Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label cloud storage. Show all posts
Tech Companies
APT29 cloud storage Data Breach Securities and Exchange Commission Tech Companies

Top Tech Firms Fined for Hiding SolarWinds Hack Impact

 



The US Securities and Exchange Commission fined four major technology companies-Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly downplaying the severity of the cybersecurity risks they faced as a result of the notorious SolarWinds hack. The companies have been accused of giving misleading information to investors regarding the severity of breaches connected with the attack on SolarWinds Orion software in 2020.

Companies Made Deceptive Filings

 The companies that had engaged in either direct or indirect deception of the extent and effect of the attacks to the investors. Settlement has been reached by these companies and they will have to pay civil penalties that include $4 million to be paid by Unisys, $1 million by Avaya, Check Point Software with a $995,000 penalty and $990,000 is payable by Mimecast.

The SEC said the companies knew their systems were compromised due to unauthorised access after the SolarWinds hack but reportedly downplayed the impact in public statements. For example, Unisys reportedly described cybersecurity risks as "theoretical," even when it confirmed two data breaches tied to the SolarWinds hack which exfiltrated gigabytes of data. Equally, Avaya apparently downplayed the severity of the breach when it revealed limited access to its email messages while investigators found that at least 145 files in its cloud storage were compromised.

Particular Findings on Each Company

1. Unisys Corp: The SEC noted that Unisys failed to disclose fully the nature of its cybersecurity risks even after it had suffered massive data exfiltration. Apparently, the company's public disclosures tagged such risks as "theoretical".

2. Avaya Holdings: Avaya allegedly made false statements as it reported that the minimal amount of e-mail messages has been accessed when actually, there is abundant evidence that access is further extensive to some files held in the cloud.

3. Check Point Software: The SEC charges that Check Point was conscious of the hack and used ambiguous language in order to downplay the severity of the attack, conceivably, therefore leaving investors under informed of the actual degree of the hack.

4. Mimecast: The SEC found that Mimecast had made major omissions in its disclosure, including failure to disclose the specific code and number of encrypted credentials accessed by hackers.

Background on the SolarWinds Breach

Another notably recent cyberattack is attributed to the Russian-linked group APT29, also known as the SVR, behind the SolarWinds hack. In 2019, malicious actors gained unauthorised access to the SolarWinds Orion software platform, releasing malicious updates between March and June 2020, that installed malware, such as the Sunburst backdoor in "fewer than 18,000" customer instances, though fewer were targeted for deeper exploitation.

Subsequently, many U.S. government agencies and also huge companies confirmed that they were hacked into during this breach. These include Microsoft, cybersecurity company FireEye, the Department of State, the Department of Homeland Security, the Department of Energy, the National Institutes of Health, and the National Nuclear Security Administration.

SEC's Stance on Transparency

The charges and fines by the SEC also serve as a warning to public companies to become transparent concerning security incidents that have affected the trust of their investors. The four companies thus settle on not having done anything wrong, but they experience considerable penalties that indicate how hard the SEC will be in holding organisations responsible to provide fair information about cybersecurity risk issues and incident concerns.

It, therefore, calls for tech firms to provide better information on cybersecurity issues as both investors and consumers continue to face increasingly complex and pervasive cyber threats.


Read more »
End To End Encryption
cloud storage cloud storage services Cyber Security Data Storage Data Synchronization E2EE End To End Encryption

Security Risks Discovered in Popular End-to-End Encrypted Cloud Storage Platforms

 

Recent cryptographic analysis by researchers at ETH Zurich has uncovered significant security vulnerabilities in five major end-to-end encrypted (E2EE) cloud storage platforms: Sync, pCloud, Icedrive, Seafile, and Tresorit. These platforms are collectively used by over 22 million people and are marketed as providing secure data storage. However, the study revealed that each of these platforms has exploitable flaws that could allow malicious actors to gain access to sensitive user data, manipulate files, or inject harmful data. The research was conducted under the assumption that a malicious attacker could control a server with full ability to read, modify, and inject data. 

This is a plausible scenario in the case of sophisticated hackers or nation-state actors. The researchers found that while these platforms promise airtight security and privacy through their E2EE models, their real-world implementation may fall short of these claims. Sync, for instance, exhibited critical vulnerabilities due to unauthenticated key material, which allows attackers to introduce their own encryption keys and compromise data. It was found that shared files could be decrypted, and passwords were inadvertently exposed to the server, compromising confidentiality. Attackers could also rename files, move them undetected, and inject folders into user storage. pCloud’s flaws were similar, with attackers able to overwrite private keys, effectively forcing encryption using attacker-controlled keys. 

