Search This Blog

Showing posts with label Breach. Show all posts

Imperva Firewall Breached: Users API keys, SSL Certificates Exposed



Imperva, a leading security vendor, disclosed a security breach which exposed API keys, SSL certificates, scrambled passwords and email addresses for a subset of its customers using the Cloud Web Application Firewall (WAF) product.

Previously known as, Incapsula, the Cloud WAF examines the incoming requests into applications and obstructs any kind of malicious activity.

The breach was made known to the California based firm by a third party on August 20 and the details of the disclosure are yet to be made public.

In conversation with the Threatpost, Chris Morales, Head of Security Analytics at Vectra, said, “Losing SSL certificates and API access to an enterprise network is concerning. Secure web gateways, firewalls, intrusion detection, and prevention systems, and data loss prevention (DLP) products all perform some form of SSL intercept and decryption to perform DPI,”

“While we often point to lack of maturity of security operations or misconfiguration of cloud systems as to why a company would miss an attack, it is even more unfortunate when a security vendor who builds a cloud security product is compromised that should have the skills and capabilities to detect and respond to cyberattacks,” He further told.

Referencing from the writings of CEO, Chris Hylen, “We want to be very clear that this data exposure is limited to our Cloud WAF product… Elements of our Incapsula customer database through September 15, 2017, were exposed. These included: email addresses; hashed and salted passwords. And for a subset of the Incapsula customers through September 15, 2017: API keys and customer-provided SSL certificates.”

Assuring the users, he told, “We continue to investigate this incident around the clock and have stood up a global, cross-functional team.”

As a remedial measure, Imperva brought into force password resets and 90-day password expiration for the product which notably is a key component of the company's leading application security solution.








Major Breach of Biometric Systems Exposes Information of More Than 1 Million People



In a vulnerability found by Israeli security researchers there occurred a rather major breach of biometric systems that left data of more than 1 million individuals 'exposed' in an openly accessible database.

The frameworks influenced were said to have been utilized by the UK Metropolitan police, defence contractors, and banks, for fingerprint and facial recognition purposes.
It all started when the researchers found that the biometric data on 'Suprema's web-Biostar 2 platform' that controls access to secure facilities, was unprotected and 'mostly unencrypted.'

The affected database included 27.8 million records, totalling 23 gigabytes of data. A small and simple manipulation of the URL search criteria enabled access to the data as well as allowed room for some changes.

Purportedly, the researchers have now been searching for familiar IP blocks to further use these in order to discover holes in company’s frameworks that could conceivably prompt data breaches.
We were able to find plain-text passwords of administrator accounts. The access allows first of all seeing millions of users are using this system to access different locations and see in real time which user enters which facility or which room in each facility, even. We [were] able to change data and add new users,” – Rotem and Locar, the security researchers.

Despite the fact that the vulnerability has been fixed, be that as it may, it is still in the news as the size of the breach was disturbing because the affected service is currently in use in approximately 1.5 million areas over the world.