What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-03-21 12:26:29 | 21 - 23 mai: le Congrès de la cybersécurité de Barcelone réunira les meilleures solutions pour arrêter les cyberattaques 21 - 23 May: The Barcelona Cybersecurity Congress will bring together the best solutions to stop cyber-attacks (lien direct) |
Le Congrès de la cybersécurité de Barcelone réunira les meilleures solutions pour arrêter les cyberattaques
-
événements
The Barcelona Cybersecurity Congress will bring together the best solutions to stop cyber-attacks - EVENTS |
Conference | CCleaner | ★★★ |
 |
2023-11-13 11:00:00 | Élimination solidement de l'ancienne électronique et des données: un guide médico-légal pour protéger vos informations Securely disposing of old electronics and data: A forensic guide to protecting your information (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In our rapidly evolving digital landscape, the accumulation of old electronic devices is a common occurrence. Laptops, smartphones, external hard drives, and USB flash drives quickly become outdated and obsolete, yet they often contain a wealth of sensitive information. Safeguarding your personal and confidential data during the disposal process is of utmost importance. This article presents an in-depth guide on how to forensically dispose of old electronics and data, ensuring that your privacy and security are maintained at every step. Back up and transfer data Before you embark on the journey of disposing of an electronic device, it\'s essential to initiate a thorough backup process. This backup serves two crucial purposes: preserving valuable data and enabling its transfer to a new device or storage medium. Here\'s how to proceed: Identify valuable data: Start by identifying and categorizing the data that you want to preserve. This includes documents, photos, music, and any other information that holds personal or professional significance. Backup methods: Utilize a variety of backup methods to safeguard your data. These include external hard drives, cloud storage services, or network-attached storage (NAS) systems. Ensure that all data, including files stored in the cloud, is included in your backup. Wipe your data Once your data is securely backed up, the next step is to thoroughly wipe your electronic device to make any data unrecoverable by standard means. Depending on the type of device, follow these procedures: A. Use data-wiping software: Software options: Employ reputable data-wiping software such as DBAN (Darik\'s Boot and Nuke), Eraser, or CCleaner. Follow instructions: Carefully follow the instructions provided by the software to ensure your data is erased securely and unrecoverably. B. Factory reset: For mobile devices: Perform a factory reset on smartphones and tablets to erase all data and return the device to its original settings. Remember to remove any SIM cards or memory cards before initiating the reset. C. Securely erase hard drives: For computers and external hard drives: Use the Secure Erase feature for solid-state drives (SSDs) or employ the "shred" command on Linux systems for hard disk drives (HDDs). Physical destruction When dealing with devices that may still contain sensitive data or those that are too damaged or outdated to be wiped effectively, physical destruction is the most secure method to guarantee the protection of your data. Consider these approaches: a. Smash or shred: Utilize a hammer, drill, or engage a professional shredding service to physically destroy hard drives, SSDs, and other storage devices. Ensure that the platters or chips are shattered beyond recovery. b. Degaussing: Some companies offer degaussing services that employ strong magnets to erase data on magnetic media, such as tapes or older hard drives. Dispose of electronics responsibly After your data is securely wiped or destroyed, the final step is to dispose of your electronic devices in a responsible and environmentally friendly manner. To ensure responsible disposal, consider the following actions: a. Recycle: Many electronics retailers and recycling centers accept old devices for recycling. Look for e-waste recycling programs in your local area to ensure your old electronics do not end up in a landfill. b. Trade-in or donate: If your device is still in working condition, consider trading it in or donating it to a charitable organization. This practice promotes sustainability by extending the useful life of your elect | Tool Cloud | CCleaner | ★★★ |
 |
2023-07-24 01:22:11 | Forge, filiale de Société Générale, obtient la licence de DASP (lien direct) | La filiale de la Société Générale, Forge, a obtenu une licence de fournisseur de services d'actifs numériques (DASP) de la part de l'Autorité des marchés financiers (AMF). L'obtention de cette licence place Forge en position avantageuse sur le marché des crypto-monnaies, offrant ainsi une nouvelle dimension à l'activité du conglomérat. | General Information | CCleaner | ★★★★ |
