During the pandemic HALOCK and the information security community have been responding to a significant spike in cyber security incidents. Threat actors have been using strikingly similar attack patterns to exploit vulnerabilities to remote work environments. These bulletins alert you to these common vulnerabilities, and what you should do to address them.
Attackers Hijacking Web Server Resources
Incident Summary: Cyber criminals hijacked external web servers to host illegal video stream links. E-commerce sites were no longer available, thus impacting the company’s revenue and potential reputational damage.
The organization spent valuable resources recovering systems and configuring preventive solutions.
Adversaries performed reconnaissance across the internet looking for exploitable web services. The attackers identified several vulnerabilities within Telerik UI allowing them to compromise encryption keys and exploit known vulnerabilities.
The impact of the security breach was increased due to multiple weak security controls.
|TESTING FOR THE VULNERABILITY
|MITIGATING THE VULNERABILITY
Define measures to ensure implemented security controls remain intact and weaknesses are identified, including:
Establish the following security controls and solutions to prevent data exfiltration and reduce the impact of a data breach:
WHAT YOU MUST DO NOW
HALOCK can also walk you through a more comprehensive list of vulnerabilities that we are seeing in the field. Contact us here and select “Secure Home-to-Office Transition Discussion” as your Area of Interest. We will have a HALOCK team member reach out to you to schedule a call.
CYBER SECURITY SERVICES TO MITIGATE YOUR RISKS
HALOCK also provides the following solutions to help our clients prevent these types of attacks.
HALOCK Threat Monitoring and Data Protection Partner Solutions
- Sophos Endpoint Protection
- Carbon Black Cloud-native Endpoint Protection
- Imperva Web Application Firewall