Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Tag: Cyber Security Company

Tag Archives: Cyber Security Company

Home » Tag: Cyber Security Company

A moment of reckoning: the need for a strong and global cybersecurity response

The final weeks of a challenging year have proven even more difficult with the recent exposure of the world’s latest serious nation-state cyberattack. This latest cyber-assault is effectively an attack on the United States and its government and other critical institutions, including security firms. It illuminates the ways the cybersecurity landscape continues to evolve and become even more dangerous. As much as anything, this attack provides a moment of reckoning. It requires that we look with clear eyes at the growing threats we face and commit to more effective and collaborative leadership by the government and the tech sector in the United States to spearhead a strong and coordinated global cybersecurity response.

The evolving threats

The past 12 months have produced a watershed year with evolving cybersecurity threats on three eye-opening fronts.

The first is the continuing rise in the determination and sophistication of nation-state attacks. In the past week this has again burst into the headlines with the story of an attack on the firm FireEye using malware inserted into network management software provided to customers by the tech company SolarWinds. This has already led to subsequent news reports of penetration into multiple parts of the U.S. Government. We should all be prepared for stories about additional victims in the public sector and other enterprises and organizations. As FireEye CEO Kevin Mandia stated after disclosing the recent attack, “We are witnessing an attack by a nation with top-tier offensive capabilities.”

As Microsoft cybersecurity experts assist in the response, we have reached the same conclusion. The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the U.S. Government and the tech tools used by firms to protect them. The attack is ongoing and is being actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft. As our teams act as first responders to these attacks, these ongoing investigations reveal an attack that is remarkable for its scope, sophistication and impact.

There are broader ramifications as well, which are even more disconcerting. First, while governments have spied on each other for centuries, the recent attackers used a technique that has put at risk the technology supply chain for the broader economy. As SolarWinds has reported, the attackers installed their malware into an upgrade of the company’s Orion product that may have been installed by more than 17,000 customers.

The nature of the initial phase of the attack and the breadth of supply chain vulnerability is illustrated clearly in the map below, which is based on telemetry from Microsoft’s Defender Anti-Virus software. This identifies customers who use Defender and who installed versions of SolarWinds’ Orion software containing the attackers’ malware. As this makes clear, this aspect of the attack created a supply chain vulnerability of nearly global importance, reaching many major national capitals outside Russia. This also illustrates the heightened level of vulnerability in the United States.

Alleged Russian Hacker Pleads Not Guilty After Extradition to United States

A Russian hacker indicted by a United States court for his involvement in online ad fraud schemes that defrauded multiple American companies out of tens of millions of dollars pleaded not guilty on Friday in a courtroom in Brooklyn, New York.

Aleksandr Zhukov, 38, was arrested in November last year by Bulgarian authorities after the U.S. issued an international warrant against him, and was extradited by Bulgaria to the United States on Thursday (January 18, 2019). He is currently in prison in Brooklyn.

In November 2018, law enforcement and multiple security firms collaborated to shut down one of the largest digital ad-fraud schemes, which they dubbed 3ve, that infected over 1.7 million computers worldwide to generate fake clicks used to defraud digital advertisers for years and made tens of millions of dollars in revenue.

Pronounced “Eve,” the online ad-fraud campaign was believed to have been active since at least 2014, but its fraudulent activity grew last year, turning it into a large-scale business and earning their operators more than $30 million in profit.

At the time, the US Justice Department announced a 13-count indictment against eight people from Russia, Ukraine, and Kazakhstan, three of them had already been arrested including Zhukov, Boris Timokhin (39, Russian Federation who was arrested from Estonia), and Sergey Ovsyannikov (30, Republic of Kazakhstan who was arrested from Malaysia)

Other defendants who have not yet been caught by the authorities include:

  • Mikhail Andreev (34, Russian Federation and Ukraine)
  • Denis Avdeev (40, Russian Federation) 
  • Dmitry Novikov (Russian Federation) 
  • Aleksandr Isaev (31, Russian Federation)
  • Yevgeniy Timchenko (30, Republic of Kazakhstan)

Zhukov, along with other suspects, has been accused of organizing an advertising fraud scheme, dubbed “Methbot,” from September 2014 through December 2016 wherein he rented out more than 1,900 computer servers hosted in commercial data centers to load ads from advertisers on over 5,000 counterfeit websites

The scheme flawlessly generated billions of ad views and caused businesses to pay over $7 million for “ads that were never actually viewed by real human internet users,” US prosecutors said in a November indictment.

All the eight defendants have been charged with 13 counts of criminal violations, including wire fraud, aggravated identity theft, money laundering, and conspiracy to commit computer intrusion, among others.

However, Zhukov denied all the charges against him on Friday, when he appeared in a Brooklyn courtroom in New York

Cyber Security News 1st week Sept 2016

1.      Dropbox hacked: Hackers have obtained credentials for more than 68 Million accounts of online cloud storage platform Dropbox from a known 2012 data breach. Last week, Dropbox sent out emails alerting its users that a large chunk of its users’ credentials that was obtained in 2012 data breach, may soon be seen on the Dark Web marketplace, prompting them to change their password if they hadn’t changed since mid-2012. Dropbox is the latest to join the list of “Mega-Breaches,” which includes LinkedIn, MySpace, VK.com and Tumblr.

