Expert(s):
VPfeature_status*/ ?>
Cerberus Sentinel

Comments Dotted : 26
December 22, 2020

Expert Commentary On Crypto Exchange EXMO Hacked
Cryptocurrency exchanges are attractive targets for cybercriminals for many reasons.

A best practice is not to store and hold large amounts of funds in hot wallets on exchanges but rather transfer to either a cold hardware wallet (that has appropriate recovery codes set and stored securely) or to a standard bank account as the case may be on completion of the exchange transaction. This seeks to reduce personal exposure and loss in case of an exchange compromise.

December 18, 2020

Experts Insight On People’s Energy Data Breach
There must be a fundamental change in mindset regarding information security for all organizations.
There must be a fundamental change in mindset regarding information security for all organizations. Risks from cyber-attack need to be taken with the same seriousness as risks from fire or flooding. The reality is that most security compromises are simple attacks of opportunity and every organization is a viable target for cyber criminals. The same way organizations invest in fire suppression and alarm systems they also must consider cyber security protection and monitoring as part of the.....Read More
There must be a fundamental change in mindset regarding information security for all organizations. Risks from cyber-attack need to be taken with the same seriousness as risks from fire or flooding. The reality is that most security compromises are simple attacks of opportunity and every organization is a viable target for cyber criminals. The same way organizations invest in fire suppression and alarm systems they also must consider cyber security protection and monitoring as part of the cost of doing business. It’s critical that this start with adopting a culture of security from executive management to individual line of business contributors.  Read Less
November 24, 2020

Hoard Of Spotify User Data Exposed By Hackers’ Careless Security Practices – Experts Reaction
Password managers do a great job at alleviating this problem.
It’s easy to blame users for poor password hygiene, but the reality is that it’s very difficult to choose a single strong password. Even harder is to do so for every online account they might have and then keep up with them all. Password managers do a great job at alleviating this problem, but the free ones built in to mobile devices or web browsers can present a problem for users if they need to log into an account from a different type of device, for example the built-in Apple Keychain.....Read More
It’s easy to blame users for poor password hygiene, but the reality is that it’s very difficult to choose a single strong password. Even harder is to do so for every online account they might have and then keep up with them all. Password managers do a great job at alleviating this problem, but the free ones built in to mobile devices or web browsers can present a problem for users if they need to log into an account from a different type of device, for example the built-in Apple Keychain password manager works great on iPhones or Mac computers but not on Microsoft Windows PCs. Third party password managers can solve this problem, but often require a subscription for use. There are a few that offer free tiers as well as open source options such as Bitwarden that offer good solutions.  Read Less
November 11, 2020

Experts On 5.8 Million RedDoorz User Records For Sale On Hacking Forum
The attackers have apparently stolen RedDoorz complete database.
The good news is that RedDoorz appears to have used a secure hashing algorithm, bcrypt, to secure user passwords in the stolen database. Secure hashing algorithms like bcrypt make it much harder for attackers to crack user passwords but they aren’t a silver bullet. Although it makes cracking passwords much slower, simple and short passwords can still be cracked relatively quickly. The attackers have apparently stolen RedDoorz complete database which suggests that the most likely attack.....Read More
The good news is that RedDoorz appears to have used a secure hashing algorithm, bcrypt, to secure user passwords in the stolen database. Secure hashing algorithms like bcrypt make it much harder for attackers to crack user passwords but they aren’t a silver bullet. Although it makes cracking passwords much slower, simple and short passwords can still be cracked relatively quickly. The attackers have apparently stolen RedDoorz complete database which suggests that the most likely attack methods were insecure configuration or storage of the database, or a web attack such as SQL injection. Insecure configuration or storage can often happen if developers who aren’t familiar with security best practices inadvertently expose databases, especially in cloud services. To protect themselves, organizations must adopt a culture of security to ensure that software development processes are tightly integrated with their security operations to encompass proper security protections are in place for not only the developer’s code, but also the underlying systems and applications that it runs on.  Read Less
November 05, 2020

