1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Security giant Dragos hit by cyberattack blow

    From TechnologyDaily@1337:1/100 to All on Thu May 11 16:15:03 2023
    Security giant Dragos hit by cyberattack blow

    Date:
    Thu, 11 May 2023 15:10:46 +0000

    Description:
    The crooks stole company data and tried to deploy ransomware, but were seemingly stopped in time.

    FULL STORY ======================================================================

    Cybersecurity firm Dragos has been targeted by a threat actor whose goal was seemingly to deploy ransomware and extort the company.

    The attempt failed, and Dragos shared the details of what had happened, in hopes to help other companies who might find themselves in a similar
    situation in the future.

    In a blog post , Dragos reported that a threat actor managed to gain access
    to the companys systems through a previously compromised email account belonging to a newly employed member of staff. They used the access to impersonate the new employee and access resources typically used by new sales employees, in SharePoint and the Dragos contact management system. They also managed to obtain a report with IP addresses associated with a customer, prompting Dragos to reach out to that customer immediately. "Regrettable" theft

    The company believes they had spotted the attacker on time and prevented them from doing any major damage.

    We are confident that our layered security controls prevented the threat
    actor from accomplishing what we believe to be their primary objective of launching ransomware, the blog reads. They were also prevented from accomplishing lateral movement, escalating privileges, establishing
    persistent access, or making any changes to the infrastructure.

    However, that did not stop the attackers from trying to extort the company
    for the data they had taken. Soon after, they reached out to company executives via WhatsApp, threatening to release sensitive data to the dark web. WE HAVE EVERYTHING., one of the messages reads. Read more

    Hitachi Energy confirms data breach after being hit by Clop ransomware


    Hatch Bank says 140,000 customers had data stolen after breach


    Here's our rundown of the best firewalls

    As the company did not flinch, the attackers then resorted to mentioning family members, as well as reaching out to other Dragos contacts to try and trigger a response.

    While the external incident response firm and Dragos analysts feel the event is contained, this is an ongoing investigation, the blog further states. The data that was lost and likely to be made public because we chose not to pay the extortion is regrettable. However, it is our hope that highlighting the methods of the adversary will help others consider additional defenses
    against these approaches so that they do not become a victim to similar efforts. These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/security-giant-dragos-hit-by-cyberattack-attemp t


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)