Expert(s):
CTOfeature_status*/ ?>
Balbix

Comments Dotted : 9
September 18, 2020

CTO On Ransomware Attack On University Hospital New Jersey
When a computer is infected with TrickBot, it can lead to a full compromise of the network with ransomware.
Ransomware attacks on healthcare care organizations continue to plague the industry and this attack highlights the vital need for healthcare organizations to achieve full visibility of their network infrastructure in order to identify and prevent ransomware attacks that can potentially endanger patients and hinder operations. In this case, sources note that an employee of UHNJ was infected with the TrickBot trojan at the end of August. When a computer is infected with TrickBot, it can lead to .....Read More
Ransomware attacks on healthcare care organizations continue to plague the industry and this attack highlights the vital need for healthcare organizations to achieve full visibility of their network infrastructure in order to identify and prevent ransomware attacks that can potentially endanger patients and hinder operations. In this case, sources note that an employee of UHNJ was infected with the TrickBot trojan at the end of August. When a computer is infected with TrickBot, it can lead to a full compromise of the network with ransomware. To defend against these types of attacks, organizations must get ahead of the threat by using proactive technologies to help identify and mitigate the risk of ransomware before an outbreak occurs. Solutions that leverage artificial intelligence (AI) and machine learning (ML) to quantify and prioritize breach risk can ensure maximum breach risk reduction from a given set of resources.  Read Less
August 28, 2020

Email Threads Hijacked By The QBot Trojan – Security Expert Insight
The QBot Trojan’s malware is able to steal browsing data, email records, and even banking credentials.
Today it was reported that the QBot Trojan operators are using new tactics to hijack legitimate, emailed conversations in order to steal credentials and financial data. The QBot Trojan’s malware is able to steal browsing data, email records, and even banking credentials. It is also able to install additional malware and ransomware, such as mimikatz, which harvests credentials. Basically, QBot preys on several common end user weaknesses. One of the ways that companies can help their.....Read More
Today it was reported that the QBot Trojan operators are using new tactics to hijack legitimate, emailed conversations in order to steal credentials and financial data. The QBot Trojan’s malware is able to steal browsing data, email records, and even banking credentials. It is also able to install additional malware and ransomware, such as mimikatz, which harvests credentials. Basically, QBot preys on several common end user weaknesses. One of the ways that companies can help their employees from falling victim to this malware and other cyber threats, is to teach password management and hygiene, as hackers are taking advantage of rampant password reuse. The fact is, the average password is reused 2.7 times, with 99% of users reusing passwords either across work accounts or between work and personal accounts, according to a recent report. Additionally, it's important to engage with your users continuously on appropriate cyber hygiene. With the initial payload delivered via URLs in documents, training is an important factor. It's helpful to keep track of your highest risk users as well, via automated, AI-based tools that identify risky behavior that's likely to lead to phishing or malware downloads.  Read Less
July 28, 2020

Experts Insight On FinTech Unicorn Dave Data Breach
Dave is far from alone in struggling to manage vulnerabilities across a rapidly growing digital infrastructure.
The latest hack by ShinyHunters reflects the serious challenges posed by network visibility and user access. Despite the fact that digital banking app Dave no longer worked with Waydev, compromised OAuth tokens used by Waydev exposed the information of 7.5 million Dave users, including their real names, phone numbers, emails, birth dates and home addresses as well as encrypted Social Security numbers. Dave is far from alone in struggling to manage vulnerabilities across a rapidly growing.....Read More
The latest hack by ShinyHunters reflects the serious challenges posed by network visibility and user access. Despite the fact that digital banking app Dave no longer worked with Waydev, compromised OAuth tokens used by Waydev exposed the information of 7.5 million Dave users, including their real names, phone numbers, emails, birth dates and home addresses as well as encrypted Social Security numbers. Dave is far from alone in struggling to manage vulnerabilities across a rapidly growing digital infrastructure. According to a recent report, nearly half (46%) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited. This leaves security teams flying blind when it comes to prioritizing risk and leaves organizations vulnerable to unexpected attacks, such as those exploiting a breach at a former third party partner with access to sensitive data. To manage risk across their networks as well as a growing array of partners, the enterprise needs to tools that can monitor and prioritize vulnerabilities across the entire threat ecosystem, particularly areas with low visibility like user management.  Read Less
May 22, 2020