Cyber Experts Comment On Bitdefender Report: The ‘New Normal’ State Of Cybersecurity
The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption.
For the past three decades or so, organizations have invested in centralized information security controls such as firewalls, IPS, and patching solutions that assume that the network population is safely inside the company’s perimeter. The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption, rendering the centralized controls built around it far less effective. Another area of weakness highlighted by the raft of recent .....Read More
For the past three decades or so, organizations have invested in centralized information security controls such as firewalls, IPS, and patching solutions that assume that the network population is safely inside the company’s perimeter. The mass migration to work from home hasn’t so much introduced new threats so much as it has redefined that default assumption, rendering the centralized controls built around it far less effective. Another area of weakness highlighted by the raft of recent VPN and other remote access product vulnerabilities is monolith patch culture. For many organizations, patching efforts are centered around Windows patches, with other third-party software and notably networking equipment only patched on an ad-hoc basis. This reliably leads to delays, confusion, and incomplete coverage for patching even serious security vulnerabilities in these systems.  Read Less
September 30, 2020

Insight into Universal Health Services cyberattack
Modern ransomware gangs are not unsophisticated “script-kiddies”.
This absolutely massive attack targeting UHS shows that even large national organisations can be taken down singlehandedly by ransomware gangs. Indeed, our offensive operations team often finds that the larger an organisation is, the easier it is to take complete control of their computer operations. Large organisation networks can quickly become exponentially complex as different teams and departments each deploy their own systems and applications, often without vetting by their internal.....Read More
This absolutely massive attack targeting UHS shows that even large national organisations can be taken down singlehandedly by ransomware gangs. Indeed, our offensive operations team often finds that the larger an organisation is, the easier it is to take complete control of their computer operations. Large organisation networks can quickly become exponentially complex as different teams and departments each deploy their own systems and applications, often without vetting by their internal security team. This gives attackers a huge attack surface to target. Very often it takes only a single misconfigured system or missing security patch to cause the whole organisation’s defenses to fall like a row of dominoes. Modern ransomware gangs are not unsophisticated “script-kiddies”, they are competent and well-funded hackers capable of capitalising on any mistake a victim makes, especially around monitoring and response to security alerts in the middle of the night. This circumstance is especially unfortunate in the disruption of a large healthcare provider. Without an in-depth, we may not be able to attribute patient deaths or other adverse outcomes to the ransomware attack, but as organisational healthcare operations become more reliant on technology it’s sadly inevitable patient care will suffer in adverse ways from cyber-attacks. The only way for organisations to protect themselves from these potentially catastrophic outcomes is to adopt a culture of security, starting with understanding and support from executive management. If there is no buy-in or budget provided from leadership, not even the most talented security engineers or best of breed products stand a chance against modern ransomware gangs. You must start with the assumption that the attackers will find a way to breach the network perimeter and gain internal network access. If your threat models and security testing don’t start with this assumption you don’t stand a chance of surviving an attack without significant monetary and operational cost. You need a holistic approach that starts with understanding and implementing information security best practices from personnel training to technical configurations. Just as important is regular penetration testing as well as 24/7 security monitoring and threat hunting capabilities to ensure that no security gaps exist and initial alerts of potential compromise are caught and shut down before significant damage occurs.  Read Less
August 20, 2020

Experts Commentary: 235 Million Instagram, TikTok And YouTube User Profiles Exposed In Massive Data Leak
The massive byzantine sharing between platforms, advertisers, and data brokers combined with relatively weak privacy regulation.
These days it’s near impossible to know whose hands your online data ends up in. A sea of data brokers and advertising companies obtain data in direct and indirect ways from almost every company you interact with online: social media platforms, merchants, news and entertainment sites, it’s practically everyone. In this instance it appears the information was all “public”, but it’ still no less frightening to see the massive amount of people it includes. Much the same way as it would.....Read More
These days it’s near impossible to know whose hands your online data ends up in. A sea of data brokers and advertising companies obtain data in direct and indirect ways from almost every company you interact with online: social media platforms, merchants, news and entertainment sites, it’s practically everyone. In this instance it appears the information was all “public”, but it’ still no less frightening to see the massive amount of people it includes. Much the same way as it would be technically legal in many places for someone to film you from the moment you left your house and record your through public places until you returned, it makes it no less creepy to understand the true depth and invasiveness of the tracking that occurs online. The massive byzantine sharing between platforms, advertisers, and data brokers combined with relatively weak privacy regulation almost ensure that leaks of this type of information and worse are going to continue unabated until protection is forced through regulatory means.  Read Less
August 19, 2020

