Expert Comments

Expert Insight On Iranian Hackers Are Hacking VPN Servers To Plant Backdoors In Companies Across The World

Expert(s): Security Experts
Expert(s): Security Experts

During the last quarter of 2019, the ClearSky research team has uncovered a widespread Iranian offensive campaign called “Fox Kitten Campaign”; this campaign is being conducted in the last three years against dozens of companies and organizations in Israel and around the world.

Though the campaign, the attackers succeeded in gaining access and persistent foothold in the networks of numerous companies and organizations from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world.

Experts Comments

Dot Your Expert Comments
Javvad Malik
February 19, 2020
Security Awareness Advocate
KnowBe4

It's important for organisations to remember that security products themselves are software.
Several VPN products have had vulnerabilities disclosed in recent months and so it's not surprising that state-backed groups are looking to leverage their windo of opportunity, knowing all too well that patching vulnerable systems can take organisations a long time. There is a certain irony to this as organisations deploy VPNs for security, could be breached because of those very security products. It's important for organisations to remember that security products themselves are software. .....Read More
Several VPN products have had vulnerabilities disclosed in recent months and so it's not surprising that state-backed groups are looking to leverage their windo of opportunity, knowing all too well that patching vulnerable systems can take organisations a long time. There is a certain irony to this as organisations deploy VPNs for security, could be breached because of those very security products. It's important for organisations to remember that security products themselves are software. And like all other forms of software, they can, and do have flaws and vulnerabilities. Because many security products run at higher privileges, any compromise could give a criminal the keys to the kingdom. Therefore it would be prudent for organisations to identify security software in their asset inventories, and ensure they are patched as a matter of urgency.  Read Less
Marc Gaffan
February 18, 2020
CEO
Hysolate

If one part of your infrastructure is compromised, the most critical areas remain intact.
Sophisticated hackers and especially nation states are going to be the first to use newly disclosed vulnerabilities across operating systems, networking and other areas of corporate and critical infrastructure. That is why Microsoft and other security leaders and urging enterprises to separate their critical and most sensitive infrastructure components from their regular day-to-day infrastructure components, which includes both Privileged Access Workstations and Network Segmentation that will.....Read More
Sophisticated hackers and especially nation states are going to be the first to use newly disclosed vulnerabilities across operating systems, networking and other areas of corporate and critical infrastructure. That is why Microsoft and other security leaders and urging enterprises to separate their critical and most sensitive infrastructure components from their regular day-to-day infrastructure components, which includes both Privileged Access Workstations and Network Segmentation that will ensure that if one part of your infrastructure is compromised, the most critical areas remain intact.  Read Less
Bob Noel
February 18, 2020
VP of Strategic Partnerships
Plixer

At this point, everyone should constantly operate under the assumption that they are already compromised.
Although the recent uptick in global tensions has elevated the perception of risk for many organizations, many have not implemented proper solutions to monitor and visualize their network traffic. At this point, everyone should constantly operate under the assumption that they are already compromised. There is a never-ending stream of new vulnerabilities and every organization, every day, has vulnerable devices connected to the business. Network traffic analysis (NTA) is a must-have technology.....Read More
Although the recent uptick in global tensions has elevated the perception of risk for many organizations, many have not implemented proper solutions to monitor and visualize their network traffic. At this point, everyone should constantly operate under the assumption that they are already compromised. There is a never-ending stream of new vulnerabilities and every organization, every day, has vulnerable devices connected to the business. Network traffic analysis (NTA) is a must-have technology at this point, scrutinizing every conversation and running algorithms to uncover bad actors who have gained a foothold and operating under stealth. Once a hacker gains a foothold, they will look to escalate their privileges through lateral movement. Traditional security tools that sit at the perimeter, cannot see this lateral movement. NTA, on the other hand, is deployed within the network and is purpose-built to monitor all traffic (including east/west traffic) to identify, notify, and remediate the risk.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Fake App Attacks On The Rise, As Malware Hides In...

Expert On Study That Brits Using Pets’ Names As Online...

Expert Reaction On Europol Publishes Its Serious And Organised Crime...

Fake Netflix App Allows Hackers to Hijack WhatsApp

Hackers Pretend To Be Your Friend In The Latest WhatsApp...

Millions Of Brits Still Using Pet’s Names As Passwords Despite...

Advertised Sites May Appear Genuine On First Glance

Facebook Ran Ads For Malware-ridden ‘Clubhouse for PC’

Linkedin Data Of 500 Million Users Being Sold Online

Experts Comments On Identity Management Day – Tuesday 13th April