 |
2023-06-21 18:21:00 | Le propriétaire de Norton Lifelock, la police de Vancouver Transit confirme les violations de Moveit Norton LifeLock owner, Vancouver Transit Police confirm MOVEit breaches (lien direct) |
Les nouvelles victimes se sont présentées pour confirmer que leurs données ont été accessibles par l'exploitation des vulnérabilités dans le outil de transfert de fichiers Moveit - Un cybercriminel tactique aUtilisé dans plusieurs incidents de haut niveau au cours des trois dernières semaines.Généraire géant de la cybersécurité - qui possède des marques bien connues comme Norton, Avast, Lifelock, Avira, AVG, ReputationDefender et Ccleaner
New victims have come forward to confirm that their data was accessed through the exploitation of vulnerabilities in the MOVEit file transfer tool - a tactic cybercriminals have used in several high-profile incidents over the last three weeks. Cybersecurity giant Gen - which owns well-known brands like Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner |
CCleaner | ★★ | |
 |
2023-01-17 18:09:38 | (Déjà vu) Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner (lien direct) | Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results. [...] | Malware | CCleaner CCleaner | ★ |
 |
2022-08-03 05:36:55 | VirusTotal Reveals Most Impersonated Software in Malware Attacks (lien direct) | Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering attack. Other most impersonated legitimate apps by icon include 7-Zip, TeamViewer, CCleaner, Microsoft Edge, Steam, Zoom, and WhatsApp, an analysis from VirusTotal has revealed. "One of the | Malware Threat | CCleaner | |
 |
2022-06-14 15:15:00 | Anomali Cyber Watch: Symbiote Linux Backdoor is Hard to Detect, Aoqin Dragon Comes through Fake Removable Devices, China-Sponsored Groups Proxy through Compromised Routers, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, China, Hooking, Ransomware, Stealthiness, Vulnerabilities, and Web skimming. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Symbiote Deep-Dive: Analysis of a New, Nearly-Impossible-to-Detect Linux Threat
(published: June 9, 2022)
Intezer and BlackBerry researchers described a new, previously unknown malware family dubbed Symbiote. It is a very stealthy Linux backdoor and credential stealer that has been targeting financial and other sectors in Brazil since November 2021. Symbiote is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD before any other SOs. It uses hardcoded lists to hide associated processes and files, and affects the way ldd displays lists of SOs to remove itself from it. Additionally, Symbiote uses three methods to hide its network traffic. For TCP, Symbiote hides traffic related to some high-numbered ports and/or certain IP addresses using two techniques: (1) hooking fopen and fopen64 and passing a scribbed file content for /proc/net/tcp that lists current TCP sockets, and (2) hooking extended Berkeley Packet Filter (eBPF) code to hide certain network traffic from packet capture tools. For UDP, Symbiote hooks two libpcap functions filtering out packets containing certain domains and fixing the packet count. All these evasion measures can lead to Symbiote being hidden during a live forensic investigation.
Analyst Comment: Defenders are advised to use network telemetry to detect anomalous DNS requests associated with Symbiote exfiltration attempts. Security solutions could be deployed as statically linked executables so they don’t expose themselves to this kind of compromise by calling for additional libraries.
MITRE ATT&CK: [MITRE ATT&CK] Hijack Execution Flow - T1574 | [MITRE ATT&CK] Hide Artifacts - T1564 | [MITRE ATT&CK] Exfiltration Over Alternative Protocol - T1048 | [MITRE ATT&CK] Data Staged - T1074
Tags: Symbiote, target-region:Latin America, Brazil, target-country:BR, Financial, Linux, Berkeley Packet Filter, eBPF, LD_PRELOAD, Exfiltration over DNS, dnscat2
Alert (AA22-158A). People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
(published: June 8, 2022)
Several US federal agencies issued a special Cybersecurity Advisory regarding China-sponsored activities concentrating on two aspects: compromise of unpatched network devices and threats to IT and telecom. Attackers compromise unpatched network devices, such as Small Office/Home Office (SOHO) routers and Network Attached Storage (NAS) devices, to serve as “hop points” to obfuscate their China-based IP addresses in preparation and during the next intrusion. Similarly, routers in IT and Telecom companies are targeted for initial access by China-sponsored groups, this time using open-source router specific software frameworks, RouterSploit and RouterScan.