 

  1. Kimpton Hotels hit by Point-of-Sale breach: Kimpton Hotels & Restaurants is alerting payment card customers of a payment card breach at more than 60 of its hotels and restaurants that occurred between February 16 and July 7 of this year. The hotel chain said in a message on its website that it first got word of unauthorized charges on guests’ payment cards in mid-July. An ensuing investigation uncovered malware on PoS servers at the front desks and restaurants of some of its hotels. “The malware searched for track data read from the magnetic stripe of a payment card and routed it through the affected server. Kimpton’s POS woes follow that of Eddie Bauer and HEI Hotels & Resorts, which operates Marriott, Hyatt and Sheraton and Westin hotels.

 

  1. Music website hacked: UK based – Music website called Last.fm, was hacked in March 2012 and three months after the breach, the company admitted to the incident and issued a warning, encouraging its users to change their passwords. Now, four years later the stolen data has surfaced in the public. The leaked records include usernames, hashed passwords, email addresses, the date when a user signed up to the website, and ad-related data. Last.fm stored its users’ passwords using MD5 hashing – which has been considered outdated even before 2012 – and that too without any Salt. (Salt is a random string added to strengthen encrypted passwords that make it more difficult for hackers to crack them.)

 

  1. St. Jude says Muddy Waters, MedSec video shows security feature, not flaw: St. Jude Medical, is a medical device company which makes pacemakers. MedSec is a Cyber security firm that specializes in security flaws in medical devices. Muddy Waters Research is a due diligence based investment firm. After a yearlong research by Medsec, it was found that St Jude’s products had severe issues. Medsec did not responsibly disclose its findings to St Jude but instead joined hands with Muddy waters to profit in the stock market with this information. St. Jude has refuted the allegations and has issued a statement saying the supposed “flaw” was actually a “security feature. If attacked, the pacemakers place themselves into a ‘safe’ mode to ensure the device continues to work.

 

  1. Double Whammy – Ransomware steals data before Encrypting: Betabot, the first known weaponized password-stealing malware that also infects victims with ransomware in a second stage of attack. In many instances it is still able to evade detection, it uses the Neutrino exploit kit, which uses infected documents disguised as CVs to ask the victim to enable macros. If they do, the malware is able to steal login data and passwords from web browsers. The Trojan then downloads and installs the Cerber ransomware onto the victim’s computer, demanding the user pays up in order to regain access to their compromised machine.

 

  1. ‘Guccifer’ gets 52-month Jail term: Romanian hacker “Guccifer,” who pleaded guilty in May this year to hacking and identity theft of around 100 high-profile Americans, has been sentenced to 52 months in prison by a US court. Guccifer hacked the email and social media accounts of his victims between October 2012 and January 2014 and made public confidential emails, photographs and private medical and financial data. Not to confuse with Guccifer 2.0, the hacker behind the DNC hack.

 

  1. Suspect arrested for 2011 Linux Kernel organization breach: In September 2011, kernel.org site that hosts the core development infrastructure behind the Linux kernel was breached. For the last five years, not many details about the attack were revealed and the attacker remained at large—that is, until he was picked during a traffic stop in Miami – last week. The hacker had managed to steal login credentials of one of the Linux Kernel Organization system administrators in 2011 and used them to install a hard-to-detect malware backdoor, dubbed Phalanx, on servers belonging to the organization. Using this backdoor, he installed malware on various Linux installations. He faces a possible sentence of 40 years in prison as well as $2 Million in fines. Threat protection for Linux can help in such situations.

 

  1. California may soon treat Ransomware as extortion: Ransomware may soon be regarded as a form of extortion in California once legislation is approved by governor. The Bill if passed, could land culprits in jail for two to four years. The move has received widespread support from different quarters that want ransomware attacks to be treated as a felony. The state’s law enforcement unit and the tech sector all support the legislation.

 

  1. SWIFT reveals new hacking attempts on member Banks: SWIFT has revealed new hacking attempts on several member banks following its June disclosure of the $81-million Bangladesh Bank heist and is pushing members to comply with new safety features. “The threat is persistent, adaptive and sophisticated – and it is here to stay,” SWIFT told the banks. SWIFT members have been warned that failure to meet a November 19 deadline for installing latest security software would be reported to banking regulatory bodies and partners.

 

  1. India registers 350 percent rise in cybercrime in last three years: According to a study, in India, there has been a surge of approximately 350% in cybercrime cases registered under the Information Technology (IT) Act, from the year of 2011 to 2014. The Indian Computer Emergency Response Team (CERT-In) has also reported a surge in the number of incidents handled by it, with close to 50,000 security incidents in 2015. Bangalore leads in the number of cybercrime cases, the city recorded 1,041 cybercrime cases in 2015, the highest among the country’s 53 mega cities, and a 42% increase over the 2014 figures. State-wise data shows the worst states to be: Maharashtra (2,195 cases) and Uttar Pradesh (2,208). Most cases relate to credit card fraud, email hacking and online cheating, including fake lottery scams. Use of technology and building awareness can reduce cybercrime.
Read More »

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

Juniper Firewall
Cisco Firewall
Checkpoint Firewall
paloalto Firewall
Fortinet Firewall
Forcepoint Firewall

 

Sophos Firewall
WatchGuard Firewall
Barracuda Firewall
Sonicwall Firewall
GajShield Firewall
Seqrite Firewall

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket

Firewall Firm is a Managed Firewall Security Solution Provider Company in India | Digital Marketing by SEO Company India | Powered by IT Monteur