This, coupled with public keys that were unauthenticated, granted attackers access to encrypted files. Attackers could also alter metadata, such as file size, reorder file chunks, or even inject files. Icedrive was shown to be vulnerable to file tampering due to its use of unauthenticated CBC encryption. Attackers could modify the contents of files, truncate file names, and manipulate file chunks, all without detection. Seafile also presented several serious vulnerabilities, including susceptibility to protocol downgrade attacks, which made brute-forcing passwords easier. The encryption used by Seafile was not authenticated, enabling file tampering and manipulation of file chunks. As with other platforms, attackers could inject files or folders into a user’s storage space. 

Tresorit fared slightly better than its peers, but still had issues with public key authentication, where attackers could potentially replace server-controlled certificates to gain access to shared files. While Tresorit’s flaws didn’t allow direct data manipulation, some metadata was still vulnerable to tampering. The vulnerabilities discovered by the ETH Zurich researchers call into question the marketing promises made by these platforms, which often advertise their services as providing the highest level of security and privacy through end-to-end encryption. In light of these findings, users are advised to exercise caution when trusting these platforms with sensitive data, particularly in cases where the server is compromised.  

The researchers notified Sync, pCloud, Seafile, and Icedrive of their findings in April 2024, while Tresorit was informed in late September 2024. Responses from the vendors varied. Icedrive declined to address the issues, Sync is fast-tracking fixes, and Tresorit is working on future improvements to further safeguard user data. Seafile has promised to patch specific vulnerabilities, while pCloud had not responded as of October 2024. While no evidence suggests that these vulnerabilities have been exploited, the flaws are nonetheless concerning for users who rely on these platforms for storing sensitive data. 

The findings also emphasize the need for ongoing scrutiny and improvement of encryption protocols and security features in cloud storage solutions, as even end-to-end encryption does not guarantee absolute protection without proper implementation. As more people rely on cloud storage for personal and professional use, these discoveries are a reminder of the importance of choosing platforms that prioritize transparent, verifiable security measures.
Read more »
Ticketmaster
cloud storage Cyber Attacks Data Security Breach Google Mandiant Hacker attack ShinyHunters Ticketmaster

Hackers Exploit Snowflake Data, Targeting Major Firms

 

Hackers who stole terabytes of data from Ticketmaster and other customers of the cloud storage firm Snowflake claim they gained access to some Snowflake accounts by breaching a Belarusian-founded contractor working with those customers. Approximately 165 customer accounts were potentially affected in this hacking campaign targeting Snowflake’s clients, with a few identified so far. 

It was a Snowflake account, with stolen data including bank details for 30 million customers and other sensitive information. Lending Tree and Advance Auto Parts might also be victims. Snowflake has not detailed how the hackers accessed the accounts, only noting that its network was not directly breached. Google-owned security firm Mandiant, involved in investigating the breaches, revealed that hackers sometimes gained access through third-party contractors but did not name these contractors or explain how this facilitated the breaches. 

A hacker from the group ShinyHunters said they used data from an EPAM Systems employee to access some Snowflake accounts. EPAM, a software engineering firm founded by Belarus-born Arkadiy Dobkin, denies involvement, suggesting the hacker’s claims were fabricated. ShinyHunters has been active since 2020, responsible for multiple data breaches involving the theft and sale of large data troves. EPAM assists customers with using Snowflake's data analytics tools. The hacker said an EPAM employee’s computer in Ukraine was infected with info-stealer malware, allowing them to install a remote-access Trojan and access the employee’s system. 

They found unencrypted usernames and passwords stored in a project management tool called Jira, which were used to access and manage Snowflake accounts, including Ticketmaster’s. The lack of multifactor authentication (MFA) on these accounts facilitated the breaches. Although EPAM denies involvement, hackers did steal data from Snowflake accounts, including Ticketmaster's, and demanded large sums to destroy the data or threatened to sell it. The hacker claimed they directly accessed some Snowflake accounts using the stolen credentials from EPAM’s employee. The incident underscores the growing security risks from third-party contractors and the importance of advanced security measures like MFA. 

Mandiant noted that many credentials used in the breaches were harvested by infostealer malware from previous cyber incidents. Snowflake’s CISO, Brad Jones, acknowledged the breaches were enabled by the lack of MFA and mentioned plans to mandate MFA for Snowflake accounts. This incident highlights the need for robust cybersecurity practices and vigilance, particularly when dealing with third-party contractors, to safeguard sensitive data and prevent similar breaches in the future.
Read more »
Technology
cloud storage Data Encryption Flash drive IronKey Technology

IronKey: What is it & How Is It Different From Other Storage Drives

IronKey

The world of online cloud storage

We live in a world of online cloud storage, where all our data is accessible everywhere and on any gadget. This has made the act of having physical storage media a lesser concern than it once used to be and more like a throwaway gadget with which we can do some cool things.

However, removing movies and episodes from streaming services and continual modifications to social media and other online archives have made physical storage more necessary than anything. We've all had a flash drive at some point, and they've grown throughout time, getting larger and more reliable.

IoT and rising concerns

With more than 40 lakh attacks on IoT (Internet of Things) devices, India is among one of the Top 10 Victims Countries lists in the world. This can be a disappointment for Tech Freaks and companies that have just begun using IoT devices but don't consider protecting their IoT devices such as smart cameras. Hackers didn't even flinch while penetrating the systems. That's how simple the breakthrough was.

“Simple methods like password guessing are used for getting the entry in IoT devices. Some sufferers of these attacks set passwords as naive as 'Admin.' And now, India has made it to the index of the top 10 countries that fell prey to IoT attacks in 2019,” reported CySecurity in 2019.

When looking for external storage, you may come across the IronKey series, a pretty flashy and eye-catching name for a simple flash drive. What distinguishes these from conventional flash drives and makes them so expensive? And, more importantly, is it worthwhile? Here's your comprehensive guide on understanding the IronKey.

IronKey: What is it?

IronKey is a flash drive brand created in the early 2000s by IronKey, a Homeland Security-funded Internet security and privacy startup that was later bought by Kingston. These were designed to provide additional security for the government, military, and business clients. While they function similarly to other flash drives, IronKey's hardware encryption differentiates it (and makes it rather pricey).

Though software encryption is simple and secure for most files, it is not as extensive or as powerful as hardware encryption, which integrates a cryptoprocessor into the device. The IronKey flash drive uses 256-bit AES hardware-based encryption in XTS mode, as well as FIPS 140-2 Level 3 validation and on-device Cryptochip Encryption Key management. 

When you remove the flash drive, it senses physical tampering and immediately safeguards your data. You can use a sophisticated password or a secret phrase of up to 255 characters long to get to the files for further security, and if you fail to enter the right password ten times, the drive immediately shuts down and optionally destroys the files.

IronKey: Do you really need one?

So, do you require one? That varies on how you intend to make use of it. If you solely store schoolwork or images, paying $77 for an 8GB flash drive may be expensive. However, if you have sensitive corporate records or government secrets, it may be worth spending a bit more to avoid being the victim of a security breach.

Read more »
Software
Artifical Intelligence Azure Cloud Service cloud storage Cyber Security Encryption Microsoft SentineLabs Software

Microsoft's Rise as a Cybersecurity Powerhouse

Tech titan Microsoft has emerged as an unexpected yet potent competitor in the cybersecurity industry in a time of rapid digital transformation and rising cyber threats. The company has quickly evolved from its conventional position to become a cybersecurity juggernaut, meeting the urgent demands of both consumers and enterprises in terms of digital security thanks to its broad suite of software and cloud services.

Microsoft entered the field of cybersecurity gradually and strategically. A whopping $20 billion in security-related revenue has been produced by the corporation, according to recent reports, underlining its dedication to protecting its clients from an increasingly complicated cyber scenario. This unexpected change was brought on by many strategic acquisitions and a paradigm shift that prioritized security in all of its services.

The business has considerably improved its capacity to deliver cutting-edge threat information and improved security solutions as a result of its acquisition of cybersecurity businesses like RiskIQ and ReFirm Labs. Microsoft has been able to offer a comprehensive package of services that cover threat detection, prevention, and response by incorporating these cutting-edge technologies into its current portfolio.

