Εμφάνιση 1-9 από 9
  1. #1
    Εγγραφή
    22-09-2003
    Μηνύματα
    81.687
    Downloads
    218
    Uploads
    48
    Άρθρα
    6
    Τύπος
    VDSL2
    Ταχύτητα
    204800/20480
    ISP
    Wind
    Router
    Technicolor DGA4130
    SNR / Attn
    6(dB) / 2.8(dB)
    Path Level
    Interleaved
    Security
    Μια από τις κορυφαίες εταιρίες παροχής προστασίας υπολογιστικών συστημάτων, με πελάτες το ένα τρίτο των 100 μεγαλύτερων εταιριών στις ΗΠΑ -η Carbon Black- φέρεται να διαρρέει τεράστιο όγκο δεδδομένων των πελατών της, εξαιτίας ευπάθειας/σχεδιαστικού σφάλματος στο flagship προϊόν της Cb Response. Στα δεδομένα που διαρρέουν, περιλαμβάνονται κλειδιά cloud, user credentials, proprietary apps, ευαίσθητα εμπορικά δεδομένα και πλήθος άλλων στοιχείων.

    Αυτά δεν είναι ευρέωσ διαθέσιμα αλλά είναι προσβάσιμα σε κυβερνήσεις, οργανισμούς και εταιρίες ασφαλείας, που είναι διαθέσιμοι να πληρώσουν για αυτά.

    Carbon Black specializes in what’s called endpoint detection and response, or EDR, a term for security tools that detect and investigate suspicious activities on a network’s endpoints—mobile devices, laptops, and desktop PCs. Data collected on potential threats is aggregated into a central location for further analysis to help grow and inform the platform’s threat intelligence capabilities.

    Carbon Black identifies files that are “good” versus those that are “bad” to prevent clients from running harmful files on their systems. This means it relies on whitelisting policies to fend off threats, and it’s a massive endeavor. It requires the company to constantly evaluate an enormous and ever-expanding pool of files—anything that an anti-virus scanner checks for a potential infection.

    The problem, according to the DirectDefense blog authored by President Jim Broome, is that Carbon Black encounters files on its clients’ computer that it has never seen before. “Since Carbon Black doesn’t know if this previously unseen file is good or bad, it then sends the file to a secondary cloud-based multiscanner for scoring,” explains Broome, referring to services that combine the power of dozens of anti-virus scanning products. “This means that all new files are uploaded to Carbon Black at least once.”

    However, “cloud-based multiscanners operate as for-profit businesses,” Broome continues. “They survive by charging for access to advanced tools sold to malware analysts, governments, corporate security teams, security companies, and basically whomever is willing to pay.”

    In other words, gaining access to the multiscanner means also gaining access to the files submitted to its database. And here’s where the trouble began.

    According to DirectDefense, the files were uploaded by Carbon Black, as identified by its unique API key. “By searching for similar uploads from this key, we found hundreds of thousands of files comprising terabytes of data,” Broome writes. In its report, DirectDefense says it identified three companies to whom the files belonged. The names of the affected companies were withheld, DirectDefense said, out of respect for their customers’ privacy.

    The first was a large streaming media company. The files associated with this company, Broome says, contained, among other sensitive files, Amazon Web Services (AWS) credentials, Slack API keys, Google Play keys, and an Apple Store ID.

    The second was a social media company, and for it the researchers discovered hardcoded AWS keys and keys for Azure, Microsoft’s cloud computing platform, along with “other internal proprietary information, such as usernames and passwords.

    Finally, the researchers discovered a shared AWS key granting access to customer financial data tied to a financial services company, in addition to “trade secrets that included financial models and possibly direct consumer data.”
    Πηγή : Gizmodo

  2. #2
    Εγγραφή
    11-03-2005
    Μηνύματα
    7.442
    Downloads
    24
    Uploads
    0
    Τύπος
    ADSL OTE
    Ταχύτητα
    24576/1024
    ISP
    OTEnet
    DSLAM
    ΟΤΕ - ΚΕΡΑΜΕΙΚΟΣ
    Router
    CISCO Systems K9 SMB
    Ποιο προιόν είναι ?

  3. #3
    Εγγραφή
    22-09-2003
    Μηνύματα
    81.687
    Downloads
    218
    Uploads
    48
    Άρθρα
    6
    Τύπος
    VDSL2
    Ταχύτητα
    204800/20480
    ISP
    Wind
    Router
    Technicolor DGA4130
    SNR / Attn
    6(dB) / 2.8(dB)
    Path Level
    Interleaved
    Παράθεση Αρχικό μήνυμα από DVader Εμφάνιση μηνυμάτων
    Ποιο προιόν είναι ?
    Cb Response.
    We'll build a fortress to keep them out and in a world gone silent I'll be your sound and if they try to hurt you I'll tear them down I'm always with you now....
    I forgot that I might see, so many Beautiful things
    everything that has a beginning has an end
    See the mirror in your eyes-see the truth behind your lies-your lies are haunting me See the reason in your eyes-giving answer to the why- your eyes are haunting me

  4. #4
    Εγγραφή
    08-01-2004
    Περιοχή
    Espoo, FI
    Ηλικία
    51
    Μηνύματα
    20.918
    Downloads
    41
    Uploads
    0
    Άρθρα
    4
    Τύπος
    FTTH
    Ταχύτητα
    1000/400
    ISP
    Elisa
    Router
    pfsense
    Cb Response, της Carbon Black.
    Ανυπόγραφος

  5. #5
    Εγγραφή
    06-07-2005
    Περιοχή
    Νέα Υόρκη
    Ηλικία
    48
    Μηνύματα
    11.619
    Downloads
    6
    Uploads
    2
    Τύπος
    Cable
    Ταχύτητα
    300 Mbps down/10 Mbps up
    ISP
    Spectrum
    Φαίνεται πολύ μεγάλη ζημιά. Θα έχουμε εξελίξεις.

