Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Top Posts
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Expert On How The UK Police Data Loss...
Cyber Criminals Left Stolen Phishing Credentials Exposed To...
Cyber Expert On Malware Found On Laptops Provided...
OpenText Research Offers A Snapshot Of UK Attitudes...
How Much Are You Worth On The Dark...
Experts Reaction On World Economic Forum 2021 Report...
Major Security Flaws Found In Signal And other...
Comment On IoT Risks Of Peloton Bike
Top‌ ‌3‌ ‌Priorities‌ ‌For‌ ‌CISOs’‌ ‌2021‌ ‌Security‌ ‌Programs
Information Security Buzz

Connecting Security Experts

  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Expert(s): November 30, 2020
Saryu Nayyar
CEOfeature_status*/ ?>
Gurucul

Comments Dotted : 85
January 22, 2021

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Organizations still need to maintain strong perimeter and interior defenses.

The report of malicious actors having their stolen user IDs and passwords revealed by a simple Google search is Karma in action.  It shows that attackers are susceptible to the same sort of simple configuration errors that many of them leverage against their targets.  But this case also shows that attackers can operate phishing schemes successfully for many months before they're exposed.

 

Sadly, users often remain the weakest link in the security chain.  While user education can help,

.....Read More

The report of malicious actors having their stolen user IDs and passwords revealed by a simple Google search is Karma in action.  It shows that attackers are susceptible to the same sort of simple configuration errors that many of them leverage against their targets.  But this case also shows that attackers can operate phishing schemes successfully for many months before they're exposed.

 

Sadly, users often remain the weakest link in the security chain.  While user education can help, organizations still need to maintain strong perimeter and interior defenses, including multi-factor authentication and security analytics, to resist intrusions when credentials are stolen through clever phishing or social engineering attacks.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organizations still need to maintain strong perimeter and interior defenses...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-criminals-left-stolen-phishing-credentials-exposed-to-google-searches

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organizations still need to maintain strong perimeter and interior defenses...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-criminals-left-stolen-phishing-credentials-exposed-to-google-searches

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 22, 2021

A Chinese Hacking Group Is Stealing Airline Passenger Details

Victims of these attacks are not facing common cybercriminals. 

The revelation that advanced attackers, apparently based in China, have been targeting airline travel sites to track specific individuals is not a surprise.   Tracking the travel patterns of individuals involved in certain industries or areas of research is information of great value to a State level intelligence agency.  While it is the kind of specific information that might be useful to a cybercriminal going after a specific target, is guaranteed to be useful to a rival state agency. 

 

Victi

.....Read More

The revelation that advanced attackers, apparently based in China, have been targeting airline travel sites to track specific individuals is not a surprise.   Tracking the travel patterns of individuals involved in certain industries or areas of research is information of great value to a State level intelligence agency.  While it is the kind of specific information that might be useful to a cybercriminal going after a specific target, is guaranteed to be useful to a rival state agency. 

 

Victims of these attacks are not facing common cybercriminals.  They are likely facing State or State-Sponsored threat actors with a high degree of skill and effectively limitless resources.  They will have to up their game if they want to thwart these intrusions in the future and keep their customer's data safe.  They will have to follow industry best practices and deploy best in breed defenses, including security analytics tools that can help identify and remediate these intrusions before the data is compromised.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Victims of these attacks are not facing common cybercriminals. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/a-chinese-hacking-group-is-stealing-airline-passenger-details

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Victims of these attacks are not facing common cybercriminals. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/a-chinese-hacking-group-is-stealing-airline-passenger-details

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 21, 2021

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

Two million Pixlr user accounts did not include financial information.

While the revelation of details on almost two million Pixlr user accounts did not include financial information, it did include password hashes and enough information to be valuable for an attacker to launch carefully crafted spear phishing attacks, or a cast-netting attack against the Pixlr user base.

Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Two million Pixlr user accounts did not include financial information...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-commentary-hacker-posts-1-9-million-pixlr-user-records-for-free-on-forum

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Two million Pixlr user accounts did not include financial information...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-commentary-hacker-posts-1-9-million-pixlr-user-records-for-free-on-forum

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 20, 2021

FreakOut Botnet Targets Linux- Experts Offer Perspective

Identifying an infection should be relatively straightforward using network monitoring or security analytics tools provided they are in place.

Historically, Linux systems have been reasonably secure and received patches quickly when a vulnerability comes to light. Unfortunately, Linux and Windows share the same problem in that applications that run on those platforms may not be patched as quickly as the underlying OS. The recent FreakOut botnet attack targets multiple recent application vulnerabilities that may not yet be patched on production systems.  Fortunately, the botnet is still quite small and relies on Internet Relay Chat

.....Read More

Historically, Linux systems have been reasonably secure and received patches quickly when a vulnerability comes to light. Unfortunately, Linux and Windows share the same problem in that applications that run on those platforms may not be patched as quickly as the underlying OS. The recent FreakOut botnet attack targets multiple recent application vulnerabilities that may not yet be patched on production systems.  Fortunately, the botnet is still quite small and relies on Internet Relay Chat (IRC) for command and control.  That means that identifying an infection should be relatively straightforward using network monitoring or security analytics tools provided they are in place.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Identifying an infection should be relatively straightforward using network monitoring or security analytics tools provided they are in place...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/freakout-botnet-targets-linux-experts-offers-perspective

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Identifying an infection should be relatively straightforward using network monitoring or security analytics tools provided they are in place...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/freakout-botnet-targets-linux-experts-offers-perspective

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 13, 2021

Mimecast Compromised By Threat Actor

The attack against Mimecast and their secure connection to Microsoft's Office 365 infrastructure appears to be the work.

The attack against Mimecast and their secure connection to Microsoft's Office 365 infrastructure appears to be the work of the same sophisticated attackers that breached Solarwinds and multiple government agencies. This shows the skill and tenacity State and State sponsored actors can bring to bear when they are pursuing their agenda.  Against this sort of opponent, civilian organizations will need to up their game if they don't want to become the next headline. Basic cybersecurity is not

.....Read More

The attack against Mimecast and their secure connection to Microsoft's Office 365 infrastructure appears to be the work of the same sophisticated attackers that breached Solarwinds and multiple government agencies. This shows the skill and tenacity State and State sponsored actors can bring to bear when they are pursuing their agenda.  Against this sort of opponent, civilian organizations will need to up their game if they don't want to become the next headline. Basic cybersecurity is not enough.  Organizations need to employ industry best practices, and then go farther with user education, programs to review and update their security, and deploying best in breed security solutions, including security analytics. The long term advantage is that defenses designed to resist a State level attack should be more than enough to thwart the more common cybercriminal.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The attack against Mimecast and their secure connection to Microsoft\'s Office 365 infrastructure appears to be the work...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/mimecast-compromised-by-threat-actor

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The attack against Mimecast and their secure connection to Microsoft\'s Office 365 infrastructure appears to be the work...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/mimecast-compromised-by-threat-actor

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 12, 2021

Experts Insight On UN’s Environmental Program Breach-100K+ Employee Records Leaked

Fortunately, the UN's IT team reacted quickly to close the hole.

Ethical Hacking group Sakura Samurai's exposure of the United Nations Environment Program's git repositories is another classic example of the consequences of an unintentional misconfiguration.  Fortunately, the UN's IT team reacted quickly to close the hole, but it is likely that threat actors had already discovered the vulnerable data and acquired it themselves.

 

This shows that even multinationals with mature cybersecurity practices are not immune to this kind of misconfiguration, and

.....Read More

Ethical Hacking group Sakura Samurai's exposure of the United Nations Environment Program's git repositories is another classic example of the consequences of an unintentional misconfiguration.  Fortunately, the UN's IT team reacted quickly to close the hole, but it is likely that threat actors had already discovered the vulnerable data and acquired it themselves.