Analyst Comment: When planning your company |
Ransomware Malware Tool Vulnerability Threat Guideline | CCleaner | |
 |
2022-06-09 08:48:41 | Tainted CCleaner Pro Cracker spreads via Black Seo campaign (lien direct) | >Threat actors spread info-stealing malware through the search results for a pirated copy of the CCleaner Pro Windows optimization program. Researchers from Avast have uncovered a malware campaign, tracked as FakeCrack, spreading through the search results for a pirated copy of the CCleaner Pro Windows optimization program. The researchers pointed out that operators behind the campaign […] | Malware | CCleaner CCleaner | ★★★ |
|
2022-06-08 09:52:37 | Poisoned CCleaner search results spread information-stealing malware (lien direct) | Malware that steals your passwords, credit cards, and crypto wallets is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. [...] | Malware | CCleaner CCleaner | |
 |
2022-06-07 15:23:07 | How to use CCleaner\'s Performance Optimizer to try to speed up your PC (lien direct) | >The program's Performance Optimizer attempts to put unneeded background apps to sleep to help boost your computer's performance. | CCleaner | ||
 |
2022-04-27 09:02:06 | CCleaner met à jour Kamo avec une fonctionnalité de confidentialité renforcée unique en son genre (lien direct) | Kamo 4.0 innove sur le marché en alliant le principe du VPN et une technologie anti-empreinte pour offrir un niveau de protection extrême inédit. CCleaner, spécialiste des logiciels d'optimisation système, a dévoilé ce jour une nouvelle fonctionnalité de protection de la vie privée intégrée à la nouvelle version 4.0 de son outil plébiscité, Kamo. Communiqué – […] The post CCleaner met à jour Kamo avec une fonctionnalité de confidentialité renforcée unique en son genre first appeared on UnderNews. | CCleaner | ||
|
2022-02-01 12:39:49 | CCleaner est disponible dans une version de nouvelle génération pour macOS (lien direct) | L'édition 2022 de la suite d'utilitaires d'optimisation CCleaner pour Mac débarque avec une interface repensée, des fonctionnalités enrichies et inclut Photo Cleaner et App Uninstaller pour une meilleure efficacité. The post CCleaner est disponible dans une version de nouvelle génération pour macOS first appeared on UnderNews. | CCleaner CCleaner | ||
|
2021-12-20 13:05:22 | CCleaner arrive sur Microsoft Store (lien direct) | CCleaner arrive sur Microsoft Store permettant désormais d'accélérer, de nettoyer et de mettre à jour Windows 11 . La nouvelle version de CCleaner se dote d'une fonction de nettoyage améliorée, des mises à jour pour 9 millions de pilotes et une prise en charge complète de Windows 11. The post CCleaner arrive sur Microsoft Store first appeared on UnderNews. | CCleaner CCleaner | ||
|
2021-01-29 14:25:12 | Vovalex is likely the first ransomware written in D (lien direct) | A new ransomware called Vovalex is being distributed through fake pirated software that impersonates popular Windows utilities, such as CCleaner. [...] | Ransomware | CCleaner | |
|
2020-12-05 11:42:56 | Comment bien utiliser Ccleaner pour nettoyer son PC (lien direct) | Si vous utilisez régulièrement votre PC à la maison ou au bureau, vous avez forcément vécu des périodes de forts ralentissement de la machine sans raison apparentes sans trouver de solution pour améliorer la rapidité du PC. Voici un logiciel incontournable pour nettoyer votre PC à fond et l’optimiser afin qu’il retrouve sa rapidité. CCleaner […] The post Comment bien utiliser Ccleaner pour nettoyer son PC first appeared on UnderNews. | CCleaner | ||
|
2020-07-29 14:42:24 | Microsoft now detects CCleaner as a Potentially Unwanted Application (lien direct) | Microsoft is now detecting the popular CCleaner Windows optimization and Registry cleaner program as a potentially unwanted application (PUA) in Microsoft Defender. (47a9275c481dbf25e49cf753f7102ec1)[...] | CCleaner | ||
|
2020-07-16 13:08:13 | Pendant le confinement, les nettoyages mensuels de PC ont augmenté de 300 % (lien direct) |  Suite à la forte activité numérique pendant le confinement, les nettoyages mensuels de PC ont augmenté de 300 %. Le dernier rapport Digital Crap Index de CCleaner fournit de précieuses informations concernant la dépendance des consommateurs vis-à-vis des services en ligne pendant la pandémie de COVID-19. |
