Expert(s):
Manager, Offensive Security feature_status*/ ?>
Outpost24

Comments Dotted : 12
January 28, 2021

Emotet Takedown – What’s Next
It is great to see that these, often clandestine, operations can have such a tangible effect.

Unfortunately, many people wrongfully think law enforcement does very little against hacking. It is great to see that these, often clandestine, operations can have such a tangible effect. From taking down dark web marketplaces such as Hansa Market to disrupting attacker infrastructure. These operations are incomprehensively large, crossing many international borders and jurisdictions. But also requiring pinpoint accuracy in both digital and physical actions by international and local law

.....Read More

Unfortunately, many people wrongfully think law enforcement does very little against hacking. It is great to see that these, often clandestine, operations can have such a tangible effect. From taking down dark web marketplaces such as Hansa Market to disrupting attacker infrastructure. These operations are incomprehensively large, crossing many international borders and jurisdictions. But also requiring pinpoint accuracy in both digital and physical actions by international and local law enforcement teams.  This is a great story from the front-lines on successful international law enforcement.

  Read Less
January 26, 2021

Intel Latest Hack – Industry Comment
Both the information that is leaked and the breach itself may have a direct impact on a company’s share price.

Financial information, especially sensitive information that may directly be linked to share prices, will always be an enticing target for hackers. The most likely goal is to make a quick profit by selling information to investors or to use the information for their own benefit.

 

Both the information that is leaked and the breach itself may have a direct impact on a company’s share price. This can be used to an adversary’s advantage by either investing with prior insider knowledge or by

.....Read More

Financial information, especially sensitive information that may directly be linked to share prices, will always be an enticing target for hackers. The most likely goal is to make a quick profit by selling information to investors or to use the information for their own benefit.

 

Both the information that is leaked and the breach itself may have a direct impact on a company’s share price. This can be used to an adversary’s advantage by either investing with prior insider knowledge or by leveraging a sudden drop in share-prices caused by disclosure of the breach.

  Read Less
January 25, 2021

Cyber Criminals Publish More Than 4,000 Stolen Sepa Files
However painful the recovery may be, this seems like the right response by SEPA.

As you are dealing with individuals, or collectives of people, with very little ethics you cannot trust them to not blackmail you again after they digitally broke in and stole your data already. So although paying ransom may seem like an ‘easy way to recovery’, you can never be certain to ever regain access to your files and your network will always remain a hostile territory. Even paying the ransom would not have guaranteed that the information would not get leaked, or that a higher ransom

.....Read More

As you are dealing with individuals, or collectives of people, with very little ethics you cannot trust them to not blackmail you again after they digitally broke in and stole your data already. So although paying ransom may seem like an ‘easy way to recovery’, you can never be certain to ever regain access to your files and your network will always remain a hostile territory. Even paying the ransom would not have guaranteed that the information would not get leaked, or that a higher ransom amount is asked at a later stage.

 

However painful the recovery may be, this seems like the right response by SEPA. It probably has been a difficult decision, but it might very well be the safest way forward: To start from scratch, slowly recover from backups and ensure things are setup securely.

  Read Less
June 16, 2020

Expert Reaction On Severe Risk As Amnesty Calls Out Countries With ‘Most Dangerous’ Contact Tracing Apps
The issue we see here is a traditional dilemma between the speed at which an app must be developed and how well the apps are securely designed.
Although the benefits of such apps are evident, the process of gathering the contact information is prone to collecting sensitive information. This, in turn, makes the nature of these apps potentially intrusive towards the user’s privacy and securing the sensitive (health) data. The issue we see here is a traditional dilemma between the speed at which an app must be developed and how well the apps are securely designed. If a secure software development life cycle (SSDLC) approach is used,.....Read More
Although the benefits of such apps are evident, the process of gathering the contact information is prone to collecting sensitive information. This, in turn, makes the nature of these apps potentially intrusive towards the user’s privacy and securing the sensitive (health) data. The issue we see here is a traditional dilemma between the speed at which an app must be developed and how well the apps are securely designed. If a secure software development life cycle (SSDLC) approach is used, then the app’s security and privacy implications are assessed at every step in the development process. Although this takes time, it also means the final app is well thought through in terms of the privacy impact to the users and the securing of the sensitive data. Such a process takes time, which is the key-factor we do not have, and sadly several countries did not take. This exact key-decision making throughout the development lifecycle is what in other countries, such as the Netherlands and the UK led to these apps not being developed. As the impact on privacy and the lack of security in all the proposed app designs were not up to standards. Although there is great potential, if these apps may lead to mass-data gathering, privacy breaches, and leaking of sensitive personal health information we might want to take a step back and ensure these apps are well designed. A hasty decision, even during a pandemic, could have a greater impact than what we bargained for if we do not consider security and privacy by design.  Read Less
June 02, 2020