 

This shows that even multinationals with mature cybersecurity practices are not immune to this kind of misconfiguration, and points out the need for regular configuration reviews along with a full security stack that includes security analytics to identify and remediate these vulnerabilities before threat actors can discover them.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Fortunately, the UN\'s IT team reacted quickly to close the hole...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-uns-environmental-program-breach-100k-employee-records-leaked

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Fortunately, the UN\'s IT team reacted quickly to close the hole...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-uns-environmental-program-breach-100k-employee-records-leaked

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 06, 2021

CISA Cites Likely Russian Solar Winds Involvement – Expert Perspective

The cold war isn't over. It just moved to the internet. 

The cold war isn't over. It just moved to the internet.  And the SolarWinds attack is a perfect example of a State or State Sponsored actor turning their resources to cyberattack.  Unlike typical cybercriminals, these threats at this level have almost unlimited resources and will target virtually anything that may forward their agenda.

 

It is likely the damage from this attack will run much deeper than is revealed to the public, but it may serve as a wakeup call that organizations and vendors

.....Read More

The cold war isn't over. It just moved to the internet.  And the SolarWinds attack is a perfect example of a State or State Sponsored actor turning their resources to cyberattack.  Unlike typical cybercriminals, these threats at this level have almost unlimited resources and will target virtually anything that may forward their agenda.

 

It is likely the damage from this attack will run much deeper than is revealed to the public, but it may serve as a wakeup call that organizations and vendors at all levels need to up their cybersecurity game.  They need to assess their current security posture and make sure they have the best possible components in place, including security analytics.  The benefit is that designing defenses to blunt State level attackers should be more than enough to thwart common cybercriminals.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The cold war isn\'t over. It just moved to the internet. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cisa-cites-likely-russian-solar-winds-involvement-expert-perspective

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The cold war isn\'t over. It just moved to the internet. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cisa-cites-likely-russian-solar-winds-involvement-expert-perspective

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 05, 2021

Experts Reacted On Payment Processor Juspay Leaks 100 Mil+ Cardholders’ Data

Perhaps the biggest concern is the dwell time.

The Juspay breach shows that 2021 is starting off Business as Usual for malicious actors, with long dwell times between intrusion and discovery.  While some of the data in this breach were obfuscated, there is a very real possibility that the attackers could overcome the obfuscation.  Even if they don't, the stolen information could be used for sophisticated social engineering or spear-phishing attacks.

 

Perhaps the biggest concern is the dwell time.   The breach happening mid-August 2020 and

.....Read More

The Juspay breach shows that 2021 is starting off Business as Usual for malicious actors, with long dwell times between intrusion and discovery.  While some of the data in this breach were obfuscated, there is a very real possibility that the attackers could overcome the obfuscation.  Even if they don't, the stolen information could be used for sophisticated social engineering or spear-phishing attacks.

 

Perhaps the biggest concern is the dwell time.   The breach happening mid-August 2020 and only being reported now, indicates there may have been some gaps in Juspay's security stack or their security operations process.

 

  Read Less
Like(2)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Perhaps the biggest concern is the dwell time...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-payment-processor-juspay-leaks-100-mil-cardholders-data

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Perhaps the biggest concern is the dwell time...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-payment-processor-juspay-leaks-100-mil-cardholders-data

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 05, 2021

1 Mil Gamers’ Acctounts Compromised By Major Gaming Firms – Expert Perspectives

User credential theft is nothing new. 