The Azure cloud platform is one of the main factors contributing to Microsoft's success in the cybersecurity industry. As more companies move their operations to the cloud, it is crucial to protect the cloud infrastructure. Azure has been used by Microsoft to provide strong security solutions that protect networks, programs, and data. For instance, its Azure Sentinel service uses machine learning and artificial intelligence to analyze enormous volumes of data and find anomalies that could point to possible security breaches.

Furthermore, Microsoft's commitment to addressing cybersecurity issues goes beyond its own products. The business has taken the initiative to work with the larger cybersecurity community in order to exchange threat intelligence and best practices. Its participation in efforts like the Cybersecurity Tech Accord, which combines international tech companies to safeguard clients from cyber dangers, is an example of this collaborative approach.

Microsoft's success in the field of cybersecurity is not without its difficulties, though. The broader cybersecurity sector continues to be beset by a chronic spending issue as it works to strengthen digital defenses. Microsoft makes large investments in security, but many other companies find it difficult to set aside enough funding to properly combat attacks that are always developing.



Read more »
Server
cloud storage Cyber Security Data Data Safety data security Server

Cloud Storage: Is Stored Data Secure ?

 

The popularity of cloud storage is on the rise, both for personal and professional use. However, many people are concerned about the security of their data in the cloud. While some worry about the future-proofing of their cloud storage, others are concerned about the privacy of their personal information. 

Despite these concerns, the advantages of cloud storage in terms of convenience, scalability, and cost-efficiency make it a popular choice. Cloud storage involves storing digital data on remote servers and accessing it through an internet connection. This type of storage is fast, accessible from anywhere, easily scalable, and can serve as a backup in case of disaster. 

Additionally, third-party providers take care of server maintenance and security, freeing up the user's time for other tasks. Although security concerns exist, secure and affordable cloud storage services are available.

Cloud storage is a versatile option that can be utilized by both individuals and organizations. It offers various benefits comparable, and even superior, to traditional physical storage methods. While evaluating the security of cloud storage, it's important to consider its usefulness in providing added safety through features such as backups and the convenience it offers. it is used for:

  • Sharing Your Files With Ease
  • Cloud Disaster Recovery (CDR)
  • Backing Up Your Data
What Makes Your Data Safe in the Cloud?

Data stored on the cloud is generally more secure than stored on your hard drive. After all, cloud servers are housed in very secure cloud data centers that are constantly monitored.

So, how does cloud storage security work? What are the important security procedures in place to protect your data on the cloud?
  • Firewall-as-a-Service (FWaaS)
  • Round-the-Clock Monitoring
  • Encryption from beginning to end
  • AI-Powered Tools and Auto-Patching
While no system is perfect, cloud storage is surprisingly secure and more handy than on-site storage. All your data in the cloud is secured, continuously monitored, and safeguarded against cyber attacks. Even in the event of a disaster, your data will be preserved thanks to redundant servers.

Overall, cloud storage is a rather secure option for storing your data, and it's not going away anytime soon.
Read more »
User Privacy
cloud storage Data Encryption Data Storage Dropbox Encrypto iCloud MacPaw OneDrive Privacy Sensitive data User Privacy

What Must You Do Before Uploading Your Sensitive Data to the Cloud?


Cloud storage has emerged as a prominent tool when it comes to managing or storing users’ data. Prior to the establishment of cloud storage technology, more than a decade ago, emailing individual files to yourself or saving them to an external drive and physically moving them from one computer to another were the two most popular methods for backing up documents or transferring them between devices. 

But now data storage has witnessed a massive breakthrough in technology, thanks to cloud storage solutions. Some of the prominent cloud storage services like Google Drive, Microsoft OneDrive, Dropbox, and Apple iCloud Drive made it dead simple to back up, store, and keep our documents synced across devices. 

Although, this convenience came to the users at a cost of privacy. When we use any of the Big 4's major cloud services, we theoretically give them—or anybody who can hack them—access to whatever we keep on their cloud, including our financial and health information, as well as our photos, notes, and diaries. 

One of the major reasons why user privacy is at stake is because all four prominent cloud service providers meagerly encrypt the documents while uploading. Since these documents are not end-to-end encrypted, it indicates that the user is the only one with the ability to decrypt. 

Minimal encryption would mean that the service provider too holds the key to decrypt users’ documents, and is capable of doing so at all times. Moreover, in some severe instances, a hacker may as well get hold of the decryption key. 

