The analytics team Techreviewer ranked Anteelo among the top cybersecurity companies in 2021. Analysts at TechReviewer carefully select agencies based on company ratings, social media mentions, service quality factors, the company’s business history, and expert insights.The Anteelo team is honored to be included among such a venerable list of cybersecurity companies. We are extremely grateful for participating in TechReviewer’s ranking process and privileged for their high marks and recognition.Since 2018, Anteelo has delivered high-quality, cybersecurity and web hosting to the needs of individual businesses and organizations. Its core development team brings an admirable level of proficiency and dedication to every project, outshining the industry competition and continually attracting prospective customers.
About TechReviewer.co
TechReviewer.co is a research & analytics team founded in 2019 that carries out studies and compiles the lists of the leading software development companies in various categories based on the market research and the analysis of reviews.
TechReviewer helps to connect the business and find optimal vendors that meet the high requirements for providing quality services.
More sophisticated, streamlined and ambitious cyber attacks (with the capability of inflicting destruction to a large extent) have compelled the security experts to look for ways to up their game as well. The propagation of cloud computing which has affected the efficiency of the firewalls (set up for protecting the systems) a bit, has resulted in the security teams of various organizations in opting for strategies that would analyze the behavior of the user and the network.
Enters Big Data
Big data is nothing but extremely large data sets that comprise of structured data like SQL database stores, semi-structured data like the kind present in sensors as well as unstructured data like document files; data that can be mined for information. The approach is already being used in multiple projects throughout the world like during elections (particularly in Obama’s 2012 re-election campaign and Indian General Election 2014). Since the security experts indulged in ensuring cyber security are shifting their focus to the analysis part of the data, services like risk management and managing the actionable intelligence provided by Big Data can be utilized here.
According to CSO, the collaboration between cybersecurity and big data would be best put to use with highly trusted and accurate data along with some functionality to automatically respond to the threats present in the data (being analyzed). Using Big data for ensuring Cyber security will allow organizations to identify hackers attack vectors up to an advanced level and in discovering miscellaneous anomalies.
Government agencies were in a state of shock when they realized that their systems have been compromised with the malicious TeamViewer software. The attacker who was responsible for this attack is a Russian speaking man. TeamViewer is one of the most popular tools for the remote access of desktop, desktop sharing, file transfer between systems, web conferencing etc. The motive behind the attack is probably financially driven. The software was manipulated by adding malicious TeamViewer DLL to the original software. This mala fide software can steal sensitive data and money from even government and financial networks.
A malicious email posing to be sent from the U.S. Department of State was delivered in the inbox of the government employees and had ‘Military Financing Program’ as its subject line. The email had a malicious XLSM attachment with embedded macro.
Employees were duped by the malicious email since the emails coming from the U.S. department of state are generally marked as top secret. Once the victim opened and enabled macro in the decoy document, two files were extracted from the hex encoded cells in the XLSM document. The first one was the genuine AutoHotkeyU32.exe program. The other one was the corrupted AutoHotkeyU32.ahk which is an AHK script used to communicate with C&C server and to download the additional script and execute it.
How did the attacker successfully deploy the attack?
There are three different kind of malicious AHK scripts including ‘hscreen.ahk’, ‘info.ahk’ and ‘htv.ahk’. These three scripts affect user’s system in different ways.
hscreen.ahk: This script takes the screenshot of the victim’s personal computer and upload it on the C&C server.
hinfo.ahk: Victim’s username and computer information is sent to the C&C server.
htv.ahk: A malicious version of TeamViewer is downloaded, executed on victim’s system and login credentials are sent to the C&C server.
The attacker hid the genuine TeamViewer interface while the TeamViewer software with malicious ‘htv.ahk’ was being run. DLL in order to take over the control of the software. This allowed the attacker to replace the genuine TeamViewer with the manipulated version.
The attack targeted Public financial sector and government officials belonging to Kenya, Italy, Liberia, Bermuda, Guyana, Lebanon and Nepal.
Earlier in the month of January, a security researcher who goes by the name of FewAtoms found a URL containing a malicious self-extracting archive which is a spyware disguised as TeamViewer.
The researchers have found a link of an avatar connected to a Russian underground forum user known as EvaPiks.
What could have been done?
Ensure that the AHK script is compiled with ahk2exe, which is the part of AHK distribution.
In order to prevent de-compilation, provide a good password.
Always check the extension of any attachments present within the email.
Organizations should implement a multi-layer defense and put mitigation protocols in place to detect intrusions and act against them.
Enhance settings for macro malware attached emails.