  6. #6
    Εγγραφή
    08-01-2004
    Περιοχή
    Espoo, FI
    Ηλικία
    51
    Μηνύματα
    20.918
    Downloads
    41
    Uploads
    0
    Άρθρα
    4
    Τύπος
    FTTH
    Ταχύτητα
    1000/400
    ISP
    Elisa
    Router
    pfsense
    Παράθεση Αρχικό μήνυμα από tsigarid Εμφάνιση μηνυμάτων
    Φαίνεται πολύ μεγάλη ζημιά. Θα έχουμε εξελίξεις.
    Και η ζημιά φαίνεται όντως μεγάλη, και γίνεται πιο ηχηρή λόγω του ονόματος της Carbon Black στο χώρο.
    Ανυπόγραφος

  7. #7
    Εγγραφή
    11-03-2005
    Μηνύματα
    7.442
    Downloads
    24
    Uploads
    0
    Τύπος
    ADSL OTE
    Ταχύτητα
    24576/1024
    ISP
    OTEnet
    DSLAM
    ΟΤΕ - ΚΕΡΑΜΕΙΚΟΣ
    Router
    CISCO Systems K9 SMB
    Τι ακριβώς κάνει αυτό το προιόν ..? Π.χ δεν έτυχε να το ξέρω π.χ

  8. #8
    Εγγραφή
    22-09-2003
    Μηνύματα
    81.687
    Downloads
    218
    Uploads
    48
    Άρθρα
    6
    Τύπος
    VDSL2
    Ταχύτητα
    204800/20480
    ISP
    Wind
    Router
    Technicolor DGA4130
    SNR / Attn
    6(dB) / 2.8(dB)
    Path Level
    Interleaved
    Οι πελάτες "φταίνε".

    Update 8/9/17 10:54p EDT: Carbon Black has responded to DirectDefense’s allegations that it is leaking terabytes of private client data, including financial records and potential trade secrets, from major Fortune 100 companies.

    In a blog post Carbon Black CTO and co-founder Michael Viscuso claims that data discovered by the researchers was available to them due to clients having turned on and off-by-default function that allows them to share files with cloud-based multi-scanners for threat analysis purposes.
    [T]his is an optional feature (turned off by default) to allow customers to share information with external sources for additional ability to detect threats.
    Cloud-based, multi-scanners are one of the most popular threat analysis services that enterprise customers opt into. These multi-scanners allow security professionals to scan unknown or suspicious binaries with multiple AV products.
    Cb Response has a feature that allows customers to send their unknown or suspicious binaries to these cloud-based multi-scanners (specifically VirusTotal) automatically. We allow customers to opt in to these services and inform them of the privacy risks associated with sharing. Our products are not dependent on these services.
    After explaining the feature in detail he went on to reiterate, “It is also not a foundational architectural flaw.”
    We'll build a fortress to keep them out and in a world gone silent I'll be your sound and if they try to hurt you I'll tear them down I'm always with you now....
    I forgot that I might see, so many Beautiful things
    everything that has a beginning has an end
    See the mirror in your eyes-see the truth behind your lies-your lies are haunting me See the reason in your eyes-giving answer to the why- your eyes are haunting me

  9. #9
    Εγγραφή
    29-12-2005
    Ηλικία
    45
    Μηνύματα
    4.527
    Downloads
    18
    Uploads
    0
    ISP
    Inalan
    Δηλαδή αν καταλαβαίνω σωστά, η συγκεκριμένη εταιρία μαζεύει αρχεία απο τους πελάτες της τα οποία ειναι "άγνωστα" στις μηχανές ανίχνευσης κακόβουλου λογισμικού. Τα αρχεία αυτά συγκροτούν μια βάση αρχείων στην οποία έχει πρόσβαση οποίος πληρώσει.
    Τα αρχεία αυτα όμως μπορεί να περιέχουν και ευαίσθητες πληροφορίες.
    Αναλογικά και τα antivirus που τρέχουμε μπορεί να κάνουν το ίδιο (να στέλνουν αρχεία απο τον υπολογιστή στην μαμά εταιρεία)

Παρόμοια Θέματα

  1. Μηνύματα: 25
    Τελευταίο Μήνυμα: 26-01-17, 23:48
  2. Μηνύματα: 12
    Τελευταίο Μήνυμα: 14-01-17, 20:06
  3. Μηνύματα: 17
    Τελευταίο Μήνυμα: 24-11-16, 01:06
  4. Μηνύματα: 76
    Τελευταίο Μήνυμα: 18-11-16, 13:46
  5. Μηνύματα: 31
    Τελευταίο Μήνυμα: 10-10-16, 13:36

Tags για αυτό το Θέμα

Bookmarks

Bookmarks

Δικαιώματα - Επιλογές

  • Δεν μπορείτε να δημοσιεύσετε νέα θέματα
  • Δεν μπορείτε να δημοσιεύσετε νέα μηνύματα
  • Δεν μπορείτε να αναρτήσετε συνημμένα
  • Δεν μπορείτε να επεξεργαστείτε τα μηνύματα σας
  •  
  • Τα BB code είναι σε λειτουργία
  • Τα Smilies είναι σε λειτουργία
  • Το [IMG] είναι σε λειτουργία
  • Το [VIDEO] είναι σε λειτουργία
  • Το HTML είναι εκτός λειτουργίας