Out of the four major cloud services, Apple is the only service provider with Advanced Data Protection for iCloud, launched recently, which enables users to choose to have their documents end-to-end encrypted when stored in iCloud Drive. This makes Apple void of any access to the files, ensuring the user’s privacy. However, this setting is still optional, making the merely encrypted iCloud Drive a default setting. 

Since the remaining three major cloud storage providers are yet to provide users with the choice of end-to-end encryption and taking into consideration the exploded usage of such personal cloud services in recent years, billions of users are currently at risk of getting their sensitive documents exposed to the third party. 

Encrypt First, Then Upload to the Cloud 

It is possible to use the popular cloud storage services while preventing anyone who gains access to your account from seeing the files stored therein by encrypting those files prior to uploading them. The best part? You do not require a computer scientist or a security developer to do so. With the numerous applications, that are available for free, one could encrypt any file on one's own. 

What is Encrypto?

One such well-known encryption program is Encrypto, sponsored by a company called MacPaw. You may drag a file into the program, give it a password, and then encrypt it using industry AES-256 encryption. The software then enables you to save a file with an encrypted version (.crypto file type). 

After encrypting the files, the user can now upload the encrypted version of the file to their preferred cloud storage provider rather than the original file containing sensitive data. If your cloud storage is then compromised, the attacker should be unable to open the Crypto file without knowing the password the user has established for it. 

Encrypto is a cross-platform tool that works on both Macs and Windows PCs, despite the fact that MacPaw is known for producing Mac-specific utility apps. The recipient merely needs to download the free Encrypto app to be able to open sensitive documents that have been sent to them over email and have been encrypted using Encrypto (and you need to let them know the password, of course). 

Another nice feature that the app possesses is that it enables users to set different passwords for each file they create. One can even include a password hint in the encrypted file to remind what password is being used in the file. Users are advised to establish a password that would be difficult to decipher through brute force or something that would be difficult to guess. 

This being said, no matter the choice of app, encrypting the files yourself before uploading them to Google Drive Microsoft OneDrive, Dropbox, or iCloud Drive adds an additional layer of encryption and security to the sensitive data while still maintaining to reap the numerous benefits of cloud storage.  

Read more »
User Privacy
Apple Chrome cloud storage Cyber Crime Google Safe Browsing iPhone User Privacy

Remember to Clear the Cache on Your iPhone

Websites and apps may load more quickly by taking advantage of the cache, a designated area in your iPhone that stores temporary data. As cache data use up space on your phone, it's a good idea to wipe it off frequently to improve browsing speed. When you free up space on your iPhone by clearing the browser or app cache, you may notice a speed and performance improvement. This is especially true if you're experiencing performance concerns.

Clearing cache on  iPhone

For iPhones, Safari is the default browser, which lets you clear the cache in just a few simple steps. This method has a major impact on all devices logged into your iCloud account starting with iOS 11. As a result, the caches on all of your devices will be emptied, and the next time you use them, you'll have to sign in to each one separately. Here is what to do.

1. Launch the iPhone's Settings app.
2. From the list of programs, choose Safari.
3. Choose Clear Website Data and History.
4. The pop-up box will allow you to select Clear History and Data.

Even though cleaning your browsing history in Chrome logs you out of websites, it doesn't appear to dismiss all open tabs. You will need to re-log into any websites you may have been visiting.

With Chrome, remove the iPhone cache

1. Start the Chrome application.
2. To access more options, click the three dots in the lower right corner.
3. Choose Settings by swiping up from the top.
4. On the following menu, choose Privacy and Security.
5. After that, choose Clear Browsing Data to bring up one final selection.
6. At the top-left corner of the menu, choose the desired time frame.
7. Check to see if Cached Images and Files, Cookies, and Site Data are all selected. At the very bottom of the screen, select Clear Browsing Data.


Caches and cookies 

Cookies are little files that carry passwords and personalization data and store data about your online behavior. Many cookies, including those that keep you logged in to regularly visited websites, are helpful; nevertheless, some third-party cookies track your behavior on many websites. This could contain potentially sensitive data, such as your search history and your clicked links.

Contrarily, a cache stores data files that your browser or application is likely to utilize frequently. Avoiding the need to constantly download the same data, can improve the performance of your phone.

Caches typically only need to be cleared once every two to three months. Usually, at that point, your browser will start accumulating a cache big enough to start slowing things down. One should be cautious of cleaning your cache more frequently if you visit many websites.




Read more »
Subscribe to: Posts (Atom)