CCleaner | ||
 |
2020-05-22 06:48:26 | Les hackers chinois continuent de s\'attaquer aux éditeurs de jeux vidéo (lien direct) | Des chercheurs ont détecté un nouveau cheval de Troie chez le groupe Winnti, connu également pour avoir piraté les serveurs de CCleaner et d'Asus.  |
CCleaner | ||
|
2020-03-04 11:17:00 | Avec son Bilan de santé, CCleaner aide les utilisateurs à maintenir leur PC dans un état de fonctionnement optimal (lien direct) |  En combinant les outils de nettoyage et de configuration de CCleaner, le Bilan de santé permet aux ordinateurs personnels d'être plus rapides, plus propres et plus sûrs. |
CCleaner | ||
 |
2019-11-20 16:19:23 | GetMonero piraté, le porte-monnaie piégé (lien direct) | Alerte chez les utilisateurs de Monero. Le porte-monnaie téléchargeable sur le site officiel GetMonero avait été piégé par des pirates. Infiltrer le logiciel officiel d’une marque connue et reconnue, le Saint-Graal chez les pirates. Après Ccleaner, voici le porte-monnaie Monero proposé par le ... Cet article GetMonero piraté, le porte-monnaie piégé est apparu en premier sur ZATAZ. | CCleaner | ||
|
2019-11-01 07:12:00 | Comment Avast a évité le pire et contrecarré l\'attaque sur CCleaner (lien direct) | C'est la deuxième fois en deux ans que l'éditeur est confronté à une cyberintrusion majeure. Nous avons rencontré Jaya Baloo, qui vient tout juste de prendre les fonctions de responsable de la sécurité des systèmes d'information (RSSI) et qui se trouve donc en première ligne.  |
CCleaner | ||
 |
2019-10-28 16:05:10 | A week in security (October 21 – 27) (lien direct) |
A look at the cybersecurity news from October 21 - 27 including Magecart, robocalls, doxing, stalkerware, ransomware, breaches, and much more.
Categories:
Week in security
Tags: avastccleanerdoxingedpsMagecartNordVPNprivacy protectionrobocallssql serverstalkerware
(Read more...)
|
CCleaner | ||
|
2019-10-23 15:38:17 | Le logiciel CCleaner encore une fois piraté (lien direct) | Il semblerait que le logiciel de nettoyage de fichiers CCleaner de la société tchèque AVAST, spécialiste en cybersécurité, ait été une nouvelle fois piraté (ce même produit avait été infiltré lors d'une attaque en 2017). Les cybercriminels auraient installé à distance un implant de porte dérobée sur des millions d'ordinateurs. |
CCleaner | ||
|
2019-10-23 11:23:25 | CCleaner de nouveau ciblé par les hackers chinois (lien direct) | Des pirates ont réussi à rentrer dans le réseau interne de l'éditeur Avast, apparemment dans le but d'insérer un cheval de Troie dans son célèbre utilitaire.  |
CCleaner | ★★★★ | |
 |
2019-10-21 23:52:59 | Avast: No plans to discontinue CCleaner following second hack in two years (lien direct) | Czech intelligence agency: "Data analysis suggests that the attack came from China." | Hack | CCleaner | |
 |
2019-10-21 16:00:00 | Avast Foils Another CCleaner Attack (lien direct) | 'Abiss' attackers used an older VPN profile to get into Avast's network and targeted its CCleaner utility. | CCleaner | ||
 |
2019-10-21 12:42:19 | Avast fends off hacker who breached its internal network in copycat CCleaner attack (lien direct) | Czech anti-virus firm Avast has been targeted for a second time by hackers seemingly attempting to plant malware inside a malicious CCleaner update. | Malware | CCleaner | |
|
2019-10-21 09:05:35 | Avast says hackers breached internal network through compromised VPN profile (lien direct) | Czech antivirus maker discloses second attack aimed at compromising CCleaner releases. | CCleaner | ||
|
2019-10-21 08:44:54 | Hackers Breach Avast Antivirus Network Through Insecure VPN Profile (lien direct) | Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14. [...] | CCleaner | ||
|
2019-09-30 15:43:14 | A week in security (September 23 – 29) (lien direct) |
A roundup of the security news from September 23–29 including Emotet, checkm8, securing webcams, insurance data, Nodersok, voting machines, iHandy, CCleaner, encryption and breaches.