Home Chef Data Breach: Experts Commentary
Compromised credentials still account for over 80% of hacking-related data breaches.
Companies are increasingly shifting their business models online, especially now due to new remote work policies amid the coronavirus crisis. Food delivery services such as Home Chef are currently in great demand and for customers to use these services, they must first create accounts with email addresses and passwords as well as other personal and financial data. Home Chef must ensure that the account data it collects and manages on millions of uses’ is properly protected. Compromised.....Read More
Companies are increasingly shifting their business models online, especially now due to new remote work policies amid the coronavirus crisis. Food delivery services such as Home Chef are currently in great demand and for customers to use these services, they must first create accounts with email addresses and passwords as well as other personal and financial data. Home Chef must ensure that the account data it collects and manages on millions of uses’ is properly protected. Compromised credentials still account for over 80% of hacking-related data breaches, making credential theft a worthy target for sophisticated hackers like Shiny Hunters. Considering that 99% of employees reuse passwords across an average of 2.7 work and personal accounts, it is highly likely that this breach compromised many more millions of accounts beyond the Home Chef accounts alone. For Home Chef, this breach should serve as a rude awakening to ensure a strong security posture is met, including implementation of an effective multifactor authentication strategy for access to all customer data. For consumers and enterprises, this is a similar wake-up call to leverage multifactor authentication whenever possible, and to stop reusing passwords across sites.  Read Less
May 06, 2020

Experts Commentary On GoDaddy Informs Customers Of Data Breach From October
GoDaddy is the largest domain registrar in the world, serving 19 million customers.
GoDaddy is the largest domain registrar in the world, serving 19 million customers. This breach is yet another example of the importance of basic cyber hygiene, including multifactor authentication (MFA). Since the SSH access in question is typically available only to privileged users, the need for MFA is even more critical. Unfortunately, GoDaddy does not offer MFA for SSH connections, highlighting one of the downsides of using third party services. In the absence of MFA, organizations using.....Read More
GoDaddy is the largest domain registrar in the world, serving 19 million customers. This breach is yet another example of the importance of basic cyber hygiene, including multifactor authentication (MFA). Since the SSH access in question is typically available only to privileged users, the need for MFA is even more critical. Unfortunately, GoDaddy does not offer MFA for SSH connections, highlighting one of the downsides of using third party services. In the absence of MFA, organizations using this service should disable SSH access, enabling only during times when they are using it. Large enterprises, especially those in the IT space, have to make cybersecurity and incident response a top priority to ensure that their customers are proactively protected from all online threats. It is unfortunate in this case that GoDaddy did not report the breach until almost eight months after it had occurred. The unauthorized individual had plenty of time to access login credentials of SSH accounts, and even though GoDaddy has confirmed that the individual is now blocked from their systems, the account credentials have still been compromised. Unfortunately, so many consumers have poor password hygiene and use weak and reused credentials for several of their online accounts – if not all of them. Every GoDaddy customer must make certain that any matching or similar login credentials to personal and/or work accounts have been updated using unique passwords, and be on high alert for forthcoming targeted attacks. This is especially critical to consider amid COVID-19, given that cyberattacks related to the pandemic continue to rise.  Read Less
April 01, 2020

Industry Leaders And Cybersecurity Experts Insight On Marriott International Data Breach
In this most recent case, compromised login credentials have given intruders insider’s access.
Marriott’s data breach in 2018 that compromised information of as many as 383 million guests and resulted in a $123 million fine, stood as one of the largest to occur by number of records exposed. Today, the multinational hospitality company has suffered yet another breach, showcasing how the company still lacks proactive security strategies that identify and address vulnerabilities that put them at risk prior to millions of guests’ personal information being compromised. In this most.....Read More
Marriott’s data breach in 2018 that compromised information of as many as 383 million guests and resulted in a $123 million fine, stood as one of the largest to occur by number of records exposed. Today, the multinational hospitality company has suffered yet another breach, showcasing how the company still lacks proactive security strategies that identify and address vulnerabilities that put them at risk prior to millions of guests’ personal information being compromised. In this most recent case, compromised login credentials have given intruders insider’s access. Although monitoring and analysis within the enterprise can identify suspicious activity, these credentials effectively bypass perimeter security and complicate detection. What’s more, if these login credentials have been reused across services, all Marriott applications that share credentials are now vulnerable. Enterprises must proactively get ahead of the threat of compromised credentials by implementing effective password policies that ensure suitable password strength and do not allow password sharing. Additionally, by using two-factor authentication via a trusted second factor, companies can significantly reduce the number of breaches that occur due to compromised credentials.  Read Less
March 11, 2020

