Page 3 - Threat Intelligence 10-28-2019
P. 3
Perspective:
State of the
Marketplace
This week both Avast and NordVPN released statements regarding
intrusions on their networks that may have lasted months. While the
time of the intrusions as well as the severity is different, one thing
remains the same in both breaches. The cause of both breaches was
due to phantom users or unknown and forgotten user accounts that
allowed remote access. The breach with Avast is very troubling, as it
seems to have come from CCleaner, a widely used tool for cleaning up
bloat and temporary files off computers. On the Nord side of this issue,
the breach was caused by an expired private key that potentially
allowed attackers to create imitation servers that could then be used to
monitor the traffic of its users. The response from Nord is concerning,
as rather than take full accountability for the issue it was instead played
down and pinned onto a data center provider.
The FTC also made a strong statement this week on the topic of
stalkerware applications. In a recent settlement with with the app
maker Retina-X Studios, the FTC laid some rules for how these
companies handles both their data as well as checks on how their
applications are being used. While the apps are intended to function as
form of parental control, it was found that attackers could use the app
to compromise victims' locations as well as sensitive data. The FTC has
called for Retina-X to monitor and ensure their apps are being used for
Legitimate Purposes as well as any data previously collected by the
company to be destroyed. ZDNet has also published a great guide on
ways to verify if your device has been infected by a stalkware
application as well as some other good security guidelines. This
settlement should stand as a baseline for how these companies who
provide monitoring services for their families handles the security of
both their applications and information.
~Stay Secure 3
www.accumepartners.com
