or demand in 2020. The implications for mid-market organizations — which typically have fewer in-house resources and specialty expertise compared to larger organizations —are significant and costly. In fact, of the mid-market businesses that have experienced a cyberattack, 63% are unable to resume normal business operations for over a month. In one 12-month period, Area 1 Security prevented more than half a billion dollars in direct losses for its customers, including some of the world's largest healthcare, financial services, retail and consumer goods brands. Its cloud-scale solution is one of the core components in SolCyber's Foundational offering, a simple-to-implement curated technology stack, which also includes endpoint with EDR capabilities, lateral movement detection, and active directory and admin exploitation prevention. We're very excited about our partnership with Area 1 Security. They have an amazing web crawling infrastructure that gives early warning protection that really matters to our customers. It's not often you can find a preemptive security technology that really works, and provides immediate value,Our customers want to stop ransomware and other cyber threats to their businesses. Period. But they typically don't have the time or resources to build a mature security posture on their own. Area 1 fits seamlessly into our Foundational Coverage, it deploys in minutes and is highly scalable, accelerating our customers' time to realize true value. SolCyber CEO Scott McCrady "We are thrilled to partner with a modern MSSP with an extremely user-friendly model. Like Area 1, SolCyber is committed to making it easy for organizations of all sizes to deploy best-in-class cloud-based security," said Steve Pataky, chief revenue officer of Area 1 Security. "We look forward to getting all of SolCyber's customers to INBOX.CLEAN™ — an inbox free of ever-evolving threats that defraud companies of data, dollars and brand confidence." About SolCyber SolCyber, a ForgePoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are streamlined, accessible and affordable for any organization. SolCyber is disrupting the status quo, by providing a new standard of managed security services that work to reduce cyber risk, wastage and complexity. We believe in a secure environment for all. For more information about SolCyber, visit solcyber.com or follow us at @SolCyberMss or on LinkedIn. About Area 1 Security Area 1 Security is the only company that preemptively stops Business Email Compromise, malware, ransomware and targeted phishing attacks. By focusing on the earliest stages of an attack, Area 1 stops phish — the root cause of 95 percent of breaches — 24 days (on average) before they launch. Area 1 also offers the cybersecurity industry's first and only performance-based pricing model, Pay-per-Phish. Area 1 is trusted by government agencies and Fortune 500 enterprises across financial services, healthcare, critical infrastructure and other industries, to preempt targeted phishing attacks, improve their cybersecurity posture, and change outcomes.

Read More

October Virtual Cyber Carnival promotes understanding of cybersecurity through a variety of cyber games

prnewswire | September 29, 2020

Katzcy, a woman-owned small business dedicated to growth hacking and cyber as a sport, today announced the inaugural month-long, virtual Cyber Carnival Games™ promoting Cybersecurity Awareness Month (CSAM) and the critical role of Cyber Gaming in building a strong workforce and helping individuals #BeCyberSmart. This unique event held throughout October 2020 brings together in one place six different gaming platform providers to deliver a fun learning experience for all. From virtual escape rooms to digital puzzles to full-on capture the flag, the Cyber Carnival celebrates cyber awareness by showcasing the power of gaming and competition to help learn and upskill.

Read More

SOFTWARE SECURITY

CyCraft Technology announced that CyCraft JP has officially joined the Nippon CSIRT Association .

prnewswire | November 03, 2020

CyCraft Technology, the quickest developing network safety firm in Asia, today declared that CyCraft JP has authoritatively joined the Nippon CSIRT Association (NCA). CSIRT (Computer Security Incident Response Team, Computer Security Incident Response Team) alludes to a group of security investigators that not just arrangement with and react to network safety episodes, gather and examine occurrence related weakness knowledge, assault strategies, methods, and methodology (TTP) yet additionally plan playbooks and complete reactions to security occurrences. Lately, Japanese associations have started building and building up their own personal inward CSIRTs; notwithstanding, cyberattacks in the 21st century are turning out to be increasingly complex and regular, making it increasingly more hard for one CSIRT to deal with independently. Nippon CSIRT Association (NCA) was set up to bring together the insight, assets, and ability of numerous CSIRTs with the goal that one CSIRT utilizing the knowledge, assets, and capacity of different CSIRTs could conquer security occurrences and increment Japan's general digital flexibility. NCA isn't the principal CSIRT association CyCtaft has joined. Recently, CyCraft Taiwan joined the worldwide CSIRT association, FIRST (Forum of Incident Response and Security Teams). CyCraft Technology isn't simply dedicated to raising the strength of worldwide associations yet additionally dedicated to showing dependability, demonstrable skill, and precise and noteworthy danger insight, explicitly in the APAC market. About CyCraft CyCraft is a world-leading cybersecurity company and the fastest-growing cybersecurity company in Asia. They have developed multiple innovative AI-driven technologies to achieve security intelligent protection automation, such as threat intelligence gateway (TIG), network detection and response (NDR), endpoint protection(EPP), advanced and managed endpoint detection and response (EDR & MDR), and global cyber threat intelligence (CTI), all delivered via their information security monitoring platform, CyCraft AIR. They participated in the U.S. MITRE ATT&CK® Evaluations in 2019 and received top marks in automated detection capabilities with zero configuration changes. CyCraft secures multiple government agencies, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, and SMEs. In Q1 2020, CyCraft won multiple gold awards in Cybersecurity Excellence Awards. In Q2 2020, US venture capital Momentum Cyber included CyCraft in the Advanced MSS & MDR and EDR sectors of their 2020 CYBERscape, and CyCraft won Best Security Solution of Interop Tokyo 2020.

Read More

Spotlight

"Security architecture, based on deception strategies can effectively change the starting point of the legitimate network, providing additional time to prepare adequate defenses. Through configurable logical networking, a virtual network can be designed to monitor, capture, and lure malicious activity deeper into a virtual labyrinth, away from the real network. By incorporating the use of dynamic threat lists, offered by specific security tools, signatures can be created to strengthen the defenses of the internal network before the malicious actions reach the boundary. Using honeynet architecture, the virtual labyrinth can be dynamically and continually created providing protection from attackers. Through real-time knowledge gathering of the attacker’s exploitation techniques, the Labyrinth provides defenders with time to prepare effective countermeasures. In this paper, the demonstration on how the use of honeynet architecture can allow defense teams to strengthen their perimeter, by using customized dynamic threat lists created from a completely configured and monitored environment."