Ensuring the application of these methods so that the program runs normally. It will also ensure that attacker would have difficulties in modifying the program.
However, the most effective strategy is to empower employees against social engineering attacks and provide periodic knowledge imparting sessions.
2019 has been a good year; not for many; but definitely for cyber-criminals. While we might still be coping-up with the news of a data breach incident that would have occurred two days ago; we hear another case of an organization’s infrastructure being breached. Let’s hit the ground zero.
1.Google Chrome cast Hack
It was almost a normal day of the winters of January, when thousands of people who had been using Google’s Chromecast streaming dongles, Google Home smart speakers as well smart TVs with built-in Chromecast technology; got their systems hacked. Hackers left a display pop-up to inform users that their systems are exposed to public internet. However, the odd thing about this hack was that attackers forced people to subscribe to the YouTube sensation ‘Pewdiepie’.
2.Germany’s Biggest Cyber attack
Around the same time, Germany was hit by the biggest cyber-attack in its history. Hackers hacked into the twitter accounts of more than hundred German politicians and accessed their highly sensitive personal information including email addresses, phone numbers, private chats, photographs of victims’ ID, bills as well as the credit card information. Attackers leaked the data on a twitter account called ‘@_0rbit’. German federal police dived into an investigation and soon, a 20-year old local student was arrested.
3. Ethereum Classic lost $ 1.1 million to hackers
While German police was celebrating its victory, popular cryptocurrency exchange Coinbase Ethereum Classic, experienced one of the worst days in its history. People who were using its services were forced to pay twice the coins for any of its services. This resulted in the loss of around $ 1.1 million Ethereum Classic digital currency. This resulted in the immediate fall in the prices of the digital currency. Hours later, Ethereum Classic accepted that there were almost ‘51% successful attacks’ with multiple block reorganization. Attackers are still under the cover and Ethereum Classic is still investigating.
4. Australian Parliament Cyber-attack
In the beginning of February, Australian parliament faced one of the biggest cyber attacks with its server being hacked by what the Australian parliament referred to as ‘the work of a sophisticated state actor’.
5.Leaked Database of Chinese citizen found online
In January 2019, cybersecurity experts discovered a huge unsecured database worth 854.8 GB; lying openly on the internet. The database was stored on an instance of MongoDB and consisted records of approximately 202 million Chinese citizens who were apparently job candidates. Soon the database was taken off, however, MongoDB has displayed the list of dozen of IP addresses that have accessed this database.
6. Wiping out VFEmail.net
U.S. based email service ‘VFEmail.net’ informed its users that all their data as well as backup worth two decades of data was lost. It was discovered that the attacker’s IP address was 94[.]155[.]49[.]9 and the username was “aktv,”, apparently registered in Bulgaria.
7. Attackers were selling the information on dark web
In one of the shocking instances, it was revealed that attackers were selling information of approximately 747 million accounts on the dark web. These accounts were stolen from 24 very popular websites. Most of these websites had no idea that they were compromised with, however, a few have confirmed that they suffered from data breach.
8. Indane gas breach
LPG gas company, Indane, became the victim of yet another case of data breach, where Aadhar number of approximately 6.7 million customers were leaked.
9. Aadhar details leaked
MongoDB is once again the talk of the town. A database known as GNCTD worth 4.1 GB in size, has been found on MongoDB instance. The database consisted of approximately 458,388 individuals’ Aadhar and Voter ID numbers along with references as well as email addresses with “transerve.com” domain for users who were registered with “super admin” and “senior supervisor” designations.
10. 1 million ASUS systems affected by massive supply chain attack
Taiwan based world’s fifth largest PC maker, ASUS, revealed that approximately 1 million systems were affected by massive supply chain attack known as ShadowHammer.
11. Bithumb suffers the loss of $19 million
On March 30th, the news of a humungous $19 million theft from the South Korean, Bithumb cryptocurrency exchange, fell into the ears of people. Hackers had compromised Bithumb’s hot EOS as well as XRP wallets and transferred approximately 3 million EOS (~ $13 million) and 20 million XRP (~ $6 million) to the newly-created accounts.
12. Georgia Institute of Technology suffers data breach
Georgia Institute of Technology was hit badly by cyber-criminals when a data breach led to the theft of the personal information of around 1.3 million current as well as formal faculty members, student as well as the applicants. According to the university, outside entities gained access to the web application of the university’s database.
What is the reason behind the success of these attacks?
The first quarter of the year has seen a number of data breaches that have targeted big organizations. Attackers are learning, adapting as well molding their modus operandi with the changing time. On the other hand, organization are still being old school.
Procrastination:
2019 took a start with Google Chromecast devices being hacked. This happened because a group of attackers exploited a bug that was lying down for five years like a ticking time bomb. Evidently, Google was aware of this vulnerability but kept on ignoring the bug.
Being Ignorant to the details:
In most of the cases, organizations are unaware of the fact that they are undergoing a cyber-attack. ASUS is one such victim since the attack was ongoing during the second half of 2018 and the company had no clue.
Lack of proper cyber-security measures:
Many a times, the data travelling in the forms of packets is not well encrypted and thus data can be easily stolen away by attackers. Indane Gas was victimized because of a vulnerability that was present in its mobile application.
What should organizations do in order to safeguard themselves?
Organizations can employ preventive cyber-security measures in order to safeguard data security and ensure that the network as well as the infrastructure of the organization is free from vulnerabilities and loopholes. Cyber-security companies ensure the same with a number of managed security services such as vulnerability assessment and penetration testing, web application testing, network penetration testing, server security testing etc. Anteelo is one of the fastest growing cyber security start-ups in the country. With its team of expert pen testers, the company has provided managed services to a number of businesses to industries like Healthcare, banking, insurance etc. These services have enabled organizations to conduct businesses without worrying about various issues related to the cyber security of the organization.
Phishing is one of the most infamous cyber attack vectors that is widely adopted by attackers for luring victims to reveal their sensitive and confidential information. Phishing attacks are generally carried out through the medium of emails.
Attackers forge fake emails with malicious links. Once the link is clicked and the victim submits its credential, the attacker gains unauthorized access by misusing those credentials. Hence, the victim gets phished.
History of the Emergence of Phishing Attacks
The history of phishing is quite old. It has been prevalent since the good old days of the 90s. America Online (AOL) was one of the top internet service providers during the mid-90s with millions of visitors every single day.
Attackers or ‘Phreaks’ (yes! That’s what attackers used to call themselves. Fancy, right?) started trading pirated software over AOL and formed a ‘warez’ community.
This community stole AOL users’ passwords, created random credit card numbers, and spammed users.
This process was automated with the help of windows software AOHell. Once discovered, AOHell was shut down by America Online.
There are many cases that have been reported and even more that have not been reported. On average, 1.2 million phishing attacks occur annually. According to security research, phishing attacks almost doubled to 482.5 million from 246.2 million in the year 2017. Statistics show that phishing accounts for 91% of all cyber attacks.
Why do Attackers Use Phishing Attacks?
Large User base
One of the biggest reasons for the success of Phishing attacks is the widespread use of emails. At present, there are around 2.6 billion email users and this number is expected to cross 4.2 billion by the year 2022. Susceptibility rate of phishing attacks is quite high as attackers can easily find out email addresses, send phishing emails, and there, it’s done.
Humans are the weak link
The other big contributor to the success of phishing attacks is the victim itself. These days, social media has become a huge part of people’s lives. People are putting out their entire lives online. Attackers can easily access the personal information of the victim through a social networking platform that helps in creating personalized phishing attacks (also known as Spear Phishing).
Lack of awareness
Lack of security awareness among employees is also one of the major reasons for the success of phishing. Organizations should be aware of how the benefits of security awareness training can secure their employees from falling victim to phishing attacks.
In recent years, attackers have shifted their focus from individuals to employees within the organization. Statistically, 90% of the cyber attacks are the result of employee negligence. During the year 2018, a 76% increase in the number of phishing attacks was observed.
54% of the companies had experienced one or more attacks that compromised their IT infrastructure and data. According to the survey done on 19,000 people, approximately 97% of the people are unable to identify such attempts.
Leniency in the adaption of security measures
The leniency in the adaptation of security measures is one of the biggest reasons for the success of phishing attacks. Studies have shown that organizations lag in spending money on the implementation of cybersecurity measures. During the year 2018, 51% of the organizations have made no change to the budget allocated to ensure cybersecurity.
These reasons play a huge role in the success of such attacks. Therefore, it is extremely important for organizations to implement cybersecurity practices and understand the benefits of following security measures properly. Cybersecurity companies like Anteelo, ensure that your network and infrastructure are secure from cyber attacks. Anteelo offers industry-leading cybersecurity solutions and tools such as cyber attack simulation and awareness tool, email authentication and anti-spoofing solution; anti-phishing, fraud monitoring & take-down solution; phishing incident response, VAPT and secure code review.
Securing people, process & technology and having an Impenetrable security posture in an organization has been a major concern for businesses since years. Organizations have been investing massive amounts in next-gen security technologies such as antivirus, firewalls, full disk encryption and data loss prevention. The investment in cybersecurity solutions has risen from $3.5 billion in 2004 to $75 billion in 2015, and forecasted to reach $170 billion by 2020! Though these solutions are considered as the epitome of security, they fail to secure one very important aspect of cybersecurity, which is the People. In the current era of technology, People, not technology, are becoming the key to securing organizations.
Why do we need to have an impenetrable security posture addressing the human element?
Cyber attackers are well aware that employees in an organization are considered to be the least resistant or in other words, the weakest link for any security breach. As a result, attackers are intruding technology using cyber-attacks like Phishing, Smishing, Ransomware attacks, removable media etc. The solution to mitigate it is quite simple, just as organizations are investing in creating a secure IT infrastructure, they’ll also need to start investing on a security-conscious workplace, also known as a human firewall, in order to obtain an impenetrable security posture.
However, this can only be achieved if they are able to raise the awareness amongst the people to such an extent that they at least become a strong firewall against potential cyber threats. The best way to incorporate awareness is to gamifying the training part in order to create employee interest in the subject. As for many of them, the idea of cybersecurity ignites the same emotions that air travelers experience when witnessing the flight safety presentations during the start.
To create a secure culture and behavior amongst the people, organizations need to establish a long-term security awareness approach. An approach, where the employees should be tested for their behavior, and how they are reacting against the top potential online attacks. Where the workforce will be engaged in knowledge imparting and regular security assessments as building a strong line of defense is not a one-time security training, it needs to be a continuous process. This will at least make the employees think like security professionals, or at least be vigilant enough to think twice before reacting to cyber scams.
Also, we cannot completely blame the employees when it comes to data breaches, for example, if a user commits a mistake and clicks on an email that causes a breach, we often think that it happened because of the user’s negligence. But it is not actually the case, the organization was already under attack when the attacker sent the email before it was even clicked or opened! So having a powerful security infrastructure is equally important when it comes to incorporate People, Process, and Technology.
What are the possible consequences of not having a cybersecurity awareness training program for employees?
Given that 91% of the data breach attacks include phishing, if your workforce is not prepared to identify and ignore these attacks, the risk of a successful cyber attack, such as ransomware is greatly increased. Small businesses are affected the most as they can be extremely fragile, and the cost of a breach is always high in terms of money. Also, depending on what loss is incurred and how it impacts the customer base, a data breach can do significant damage to your brand reputation as well.
Companies need to harmonize security and convenience when talking about security awareness to their employees. The goal should be to lower the risk to an acceptable level. Awareness training is an emerging trend, and organizations should always look out for upcoming trends in employee compliance and new tools, in order to improve cybersecurity awareness.
Some people are still on the fence about investing in employee cybersecurity, what should be the driving factor for them?
Here the answer will be simple, a big YES! It is considered an essential practice to incorporate impenetrable security involving employee security measures in organizations. The employees need to keep in mind that everyone has a role in keeping a company and its stakeholders protected. Companies might consider spam filters, firewall, IPS, SIEM, app whitelisting etc. to be effective against cyber scams, but the only way they can make these tools effective is by involving the users in cyber defense.
Every organization across the globe has data which is valuable to the attackers. Data such as customer records, email accounts, employee data etc. are all sought after and can make your organization a high-value target. Organizations should have a highly maintained security management approach which should include high-quality employee protection program, documented patching process, identity, access and password management and an incident response plan. Dedicated cybersecurity firms like Anteelo , solely work on People, Process, and Technology agenda, providing customized VA-PT (Vulnerability Assessment- Penetration Testing) services and employee risk assessment tool, that helps organizations in reducing the overall threat posture to up to 90%.
Have you ever heard the term that employees are the weakest link in the security of the organization? If yes, then it is completely true. IT security is one of the tricky set of scales. No one is resistant to make an error, and making a mistake will take only one forgotten step or an incorrect click to bring down your complete system. As technologies are mounting up hackers are setting digital traps ubiquitously to profit from the employee’s one mistake, so the odds are frequently more in their goodwill than yours for productively.
If your firm is like most, and you are spending a lot of your budget on security: to protect your organization then you must be aware of the facts that spending on products is useful if the weakest link is attentive about the latest cyber security trends. The expert consultant’s help you understand where your weaknesses lie and sort out the expected mess when something goes incorrect. This approach can work, but it fails to prove that the weakest link in your security fence: are your employees.
The risk of cybercrime has created a noteworthy increase in concern on the matter of cybersecurity, with organizations spending dollars to shield themselves against this growing array of present and possible future threats. They frequently forget the menace exposure created by their own employees and customers.
Unfortunately, business heads don’t realize that the biggest threat is the human element in spite of the fact that barely a day goes by without news any data breach. It’s secure to say that we work in a risky environment with risky people. But there’s a mounting recognition that cybercriminals aren’t the only risk to an enterprise. So it’s also necessary to educate employees about increasingly complicated phishing and vishing techniques and also to carry out Vulnerability Assessment and Penetration Testing(VAPT). It is imperative to carry out standard and systematic education and cyber training sessions to keep everyone up to pace on the most up-to-date threats and best practices. All the mandatory compliances also ensure the reduction in the cyber risk.
Are you using social media platforms on daily basis then you must be aware of its dark side impacts on your social life? Let’s talk and rethink about your personal safety before using these interactive internet based applications. As people use it to connect with far-flung friends and family members to send speedy messages to colleagues and can broadcast major and minor actions in your lives. This is also a basic platform for many businesses to collaborate or share information for instance; individuals can discuss an assignment with co-workers by means of a various social media messaging session. With advancement employers and schools are more and more using social media to reach out to possible employees and students as well.
According to the Bureau of Justice Statistics, more than 16 million US residents became victims of identity theft in 2012 alone. Keeping your passwords, financial, and other personal information safe and protected from outside intruders has long been a priority of businesses, but it’s increasingly critical for consumers and individuals to pay attention to data protection advice and use various top-notch practices to keep your personal information secure and protected. There is loads of information out on the internet there for consumers, families, and persons on protecting their bank credentials, sufficiently protecting desktop and laptop from hackers, malware, and other threats, and most excellent practices for using the Internet safely for personal safety. Protecting your individual information via various cybersecurity training programs can help lessen your menace of individuality theft.
Various conducts to secure your data:
Maintain proper security on your PC, Mobiles and other electronic devices to secure your social life.
Systematically store and arrange your personal information securely
Ask questions before deciding to share your individual information
Practices for personal safety and Keeping Your Devices Secure
Install good quality anti-virus software, anti-spyware software, and a firewall.
Don’t open files which are not known to you or download programs sent by outsiders.
Before sending personal information over your laptop on a public wireless check if your information will be protected.
Keep financial information on your laptop only if necessary.
Don’t use an automatic login feature on your bank accounts and emails that save your username and password.
Delete mail that contains identifying information or account numbers or invalid transaction.
There is so much information that may make you get confused, principally if you’re not a tech-savvy. In order to mend these issues, you can adopt various straightforward best practices and tips for protecting your devices from threats or simply consult us via contact@anteelo.com and get various security tips to secure your social platforms.
Do you know the frequency of sophisticated attacks on the banking sector is increasing day by day? If so, then the need to develop a comprehensive cyber security program is vital. The banking sector has always been susceptible to banking related and financial frauds. Subject to the technological advancements, the banking systems are now connected to the internet and have migrated from the physical centers to computer systems and to other platforms like mobile phones.
Although this, like every other technological change, is a development that is aimed to make life easier for the masses, it (like every other technology) comes with disadvantages.
Lack of Cyber Security in the Banking Sector
The biggest disadvantage that the banking sector has been facing subject to being digitized is being vulnerable to cyber attacks. Since the banking platforms are available online, any flaw in their application risks the chance of getting exploited by anonymous attackers throughout the world.
That is, digitization of the financial services industry has opened the gates of anonymous incursions and hence, to myriad information security threats. In order to prevent fake transactions, the banking platforms have taken several security measures like incorporating advanced analytics; but not being in compliance with the set mandatory safety norms hinder the successful implementation of the same (that is, although the measures have been enforced, they fail to provide complete protection).
The last quarter of 2016 witnessed the largest data breach in the history of India’s banking system when about 3.2 million debit cards, belonging to some of the major banks, got hacked using a malware (virus) infection.
Another incident of banks being targeted by the cyber attack was reported at the beginning of 2017 when three Indian banks belonging to the Public sector got infiltrated in order to create fraudulent trade documents. The SWIFT (Society for Worldwide Interbank Financial Telecommunication) systems associated with these banks were discovered to be compromised with the purpose of creating fake documents.
This was not the first time that the SWIFT systems got breached. The Bangladesh Bank Heist that took place in February 2016 occurred because of compromised SWIFT systems as well, and so did a number of other attacks.
Consistently increasing and more streamlined attacks like these (the ones mentioned above) make the banking sector one of the most targeted domains and since it is one of the most crucial ones (dealing with the finances of a country), it is imperative that banks opt for cybersecurity (both at basic and advanced levels).