User credential theft is nothing new.  Phishing and Social Engineering schemes have been targeting user accounts almost since they've existed, and Kela's revelation of the scope of employee credential loss is, unfortunately, not a surprise.  Companies need to step up their AAA (Authentication, Authorization, Accounting) game to include multi-factor authentication and add security analytics to enable risk-based authentication as well.  Attackers will continue to find ways to gather user ID

.....Read More

User credential theft is nothing new.  Phishing and Social Engineering schemes have been targeting user accounts almost since they've existed, and Kela's revelation of the scope of employee credential loss is, unfortunately, not a surprise.  Companies need to step up their AAA (Authentication, Authorization, Accounting) game to include multi-factor authentication and add security analytics to enable risk-based authentication as well.  Attackers will continue to find ways to gather user ID and password combinations, but by adding additional defenses it's possible to reduce the risk of a serious breach.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"User credential theft is nothing new. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/1-mil-gamers-acctounts-compromised-by-major-gaming-firms-expert-perspectives

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"User credential theft is nothing new. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/1-mil-gamers-acctounts-compromised-by-major-gaming-firms-expert-perspectives

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 04, 2021

Multi-Platform Credit Card Skimmer Discovered- Expert Offers Perspective

It is telling that this new strain appears to have gone undetected for several months.

Sansec's revelation of a Magecart style skimmer that can infect multiple platforms is another indication of how sophisticated the attackers have become, while their attack tools evolve to become more versatile and effective.  It is telling that this new strain appears to have gone undetected for several months.  However, the revealed details also point to ways we can defend against this recent generation of attack tools.  While home users can't be expected to have a full security stack,

.....Read More

Sansec's revelation of a Magecart style skimmer that can infect multiple platforms is another indication of how sophisticated the attackers have become, while their attack tools evolve to become more versatile and effective.  It is telling that this new strain appears to have gone undetected for several months.  However, the revealed details also point to ways we can defend against this recent generation of attack tools.  While home users can't be expected to have a full security stack, there are tools they can use locally, or hosted by their ISP, that could help prevent this sort of attack.

  Read Less
Like(0)  (0)

Linkedin Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
" It is telling that this new strain appears to have gone undetected for several months...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/multi-platform-credit-card-skimmer-discovered-expert-offers-perspective

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
" It is telling that this new strain appears to have gone undetected for several months...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/multi-platform-credit-card-skimmer-discovered-expert-offers-perspective

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Matias Madou, Co-founder and CTO, Secure Code Warrior

"It’s imperative that all developers are trained in how to code securely from the outset. "

Expert On How The UK Police Data Loss Could Have Been Easily Prevented

Stephen Kapp, CTO and Founder, Cortex Insight

"Pixlr should look to improve its internal processes by holding user information. "

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

George Glass, Head of Threat Intelligence, Redscan

"Gamarue is able to spread across a user’s local network and is also capable of installing additional strains of malware. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Jake Moore, Cybersecurity Specialist, ESET

"Gamarue.1 is an old virus from quite a few years ago. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Niamh Muldoon, Senior Director of Trust and Security EMEA, OneLogin

"New and young students using online learning for the first time are most vulnerable. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"All computers, no matter the make, model, or operating system should run some type of antivirus or anti-malware protection. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"Department of Education should be putting security parameters. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Sam Curry, Chief Security Officer, Cybereason

"The National Cyber Security Centre offer free advice on secure home working. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Brian Higgins, Security Specialist, Comparitech.com

"The potential for malicious software to be used against recipients is not limited to the children. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Chloé Messdaghi, VP of Strategy, Point3 Security

"The attack approach was also clever. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Saryu Nayyar, CEO, Gurucul

"Organizations still need to maintain strong perimeter and interior defenses. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Oliver Cronk, Chief IT Architect, EMEA, Tanium

"This story is part of a wider challenge facing schools at the moment. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Andy Teichholz, Senior Industry Strategist, Compliance and Legal, OpenText

"In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Lou Blatt, Senior Vice President and CMO, OpenText

"Digital is now central to almost every business interaction – generating more data for companies to manage and secure. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Greg Bell, CEO, Corelight

"This type of network infiltration is often difficult to identify. "

A Chinese Hacking Group Is Stealing Airline Passenger Details

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel