AWS-Cloud-Security-Consulting.jpg

CYBER SECURITY CONSULTING SERVICE AWARDS AND RECOGNITIONS

CyberSecOp's comprehensive managed security services, cyber security consulting, professional services, and data protection technology are recognized as industry-leading threat detection and response solutions by major analyst firms, key media outlets, and others.

CyberSecOp Cybersecurity & Breach News CyberSecOp Cybersecurity & Breach News

New Remote Attack on Workforce Asks For Consent

A newer type of attack that is gaining momentum on the WFH revolution is Consent Phishing, which seeks the user’s permission as opposed to password.

With today’s widespread use of cloud applications like Webex, Zoom, and Box for increased productivity, the average person has no doubt ran across an application that asks for consent. Attackers have leveraged this familiarity to create malicious applications that request permission for access to sensitive data. Once the user has granted the application access it’s Game Over.

How it works

While each attack method varies, it usually comes down to the following steps:

  1. Threat actor registers a malicious app with an OAuth 2.0 provider, such as Azure Active Directory, AWS, or Google Cloud

  2. The app is configured in an inconspicuous way that makes it seem legitimate

  3. The threat actor gets a link to pop up for the user which may be done through conventional email-based phishing, by compromising a non-malicious website

  4. The victim clicks the link and is shown the familiar-looking consent prompt asking them to allow the application permission to sensitive data

  5. Once the user clicks accept, they have granted the application permissions to access sensitive data

  6. The malicious application receives an authorization code, which it then redeems for an access token, and potentially a refresh token

  7. The access token is used to make API calls on behalf of the user

How to protect against this type of attack

  • Advanced endpoint protection

  • User awareness, if the application consent prompt contains misspelling or grammar errors, those are telltale signs that it may be malicious

  • Configure your organization to only allow applications that are published and verified

  • Configure policies to whitelist only certain apps for use

Author: Carlos Neto

 

Read More
Remote Work Space CyberSecOp Cybersecurity & Breach News Remote Work Space CyberSecOp Cybersecurity & Breach News

Employees Work From Home [COVID-19]

With the recent developments in COVID-19, many organizations are transitioning to a work-from-home model, but with no fool-proof way of tracking employees' work, they may experience a loss in productivity. Additional concerns related to data movement have put privacy and security at risk since most home users' networks are not secure. That's what CyberSecOp specializes in - employee tracking in distributed environments. 

  • User Activity Monitoring to prevent insider threats

  • User Behavioral Analytics monitors productivity and use results for process optimization with the ultimate goal to increase productivity and reduce or eliminate insider threats

  • CyberSecOp's DLP is effective in protecting against data breaches, data leaks, and IP theft

 
You can have an effective remote workforce and still be in control with the ability to see user activity, live screen monitoring to automated alerts/scheduling, and more. See CyberSecOp.com for a trial.
CyberSecOp caters to small businesses, enterprises, government organizations, and everything in between. We provide cloud and on-premise deployments available at your request.

Read More