Categories:
A week in security
Tags: ccleanercheckm8doordashemotetihandyinsurance datanodersokwebcams
(Read more...)
|
CCleaner | ||
|
2019-09-27 03:30:11 | Microsoft Removes CCleaner Ban From Their Community Forums (lien direct) | Microsoft has decided to roll back their decision to add CCleaner to a blacklist that would prevent the software's official site, www.ccleaner.com, from be posted in the Microsoft Community Forums. [...] | CCleaner | ||
|
2019-09-25 11:07:38 | Chaque année, les consommateurs perdent un espace disque dur équivalant à celui occupé par 31 200 photos parce qu\'ils ne nettoient pas leur ordinateur (lien direct) | 52 Go de " déchets " numériques s'accumulent en moyenne chaque année sur les ordinateurs grand public. |
CCleaner | ||
|
2019-05-15 11:13:04 | CCleaner annonce sa nouvelle fonctionnalité Easy Clean (lien direct) | CCleaner v5.57 s'enrichit d'une fonction ergonomique qui aide les utilisateurs à préserver la propreté, la sécurité et la rapidité de leur ordinateur. |
CCleaner | ||
|
2019-03-25 09:39:05 | Warning: ASUS Software Update Server Hacked to Distribute Malware (lien direct) | Remember the CCleaner hack?
CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017.
Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS.
A group of state-sponsored |
Malware Hack | CCleaner | |
|
2019-03-12 15:29:05 | CCleaner Professional Adds Software Updater Feature (lien direct) | Piriform has released CCleaner v5.55 today, which for Professional users now includes a Software Updater feature that will check if installed 3rd party applications are running the latest version. [...] | CCleaner | ||
|
2018-11-30 14:33:00 | CCleaner 5.50 Now Allows You to Disable Automatic Updates (lien direct) | Piriform released CCleaner 5.50 yesterday and it comes with the long awaited ability to block the program from automatically updating to a new version. [...] | CCleaner | ||
|
2018-10-06 12:17:04 | Windows 10 October 2018 Update could cause CCleaner stop working (lien direct) | Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update Many Windows users are reporting problems after the installation of Windows 10 October 2018 Update, a few days ago a Reddit user discovered the Task Manager tool was showing inaccurate CPU usage after the upgrade. Other users […] | CCleaner | ||
|
2018-10-05 16:27:04 | CCleaner Is Partially Broken in Windows 10 October 2018 Update (lien direct) | Users are now reporting that CCleaner is partially broken after upgrading to Windows 10 October 2018 Update (version 1809). A fix is expected to land soon. [...] | CCleaner | ||
|
2018-09-17 13:36:01 | (Déjà vu) CCleaner Disregarding Settings and Forcing Update to 5.46 (lien direct) | Reports are coming in that Piriform is forcing CCleaner to update to the latest 5.46 version even when users had configured the program to not perform automatic updates. To make matters worse, once the users were upgraded to the latest version, their privacy settings are reset to default, which is to send usage data. [...] | CCleaner | ★★ | |
|
2018-08-31 16:53:01 | (Déjà vu) CCleaner 5.46 Released With Improved Privacy Options (lien direct) | CCleaner 5.46 was released yesterday and aims to fix all of the problems that led to the fiasco with the previous release of CCleaner 5.45. With this release, Piriform has added settings that allow you to actually disable their background monitoring process and to disable the sending of anonymous usage statistics. [...] | CCleaner | ||
|
2018-08-31 16:53:01 | (Déjà vu) CCleaner 5.46 Released With the Ability to Disable Unwanted Features (lien direct) | CCleaner 5.46 was released yesterday and aims to fix all of the problems that led to the fiasco with the previous release of CCleaner 5.45. With this release, Piriform has added settings that allow you to actually disable their background monitoring process and to disable the sending of anonymous usage statistics. [...] | CCleaner | ||
|
2018-08-03 19:51:05 | CCleaner v5.45 Pulled Due to Anger Over Usage Data Collection (lien direct) | It has not been a good week for Piriform's PC cleaning tool CCleaner. With the release of CCleaner version 5.45, it was quickly discovered that the program's "Active Monitoring" component, which is utilized to send anonymous usage data back to Piriform, could no longer be disabled. [...] | Tool | CCleaner | |
|
2018-08-02 08:15:04 | CCleaner provokes fury over Active Monitoring, user data collection (lien direct) | User anger has forced CCleaner to backtrack on merged data collection and scanning functions pushed forward in the latest update. | CCleaner | ||
|
2018-08-02 06:37:04 | CCleaner Adds Data Collection Feature With No Way to Opt-Out (lien direct) | Like many others, do you also believe that the popular system-cleaning tool CCleaner was performing well before Avast acquired the software from Piriform last year?
If yes, then pop-up advertisements in the previous CCleaner software version was not the last thing you have to deal with.