8 Million Sales Records On Amazon, Ebay, Shopify Exposed – Security Expert Opinion
Despite billions invested in security, enterprises are failing at the infosec equivalent of washing their hands.
The DevOps revolution and cloud computing have resulted in a double edged sword for enterprises. The same tools that enable organizations to move fast have caused untold, embarrassing breaches like this, showcasing the direct result of rapid adoption without sufficient security oversight. These security incidents continue to recur, all following the same script - customer data gets uploaded to cloud server; well-meaning developer neglects to password protect or encrypt that externally exposed.....Read More
The DevOps revolution and cloud computing have resulted in a double edged sword for enterprises. The same tools that enable organizations to move fast have caused untold, embarrassing breaches like this, showcasing the direct result of rapid adoption without sufficient security oversight. These security incidents continue to recur, all following the same script - customer data gets uploaded to cloud server; well-meaning developer neglects to password protect or encrypt that externally exposed database; hacker or threat researcher exposes the data. Unencrypted, unauthenticated, publicly accessible databases wait for bad actors to discover them. Despite billions invested in security, enterprises are failing at the infosec equivalent of washing their hands. Since an organization can't improve what it can't measure, the starting point for a company to improve their cyber hygiene is to inventory, categorize, and measure the criticality of their assets. From there, basic resilience begins with identity, encryption, and network segmentation.  Read Less
March 03, 2020

Walgreens Mobile Data Leak – Commentary From Experts
Lack of proper cyber hygiene has resulted in yet another embarrassing, and likely costly, security incident.
Walgreens and other large enterprises that are innovating at such rapid rates in order to establish themselves as major forces in new expanding markets like digital healthcare, must make cybersecurity a top priority. Unfortunately, this incident sounds like another situation where a product was rushed to market without appropriate security vetting. This is an all-too-common occurrence in today's fast moving enterprises, where security teams are often pulled in after launch, if at all. Proper.....Read More
Walgreens and other large enterprises that are innovating at such rapid rates in order to establish themselves as major forces in new expanding markets like digital healthcare, must make cybersecurity a top priority. Unfortunately, this incident sounds like another situation where a product was rushed to market without appropriate security vetting. This is an all-too-common occurrence in today's fast moving enterprises, where security teams are often pulled in after launch, if at all. Proper analysis of this messaging feature in the Walgreens app would probably have uncovered an unencrypted underlying database, as well as lack of authentication and authorization features critical to prohibiting data crossover of this sort. Lack of proper cyber hygiene has resulted in yet another embarrassing, and likely costly, security incident.  Read Less
February 20, 2020

Experts Insight On Ransomware Attack Forces U.S. Gas Pipeline To Shut Down
The organization also cited ‘gaps in cybersecurity knowledge and the wide range of possible scenarios.’
This is yet another breach where humans are the easiest path to infiltration by attackers. As with other high profile events, this one propagated from a lower value target to an extremely high value target. Starting with a targeted phishing attack, the adversary then pivoted across networks, eventually using commodity ransomware to encrypt critical infrastructure data. Organizations, especially those protecting critical assets, must ensure that propagation risk doesn't overshadow other efforts.....Read More
This is yet another breach where humans are the easiest path to infiltration by attackers. As with other high profile events, this one propagated from a lower value target to an extremely high value target. Starting with a targeted phishing attack, the adversary then pivoted across networks, eventually using commodity ransomware to encrypt critical infrastructure data. Organizations, especially those protecting critical assets, must ensure that propagation risk doesn't overshadow other efforts to protect those assets. The organization also cited ‘gaps in cybersecurity knowledge and the wide range of possible scenarios.’ Every organization's attack surface is huge, and grows with digital transformation and with the ever increasing number of attack methods available to adversaries, leaving an unlimited number of things that can go wrong. Cybersecurity is no longer a human scale problem, so risk-based prioritization, across all assets and attack vectors, must form the basis for information security decision making.  Read Less