Sunday, April 14, 2024
HomeSECURITYNorton antivirus developers attacked by Clop hackers

Norton antivirus developers attacked by Clop hackers

-


Norton antivirus developers attacked by Clop hackers

Why couldn’t a cybersecurity company protect their data?

Company NortonLifeLock, known around the world for its antivirus software Norton Antivirus, was the victim of a ransomware hacker group called Clop. The criminals have posted the compromise on their dark web page and are threatening to release the stolen data unless the company pays the ransom.

Apparently hackers exploited a vulnerability in the cloud MFT-file transfer solution MOVEit Transfer from Progress Software. This vulnerability allowed digital thugs to guess database passwords SQL by using brute force. After a successful hack, the cybercriminals gained full access to the web repository and were able to download and manage sensitive files from multiple companies. Despite the fact that the vulnerability was fixed shortly after its discovery, this did not help prevent the attack.

NortonLifeLock was among more than 80 companies that were reported as victims of Clop on their dark web leak site. However, it is not yet known for sure which several discovered vulnerabilities MOVEit Transfer was used, and whether the MFT platform was involved in the leak at all.

The entry on the Clop website does not say anything about negotiations with Norton. Usually, if a company refuses to pay the ransom, the hackers report it and release the stolen data. However, this did not happen in the case of Norton – the record only speaks of the fact that the company’s data was compromised. Negotiations usually take up to several weeks, especially if the company is willing to pay but wants to negotiate the amount of the ransom.

For any cybersecurity company, this situation is a big blow to reputation. Even if Norton is not to blame for the leak at all, and MOVEit is solely responsible, it still undermines the company’s credibility.

It is not yet known exactly how NortonLifeLock was compromised and how much data was lost. Although Norton is not entirely responsible for this attack, the company could offer its users a number of preventive measures that minimize the chances of malicious data exploitation.

Perhaps the best method to counter 0-day vulnerabilities is to use a zero-trust security solution (Zero Trust). Of course, such solutions also have their drawbacks, such as high resource consumption and high access delays, but their efficiency is very high. If properly configured, they will not allow any program to perform an action without careful verification, and this could well stop Clop hackers from exploiting the MOVEit vulnerability.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular