fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Former SolarWinds CEO Blames Intern For ‘solarwinds123’ Password Leak

Former SolarWinds CEO Blames Intern For ‘solarwinds123’ Password Leak

Washington (CNN)Current and former top executives at SolarWinds are blaming a company intern for a critical lapse in password security that apparently went undiagnosed for years.

The password in question, “solarwinds123,” was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server.

Several US lawmakers ripped into SolarWinds for the password issue Friday, in a joint hearing by the House Oversight and Homeland Security committees.

“I’ve got a stronger password than ‘solarwinds123’ to stop my kids from watching too much YouTube on their iPad,” said Rep. Katie Porter. “You and your company were supposed to be preventing the Russians from reading Defense Department emails!”

Microsoft President Brad Smith, who was also testifying at Friday’s hearing, later said there is no evidence that the Pentagon was actually affected by the Russian spying campaign. Microsoft is among the companies that has led the forensic investigation into the hacking campaign.

Also Read: Going Beyond DPO Meaning: Ever Heard Of Outsourced DPO?

“There is no indication, to my knowledge, that the DoD was attacked,” Smith told Porter.

SolarWinds representatives told lawmakers Friday that as soon as the password issue was reported, it was corrected within days.

But it is still unclear what role, if any, the leaked password may have played in enabling suspected Russian hackers to spy on multiple federal agencies and businesses in one of the most serious security breaches in US history.

Stolen credentials are one of three possible avenues of attack SolarWinds is investigating as it tries to uncover how it was first compromised by the hackers, who went on to hide malicious code in software updates that SolarWinds then pushed to some 18,000 customers, including numerous federal agencies.

Other theories SolarWinds is exploring, said SolarWinds CEO Sudhakar Ramakrishna, include the brute-force guessing of company passwords, as well as the possibility the hackers could have entered via compromised third-party software.

Confronted by Rep. Rashida Tlaib, former SolarWinds CEO Kevin Thompson said the password issue was “a mistake that an intern made.”

“They violated our password policies and they posted that password on an internal, on their own private Github account,” Thompson said. “As soon as it was identified and brought to the attention of my security team, they took that down.”

Neither Thompson nor Ramakrishna explained to lawmakers why the company’s technology allowed for such passwords in the first place.

Ramakrishna later testified that the password had been in use as early as 2017.

“I believe that was a password that an intern used on one of his Github servers back in 2017,” Ramakrishna told Porter, “which was reported to our security team and it was immediately removed.”

That timeframe is considerably longer than what had been reported. The researcher who discovered the leaked password, Vinoth Kumar, previously told CNN that before the company corrected the issue in November 2019, the password had been accessible online since at least June 2018.

Emails between Kumar and SolarWinds showed that the leaked password allowed Kumar to log in and successfully deposit files on the company’s server. Using that tactic, Kumar warned the company, any hacker could upload malicious programs to SolarWinds.

During the hearing, FireEye CEO Kevin Mandia said it may be impossible to fully determine how much damage was done by the suspected Russian hack.

“The bottom line: We may never know the full range and extent of the damage, and we may never know the full range and extent as to how the stolen information is benefiting an adversary,” Mandia testified.

Also Read: Limiting Location Data Exposure: 8 Best Practices

In order to make a damage assessment, Mandia said, officials must not only catalogue what data was accessed, but also imagine all of the ways that data could be used and misused by foreign actors — a monumental task.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us