CloudSEK Blames Hack on Another Cybersecurity Company By Orbit Brain December 8, 2022 0 192 views House › Incident ResponseCloudSEK Blames Hack on One other Cybersecurity FirmBy Ionut Arghire on December 08, 2022TweetDigital danger safety firm CloudSEK claims that one other cybersecurity agency is behind a current information breach ensuing from the compromise of an worker’s Jira account.As a part of the focused cyberattack, an unknown social gathering used session cookies for the worker’s Jira account to achieve entry to numerous kinds of inside information.As a result of the person by no means used a password for login, however relied on single sign-on (SSO) as a substitute, and since his electronic mail was protected with multi-factor authentication (MFA), the attacker was unable to compromise the password or the e-mail, CloudSEK says.Nevertheless, after taking up the account, the attacker did entry buyer names and buy orders for 3 firms, in addition to screenshots of the product dashboards. VPN and endpoint IP addresses have been additionally accessed, and the attacker searched Confluence pages for credentials.No buyer information, buyer login info, or credentials used on the portal have been compromised in the course of the incident, CloudSEK says.This week, a risk actor going by the identify of ‘sedut’ has created accounts on a number of cybercrime boards, claiming to have entry to CloudSEK information, together with XVigil, Codebase, electronic mail, Jira, and social media accounts, however the firm says these claims are false.Actually, CloudSEK says, the screenshots that the attacker has posted on the cybercrime boards will be traced to Jira/Confluence coaching pages and to Jira tickets.“All of the screenshots and purported accesses shared by the risk actor will be traced again to Jira Tickets and inside confluence pages. Even the screenshots of Elastic DB, mySQL database schema, and XVigil/PX are from coaching paperwork saved on Jira or Confluence,” CloudSEK says.Nevertheless, the corporate admitted that the attacker took over a social media account that CloudSEK makes use of for takedowns, after which tweeted from that account, tagging shoppers and media representatives.“The attacker has zero popularity on darkish net and created the darkish net market account particularly to submit CloudSEK-related info. No ransom was demanded from CloudSEK, nor have been there any indicators of a typical cybercrime group,” the corporate says.CloudSEK additionally notes that the assault seems to have been orchestrated by a cybersecurity agency.“We suspect a infamous cybersecurity firm that’s into darkish net monitoring behind the assault. The assault and the symptoms join again to an attacker with a infamous historical past of utilizing related ways we’ve noticed prior to now,” CloudSEK notes.In late November, CloudSEK disclosed an incident the place an worker’s laptop computer was contaminated with an info stealer (Vidar Stealer) after being despatched to a third-party vendor to resolve efficiency points.“The stealer log malware uploaded the passwords/cookies on the worker’s machine to a darkish net market. The attacker bought the logs the identical day. The attacker was unable to make use of the opposite passwords because of MFA. Therefore he used the session cookies to revive Jira classes,” CloudSEK stated on the time.Nevertheless, the incidents may not be associated, and the corporate remains to be investigating how the attacker (sedut) gained entry to the second worker’s session cookies.Associated: Leaked Algolia API Keys Uncovered Knowledge of Thousands and thousands of CustomersAssociated: California County Says Private Data Compromised in Knowledge BreachAssociated: Toyota Discloses Knowledge Breach Impacting Supply Code, Buyer Electronic mail AddressesGet the Day by day Briefing Most LatestMost LearnCloudSEK Blames Hack on One other Cybersecurity FirmPwn2Own Toronto 2022, Day 2: Sensible Speaker Exploits Earn Large Chunk of $280,000 WholeApple Including Finish-to-Finish Encryption to iCloud BackupGoogle Paperwork IE Browser Zero-Day Exploited by North Korean HackersCyberattack on High Indian Hospital Highlights Safety ThreatLarge Tech Distributors Object to US Gov SBOM MandateBuyers Pour $200 Million Into Compliance Automation Startup DrataSelf-Propagating ‘Zerobot’ Botnet Focusing on Spring4Shell, IoT VulnerabilitiesVaultree Raises $12.eight Million for Knowledge-in-Use Encryption AnswerFortinet Patches Excessive-Severity Authentication Bypass Vulnerability in FortiOSIn search of Malware in All of the Improper Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Pc Says About YouBe in a Place to Act By Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice Yr To Be a Scammer.Do not Let DNS be Your Single Level of FailureHow one can Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EnticingHow one can Defend Towards DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp CloudSEK cyberattack dark web monitoring data breach Jira session cookie user account Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
France Regulator Raps Apple Over App Store AdsIntroducing the Cyber Security News France Regulator Raps Apple Over App Store Ads.... January 6, 2023 Cyber Security News
Over 50,000 Revolut Customers Affected by Data BreachIntroducing the Cyber Security News Over 50,000 Revolut Customers Affected by Data Breach.... September 21, 2022 Cyber Security News
Industrial Giant Thyssenkrupp Again Targeted by CybercriminalsIntroducing the Cyber Security News Industrial Giant Thyssenkrupp Again Targeted by Cybercriminals.... December 21, 2022 Cyber Security News
Sophos Firewall Zero-Day Exploited in Attacks on South Asian OrganizationsIntroducing the Cyber Security News Sophos Firewall Zero-Day Exploited in Attacks on South Asian Organizations.... September 26, 2022 Cyber Security News
Vista Equity Partners to Acquire Security Awareness Training Firm KnowBe4 for $4.6BIntroducing the Cyber Security News Vista Equity Partners to Acquire Security Awareness Training Firm KnowBe4 for $4.6B.... October 13, 2022 Cyber Security News
AppSec Startup ArmorCode Raises $14 MillionIntroducing the Cyber Security News AppSec Startup ArmorCode Raises $14 Million.... November 16, 2022 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 77
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71
Bitcoin ETF Netflows May Experience Rebound If This Price Is Attained, Analyst ExplainsMarch 23, 2024 70