Security Experts On Carnival Hit With Ransomware Attack Exposing Data
Organizations seeking to protect themselves from ransomware attacks must adopt a culture of security.
Attackers move swiftly to exploit critical vulnerabilities. Any organization that is not equipped to locate and patch vulnerable systems in under a week is at a significant risk of compromise from organized hacking groups. Once the network perimeter is breached, it can take skilled hackers little more than a few hours to gain complete control of the victim’s internal network and deploy their ransomware. Victims are left with the choice to either pay the cybercriminals extortion demands or.....Read More
Attackers move swiftly to exploit critical vulnerabilities. Any organization that is not equipped to locate and patch vulnerable systems in under a week is at a significant risk of compromise from organized hacking groups. Once the network perimeter is breached, it can take skilled hackers little more than a few hours to gain complete control of the victim’s internal network and deploy their ransomware. Victims are left with the choice to either pay the cybercriminals extortion demands or attempt to recover operations on their own. Often compromised organizations discover that even if the attackers did not delete their backups that paying the ransom is both cheaper and faster than attempting recovery on their own. The unfortunate fact is that the normal recovery process while functional for recovering the occasional failed system completely fails to work when needing to recover hundreds or thousands of systems at once. Carnival states that they detected the ransomware attack on August 15th, but it’s likely that the attackers had access to their network and data for weeks or months prior to searching and exfiltrating any sensitive data they could find. Organizations seeking to protect themselves from ransomware attacks must adopt a culture of security that includes regularly scanning for serious security holes and patch within a week’s time, ensuring that internal controls and monitoring exist to quickly detect and limit a potential attacker’s access, and ensuring that any recovery operations are effective at a mass scale.  Read Less
July 28, 2020

Experts Insight On FinTech Unicorn Dave Data Breach
The root cause of the breach at Waydev was a blind SQL injection attack.
The data breach of Dave’s customer information highlights the dangers of improper IT security vendor management. Failing to quantify the risk of granting 3rd parties access to sensitive data leads to lax controls and monitoring by many organizations. As part of an effective vendor management program, all business partners that interact with sensitive systems or data should be contractually bound to regularly demonstrate that they are following information security best practices and have.....Read More
The data breach of Dave’s customer information highlights the dangers of improper IT security vendor management. Failing to quantify the risk of granting 3rd parties access to sensitive data leads to lax controls and monitoring by many organizations. As part of an effective vendor management program, all business partners that interact with sensitive systems or data should be contractually bound to regularly demonstrate that they are following information security best practices and have regular security testing or “ethical hacking” performed against their environment. The root cause of the breach at Waydev was a blind SQL injection attack that should have been caught by regular penetration tests and would have prevented this particular breach if remediated.  Read Less
July 24, 2020

Expert Insight On Instacart Customers’ Personal Data Sold On Dark Web
It’s possible that Instacart has unknowningly suffered a breach.
Attribution is a common problem for data posted for sale on dark web forums. It’s possible that Instacart has unknowningly suffered a breach, but it’s also possible that the leak came from a third party with access to Instacart’s data. The unfortunate thing is that most organizations do not have good enough insight to how their data is accessed or where it may have proliferated to. Even if Instacart’s main service has not been compromised, it’s possible that a development or support.....Read More
Attribution is a common problem for data posted for sale on dark web forums. It’s possible that Instacart has unknowningly suffered a breach, but it’s also possible that the leak came from a third party with access to Instacart’s data. The unfortunate thing is that most organizations do not have good enough insight to how their data is accessed or where it may have proliferated to. Even if Instacart’s main service has not been compromised, it’s possible that a development or support technician may have copied live customer data to their local machine or synced it to cloud services such as Dropbox. Once data leaks out of main channels in such ways, it can be difficult if not impossible to identify where it may have been exposed to cybercriminals. 278,531 accounts may be a minority of Instacart’s customer base, but it’s large enough that it’s unlikely to have stemmed from a phishing campaign targeting individual Instacart users. It’s important that all organizations have appropriate controls to secure and actively monitor data that their users entrust them with, however, doing so internally is often a much more difficult and expensive challenge than most business first assume. This leads to gaps in visibility that more often than not lead to security breaches.  Read Less