Tag Archive for: Ahead

Going into the Darknet: How Cynet Lighthouse Services Keep Cybersecurity Teams One Step Ahead of Hackers

/in


By monitoring the darknet, as well as underground forums, Cynet is able to identify and prepare for the latest cybersecurity threats before they reach deafening levels.

By Eyal Gruner, Co-Founder and CEO of Cynet

Data breaches are far from new, but the scale of attacks and sophistication of the attackers has reached all new levels in recent years. Since the pandemic, with the rise in remote work environments and work from home setups, compromised credentials became the most common initial access vector for data breaches in 2022 according to IBM – leading to rampant cybersecurity attacks. Because of the anonymity it offers, the darknet is fertile ground for bad actors looking to buy, sell, and trade large datasets of credential that can be used to access compromised accounts and systems left unchecked.

The alarming rise in compromised credentials led Cynet to launch its Lighthouse Service which monitors underground forums, private groups, and malicious servers for evidence of compromised credentials within the environment – taking its MDR team (CyOps) into the darknet and underground forums to search for potential cybersecurity threats before they become full-on attacks. Unlike traditional darknet monitoring services, Cynet focuses primarily on credential theft monitoring because of the swift rise in leaked credentials.

A Primer on the Darknet and Underground Forums  

Unlike the internet we all use to work, shop, and connect online, users must download a special Tor browser or browser add-ons to navigate the darknet. Because there is no link between a user and the user’s IP, the darknet requires specific access (software, configurations, authorization) – thus making it a prime location for illegal activity. Industry analysts estimate that the darknet accounts for 4% to 6% of internet content, with as many as three million users per day.

But the darknet is not the only gathering spot for cybercriminals. The internet we use on a daily basis (Clearnet) also houses underground forums that fuel and empower threat actors. The now seized “RaidForums” and its predecessor, “Breached,” are two popular sites that can be accessed via common web browsers. While the two are…

Source…

Flag march in Sambalpur, internet suspended, security tightened ahead of Hanuman Jayanti

/in


Sambalpur: The security personnel conducted a flag march on Thursday in Odisha’s violence-hit Sambalpur city, where internet services were suspended and security tightened as the district administration geared up to organise a peaceful Hanuman Jayanti.

District collector Ananya Das, north central range IG Brijesh Ray, SP B Gangadhar along with security personnel conducted the flag march to instill confidence among the residents, who have restricted themselves indoors since Wednesday’s violence during a bike rally held ahead of the Hanuman Jayanti on Maha Bishuba Sankranti on April 14.

Ten police personnel and some civilians were injured in the clash between two communities while the bike rally was passing through a locality in the city on Wednesday.

Violence erupted on Wednesday evening when stones were allegedly thrown at the bike rally taken out to celebrate the Hanuman Jayanti.

The bike rally and a ritual Jhanda Sthapana’ are organised every year prior to Hanuman Jayanti in the western Odisha city.

During the clash, some shops and several two-wheelers were set on fire while a number of cars were damaged.

The police have arrested 26 people so far and sent them to jail on the charge of rioting, while petrol bombs and swords were recovered from the houses of some persons in the city. Most of the localities wore a deserted look on Thursday as the majority of the shops remained closed.

Fresh violence was reported from a place in Dhanupali police station jurisdiction where two people were stabbed, police said.
Das said the administration has made elaborate security arrangements for Hanuman Jayanti and more force will deployed if required.

She convened a peace committee meeting, which was attended by representatives from both communities. “All those who attended the peace committee meeting have assured to cooperate to organize a peaceful Hanuman Jayanti tomorrow,” the collector said.

Sambalpur superintendent of police, B Gangadhar said that 43 people were detained and 26 others booked so far.

The administration clamped prohibitory order under section 144 CrPC in areas under Town, Dhanupali, Khetrajpur, Ainthapali,…

Source…

National security challenges in the decade ahead

/in


Indian Army after recovery of a huge cache of drugs on the Line of control in Kashmir


 Manoj Naravane


If you do not read your scriptures, you will lose your culture; but if you do not pick up your weapons, you will lose your Nation.


When one thinks of National Security, the first thought that comes to mind is the Armed Forces which conjures up images of tanks, military equipment, and soldiers in their ceremonial uniforms. However, National Security is not military security alone i.e., safeguarding the territorial integrity and sovereignty of the nation, but has many other dimensions, including, energy security, food and water security, cyber-security, and even health security. National security also extends to transnational crimes by state and non-state actors e.g., drug-running, that affects the very fabric of our Nation.


It is necessary, therefore, to adopt a Whole-of-Nation Approach to the issue of National Security, which is the primary duty of the Government. In this, the Diplomacy-Information-Military-Economic (DIME) concept leveraging all instruments of national power to ensure comprehensive National Security, is essential. Moreover, all four facets have to be complementary to each other in pursuance of a commonly defined aim. For example, on the one hand, it has been stated in many fora that relations with China cannot be normalised unless the border imbroglio is resolved. On the other hand, trade with China continues apace, and volumes have only increased post the 2020 stand-off in Eastern Ladakh. This sends mixed signals to the country, the global community, but most importantly to China, for whom resolution of the border issue becomes inconsequential, as long as trade is flourishing.


“It is necessary, therefore, to adopt a Whole-of-Nation Approach to the issue of National Security, which is the primary duty of the Government.”


There is no getting away from the fact that India has un-settled borders, in the West with Pakistan and to the North and East with the Tibet region of China, which will always be at the forefront of our national security calculus. Pakistan has a GDP of barely US $0.34 trillion, which is about…

Source…

Russian hackers could be regrouping ahead of elections, Microsoft warns

/in


Russia may push its hackers to become more aggressive in the coming months, after being stymied by Ukrainian resistance both on the battlefield and in cyberspace, Microsoft says.

In a report published Wednesday analyzing Russia’s cyber tactics in the year since it invaded Ukraine, Microsoft declared: “Should Russia suffer more setbacks on the battlefield, Russian actors may seek to expand their targeting of military and humanitarian supply chains by pursuing destructive attacks beyond Ukraine and Poland.”

As the company behind Windows, the world’s most popular operating system, Microsoft has particular insight into hacker activity. Like several major American companies and U.S. agencies, it has given cybersecurity aid to Ukraine.

During the course of the past year, Russia has deployed at least nine new “wiper” attacks, designed to worm their way into a victim’s computer network and delete files, the Redmond, Washington-based company said.

Those attacks didn’t have a significant spillover to the rest of the world, though there is precedent for that happening. The GRU, Russia’s military intelligence agency, infamously released a destructive strain of malicious software in 2017 called NotPetya, causing international condemnation. While NotPetya was intended to target Ukraine, it quickly spread around the world, causing an estimated $1 billion in damages.

Russia has previously denied responsibility for NotPetya. The Russian Defense Ministry did not immediately respond to a request for comment.

The Microsoft report came on the same day that a cybersecurity company said that the GRU had been able to exploit a previously unknown vulnerability in Microsoft’s flagship email program, Outlook, for almost a year.

Microsoft revealed the flaw Tuesday and issued a patch to fix it. Mandiant, a cybersecurity company owned by Google, said Wednesday that the GRU had been using it to hack targets for months.

A spokesperson for Mandiant said in an email Wednesday that the GRU had exploited it to spy on government computers and infrastructure in Poland, Ukraine, Romania and Turkey. A hacker with knowledge of how to exploit it could craft an email to a potential victim and gain access to…

Source…