Search This Blog

Showing posts with label Firewall. Show all posts

The Cowlitz County PUD fall prey to a cyber attack in the United States


According to a recent inquiry conducted by the Wall Street Journal last week, the Cowlitz County PUD is amid more than 12 businesses that fell prey to a fresh cyber attack in the United States. Alice Dietz, spokesperson, Cowlitz County PUD, on Wednesday, authenticated that the company's firewall prevented the only corrupt e-mail that attackers transmitted. "We have pride in our Cybersecurity staff. We remain to achieve effective cyber safety standards. This is a classic instance of how serious Cowlitz County PUD is for its security," said Dietz in a statement.


No customer complaints regarding the attacks have appeared yet. The attackers that are still unidentified tried to download viruses on business networks across America using fraud e-mails. When the receivers open these phishing emails, the malware gets entry into the user's computer. The virus that was sent to businesses is called "Lookback." This malware lets attackers seize charge of target’s networks and take data. Very rare users at each business were attacked. The hackers checked the utility firms before launching the attack.

"We are unaware of the employee that was targeted nor do we know the contents of the emails," says Dietz. "Experts recognized a couple of times in July and August when attackers had sent phishing e-mails," reports the Washington Journal. Dietz further continues that their company only got a mail in August. The malicious email was blocked by the company's firewall protection. "Our staff was not aware of the "Lookback," it only surfaced when the FBI looked into the issue. However, the FBI research didn't find any malicious emails in the company's data system," Cowlitz County PUD GM Gary Huhta told the Washington Journal.

"The hackers forgot classifying data on victims shortly revealed on in a Hong Kong server," cyber-security experts described to the Washington Journal. "The company's safety mode itself obstructs e-mails from abroad," Dietz reported to The Daily News Businesses across the United States were attacked. "Another Washington business that was attacked was Klickitat County PUD, says the Washington Journal." The cyberattack was initially discovered by experts at Proofpoint, a Silicon Valley cyber safety firm.

Imperva Firewall Breached: Users API keys, SSL Certificates Exposed



Imperva, a leading security vendor, disclosed a security breach which exposed API keys, SSL certificates, scrambled passwords and email addresses for a subset of its customers using the Cloud Web Application Firewall (WAF) product.

Previously known as, Incapsula, the Cloud WAF examines the incoming requests into applications and obstructs any kind of malicious activity.

The breach was made known to the California based firm by a third party on August 20 and the details of the disclosure are yet to be made public.

In conversation with the Threatpost, Chris Morales, Head of Security Analytics at Vectra, said, “Losing SSL certificates and API access to an enterprise network is concerning. Secure web gateways, firewalls, intrusion detection, and prevention systems, and data loss prevention (DLP) products all perform some form of SSL intercept and decryption to perform DPI,”

“While we often point to lack of maturity of security operations or misconfiguration of cloud systems as to why a company would miss an attack, it is even more unfortunate when a security vendor who builds a cloud security product is compromised that should have the skills and capabilities to detect and respond to cyberattacks,” He further told.

Referencing from the writings of CEO, Chris Hylen, “We want to be very clear that this data exposure is limited to our Cloud WAF product… Elements of our Incapsula customer database through September 15, 2017, were exposed. These included: email addresses; hashed and salted passwords. And for a subset of the Incapsula customers through September 15, 2017: API keys and customer-provided SSL certificates.”

Assuring the users, he told, “We continue to investigate this incident around the clock and have stood up a global, cross-functional team.”

As a remedial measure, Imperva brought into force password resets and 90-day password expiration for the product which notably is a key component of the company's leading application security solution.