1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • JumpCloud reset API keys following security incident

    From TechnologyDaily@1337:1/100 to All on Mon Jul 17 15:30:03 2023
    JumpCloud reset API keys following security incident

    Date:
    Mon, 17 Jul 2023 14:15:04 +0000

    Description:
    Security incident targeting a select handful of users has repercussions for all JumpCloud customers.

    FULL STORY ======================================================================

    JumpCloud has confirmed it reset customer API keys following a security incident earlier in July 2023, leaving customers who missed the advisory notice with disrupted services.

    In a blog post , company CISO Bob Phan explained: The security threats that
    we face, as an industry, are unprecedented and require strong collaboration from all constituents.

    Details of the security incident remain sparse, but Phan disclosed that unauthorized access by a sophisticated nation-state-sponsored threat actor
    saw a small and specific set of cloud storage customers targeted, who were notified prior to the public blog post. JumpCloud security incident

    In response to the attack, JumpCloud says that it has been working with both incident response partners and law enforcement in order to prevent such
    future attacks, claiming that the attack vector used by the threat actor has been mitigated. Read more

    These are the best cloud backup services


    Cloud remains the biggest target for cyberattacks


    Cyberattacks are rising across the world - here's what you need to know

    The API key reset on July 5 followed unusual activity in the commands framework on the same day. Phan said that the spear-phishing campaign could
    be traced back to June 22.

    Despite expressing a commitment to providing transparent and timely information, some have expressed their concern over the incident.

    Nick Rago, Field CTO at Salt Security, a company whose mission it is to make APIs attack-proof, said that the incident must have been pretty significant for JumpCloud to have taken the action it did across its whole customer base.

    Rago continued: there doesn't seem to be much transparency at this time into what the security incident was or how long API keys might have been potentially exposed, or how they are remedying this type of incident from happening again.

    Salt Securitys Field CTO suggests that enterprise users should look to lock down API access to their account from a whitelist of locations in order to limit attack risk.

    JumpClouds Phan promised that the company would continue to enhance its security measures to prevent future attacks, collaborating with industry partners and governments. Boost your cybersecurity with the best firewalls
    and best endpoint protection tools



    ======================================================================
    Link to news story: https://www.techradar.com/pro/jumpcloud-reset-api-keys-following-security-inci dent


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)