Future MOT Tests May Include Cars To Be Tested For Cyber Security To Prevent Hacks
Keep in mind though, that even though there is a standard for testing these vehicles, no vehicle will ever be ‘hacker proof’.
This is a great development for the automotive industry, an industry known for its ever-growing array of industry standards and technologies. Having a standard that includes testing the security as part of the overall safety of vehicles is a great way forward. Not just for autonomous vehicles but even for non-autonomous cars being produced today, which are becoming increasingly connected and ‘smart’. Smart dashboards, interconnected infotainment systems, 4G modules, mobile car companion.....Read More
This is a great development for the automotive industry, an industry known for its ever-growing array of industry standards and technologies. Having a standard that includes testing the security as part of the overall safety of vehicles is a great way forward. Not just for autonomous vehicles but even for non-autonomous cars being produced today, which are becoming increasingly connected and ‘smart’. Smart dashboards, interconnected infotainment systems, 4G modules, mobile car companion apps, and an array of diagnostics and sensors all connecting to the central processing unit inside the vehicle. If an attacker is able to intercept data sent by the vehicle, or if the data is centrally stored and insufficiently secured, attackers could learn about the drivers and their vehicles. If attackers are able to somehow manipulate the data that is interpreted by the car’s systems, a whole new range of attacks opens up, which could directly affect the physical world. Although this has been a worry with security of cyber-physical systems for many years already, the automotive industry is so big that it would be great to have a standard such as this to lessen the worry and ensure sufficient testing. Keep in mind though, that even though there is a standard for testing these vehicles, no vehicle will ever be ‘hacker proof’. As hackers are ever-so curious, there will always be flaws uncovered by them at a later stage.  Read Less
May 13, 2020

Hacked Law Firm Informs Celeb Clients Including Lady Gaga And Madonna Of Data Breach – Experts Insight
The REvil (also known as Sodinokibi) ransomware was first identified on April 17, 2019.
Paying ransom does not guarantee that the attackers will not do anything with the data. As a matter of fact, the worst has already happened; the company’s reputation has been impacted. Paying and dealing with the threat actors might therefore be the absolute last resort. Depending on the scale: Investigating the matter, informing customers in full and making sure it does not ever happen again so starting from scratch might be the best way forward here. REvil/Sodinokibi is a strain of.....Read More
Paying ransom does not guarantee that the attackers will not do anything with the data. As a matter of fact, the worst has already happened; the company’s reputation has been impacted. Paying and dealing with the threat actors might therefore be the absolute last resort. Depending on the scale: Investigating the matter, informing customers in full and making sure it does not ever happen again so starting from scratch might be the best way forward here. REvil/Sodinokibi is a strain of ransomware, the threat actor group itself is called ‘GOLD SOUTHFIELD’: The REvil (also known as Sodinokibi) ransomware was first identified on April 17, 2019. It is used by the financially motivated GOLD SOUTHFIELD threat group  Read Less
April 29, 2020

Expert Insight On Hackers Are Creating Backdoor Accounts And Cookie Files On WordPress Sites Running OneTone
With a plethora of useful themes, web components and libraries we often rely on third-parties.
This vulnerability emphasises the importance of understanding what components your web applications are using. Although often deemed a tedious job to keep track of all components, this is a good example of how ‘forgotten’ components become obsolete security issues. With a plethora of useful themes, web components and libraries we often rely on third-parties. This might unknowingly cause dependency issues or -as with this case- result in serious vulnerabilities in our web applications......Read More
This vulnerability emphasises the importance of understanding what components your web applications are using. Although often deemed a tedious job to keep track of all components, this is a good example of how ‘forgotten’ components become obsolete security issues. With a plethora of useful themes, web components and libraries we often rely on third-parties. This might unknowingly cause dependency issues or -as with this case- result in serious vulnerabilities in our web applications. Although it is good to ‘stand on the shoulder of giants’ and use templates, themes, plugins build and proven by others. You should also ensure to pick a trustworthy and reputable giant to stand on.  Read Less
February 26, 2020

Experts Insight On Decathlon Suffers Major Breach Impacting Over 120 Million Customers
With the countless possibilities of ‘quickly deploying a system in the cloud’, security is -still- often overlooked by organisations.
Unfortunately yet another Elastic Database that is open to the public, which has nothing to do with the product itself but purely with how the vendor has decided to set up their infrastructure and deploy their software. With the countless possibilities of ‘quickly deploying a system in the cloud’, security is -still- often overlooked by organisations. As datasets grow to these sizes and contain this sensitive information, data is becoming increasingly valuable to our business and in some.....Read More
Unfortunately yet another Elastic Database that is open to the public, which has nothing to do with the product itself but purely with how the vendor has decided to set up their infrastructure and deploy their software. With the countless possibilities of ‘quickly deploying a system in the cloud’, security is -still- often overlooked by organisations. As datasets grow to these sizes and contain this sensitive information, data is becoming increasingly valuable to our business and in some cases even more valuable than money. Unfortunately, not everyone protects (your) data like the valuable asset it is. Even after vendors make statements such as ‘we take your security and privacy seriously’, we often see security ending-up somewhere on the bottom of the priority list… Assuming it made the priority list at all.  Read Less
January 31, 2020

Experts On Data Breach At Indian Airline SpiceJet Affects 1.2 Million Passengers
This data was most likely never intended to be Internet facing, but unfortunately was.
Ignoring the separate discussion of the legality of this ‘ethical’ hack and it’s disclosure policy, this is a typical example of a lack of security. Whenever you are storing data and especially if it involves sensitive personally identifiable information (PII), that data should be classified and protected according to its classification. High valued data, such as PII should either be stored internally or at least protected by multi-factor authentication if it has a valid reason to be.....Read More
Ignoring the separate discussion of the legality of this ‘ethical’ hack and it’s disclosure policy, this is a typical example of a lack of security. Whenever you are storing data and especially if it involves sensitive personally identifiable information (PII), that data should be classified and protected according to its classification. High valued data, such as PII should either be stored internally or at least protected by multi-factor authentication if it has a valid reason to be accessible over the Internet. This data was most likely never intended to be Internet facing, but unfortunately was. This is a typical example of how multiple missing layers of security results in the exposure of data.  Read Less
January 16, 2020

Security Expert On P&N Bank Breach
Despite any precautions, the matter of the fact remains that no matter how secure an organisation is.
This again emphasises the importance of ensuring that our third-party vendors live up to our own organisation’s security standards. Your own organisation might be well secured, but if sensitive data is processed and stored elsewhere, the third party’s security should at least match your organisation’s security standards. Despite any precautions, the matter of the fact remains that no matter how secure an organisation is, breaches will happen. With our expanding reliance on third parties,.....Read More
This again emphasises the importance of ensuring that our third-party vendors live up to our own organisation’s security standards. Your own organisation might be well secured, but if sensitive data is processed and stored elsewhere, the third party’s security should at least match your organisation’s security standards. Despite any precautions, the matter of the fact remains that no matter how secure an organisation is, breaches will happen. With our expanding reliance on third parties, the best defence is to rapidly be able to pinpoint what happened, where it happened, how it happened and to ensure it will not happen again.  Read Less