Avast has released a new version of CCleaner 5.45 that not only always runs in the background, but also
|
Tool | CCleaner | |
|
2018-04-18 06:12:05 | CCleaner : comment des pirates ont réussi à infecter 2 millions d\'utilisateurs (lien direct) | Les hackers ont utilisé TeamViewer, un logiciel de maintenance à distance, pour prendre pied dans le réseau de l'éditeur Piriform. Ils sont restés planqués pendant des mois avant de véroler les mises à jour de CCleaner.  |
CCleaner | ||
|
2018-04-18 00:50:05 | CCleaner Attack Timeline-Here\'s How Hackers Infected 2.3 Million PCs (lien direct) | Last year, the popular system cleanup software CCleaner suffered a massive supply-chain malware attack of all times, wherein hackers compromised the company's servers for more than a month and replaced the original version of the software with the malicious one.
The malware attack infected over 2.3 million users who downloaded or updated their CCleaner app between August and September last
|
CCleaner | ||
|
2018-03-27 13:00:00 | Tales from the SOC: The Simulated Attack (lien direct) |
Introduction
In today’s world, understanding threats and how to avoid them are critical to a business’s success. Last year, we saw an evolution in malware and attacks. Ransomwares like WannaCry made their debut; featuring worm-like attributes that allowed ransomware to self-propagate through a network, exploiting vulnerable machines and continuing the damage. We started to see attackers using more advanced automation in their malware and shiftier distribution methods to thwart defenses. In September 2017, we saw a supply chain attack against download servers that added a Trojan virus within versions of the popular CCleaner PC utility software. The download was undetected for almost a month and it is estimated that over 2 million users had installed it.
According to the US government, cyberattacks reportedly cost the US economy a $57-109 billion-dollar loss in 2016. Cisco reported in 2017 that 53% of cyberattacks resulted in damages of over $500k or more; 8% had damage totals over $5 million per incident. While costs are skyrocketing, so is the average timeframe for detecting cyberattacks. Multiple studies over the last several years have found businesses are averaging a three to eight-month time period before even detecting a cyber-attack.
We know the threat is real and the costs of a cyberattack can be exorbitant, so what can we do with all this information? As an MSSP, something we always recommend to our clients and prospects is practicing a multi-layer defense approach within their network. Multiple layers of security are an important part of detecting, preventing, and minimizing a business’s exposure to a cyberattack. So many times, we have heard “I have good anti-virus and an expensive firewall; I don’t need any other defenses.” Unfortunately, that is no longer the case. Preventive security is no longer enough; organizations must build a strong defense and use offensive practices to proactively head off potential intrusions.
In today’s blog, we share with you a real-life experience and what we did to mitigate the threat by building a strong cybersecurity strategy.
Tale from Our SOC
Several years ago, we helped a client implement managed security services. The client’s priorities were never focused on security, until they had hired a consulting company to perform a simulated cyberattack. The exercise shed light on their security shortcomings. It highlighted how the current controls they had in place failed during the simulated attack and what methods were missing from their environment, including: incident response, security awareness and systems capable of detecting these acts.
The Simulated Attack
When the simulated attack was started, they only used the organization’s name. The first step was reconnaissance about this organization, where common tools like Google and LinkedIn were used to search for user email formats, website, and domain information. As the discovery phase progressed, IPs for VPN server access and email servers were identified. Based off the information they discovered, user lists were built, and a phishing campaign was prepared. The attacker ran vulnerability scans and methodical brute force tests to identify any weaknesses within the external services they had already identified.
 The next step in the simulated attack was the phishing campaign. Now that the attacker had built a list of potential emails, they |
Guideline | CCleaner Wannacry | |
 |
2018-03-12 16:49:05 | CCleaner Attackers Intended To Deploy Keylogger In Third Stage (lien direct) | As investigations continue about the backdoor that was planted in CCleaner, Avast said it has found that the actors behind the attack were planning to install a third round of malware on compromised computers. | CCleaner | ||
|
2018-03-12 16:20:00 | Chinese APT Backdoor Found in CCleaner Supply Chain Attack (lien direct) | Avast discovers ShadowPad tool for use in apparent planned third stage of the targeted attack campaign. | CCleaner | ||
|
2018-03-11 08:37:02 | Governments rely on Sandvine network gear to deliver spyware and miners (lien direct) | According to Citizen Lab, some governments are using Sandvine network gear installed at internet service providers to deliver spyware and cryptocurrency miners. Researchers at human rights research group Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites (i.e. Avast Antivirus, CCleaner, Opera, and 7-Zip) […] | CCleaner |
To see everything:
Our RSS (filtrered)
