Entries by Calin Ghibu

Common ways of stealing data: Access token theft

Nowadays, 41 records are lost every second in data breaches usually caused by external attackers (according to Breachlevelindex), and the trend is climbing. Companies need to invest more in security training and solutions to reduce the risk of successful cyber attacks. This article explores a way in which hackers steal data once they managed to […]

Common ways to steal data: Clear-text password dumps.

When counting lost records officially reported so far in 2016 in the US, 3.2 out of 4.7 Million were stolen by external attackers (according to Privacy Rights Clearinghouse database). These numbers show that in spite of increased security awareness, bigger budgets, stricter standards and regulations, companies are still easy prey for hackers. This article explores […]

File integrity monitoring – Are you doing it properly?

The integrity of system and configuration files of various services and applications is critical for building and maintaining secure IT environments. Hence, multiple compliance objectives (HIPAA, PCI DSS, SOX, FISMA and more) require implementing file integrity monitoring to ensure that these critical files are changed as part of authorized, documented and controlled processes only. Many […]

Ransomware stories – Petya, the odd one out

What is Petya and how is it different from other ransomware? Petya ransomware is meant to prevent users from accessing their data and force them to pay ransom in order to recover it. However, unlike other types of ransomware, it does not use encryption to compromise the files one by one, which may take time […]