CloudSEK Pins Blames for Hack on Other Cybersecurity Firm –

Endpoint Security , Identity & Access Management , Incident & Breach Response
An Indian cybersecurity firm accused another cybersecurity outfit of using a compromised collaboration platform credential to obtain access to its internal training site.
See Also: Live Webinar Today | How To Meet Your Zero Trust Goals Through Advanced Endpoint Strategies
Rahul Sasi, the CEO of Bengaluru-based CloudSEK, did not identify the alleged perpetrator other than to characterize it as a “notorious Cyber Security company that is into Dark web monitoring.”
CloudSEK, which says it uses artificial intelligence to predict cyberthreats, late Tuesday night posted an update to an ongoing cybersecurity incident by stating that someone obtained an employee’s login credentials for the company’s Atlassian Jira issue-tracking platform and used them to access the company’s Atlassian Confluence server.
The attacker took “some internal details like screenshots, bug reports, names of customers and schema Diagrams,” but “no database or server access was compromised,” Sasi wrote.
An update from Sasi posted approximately two hours later said attack indicators led back to the unidentified dark web monitoring company.
Sasi also wrote that a hacker going by the moniker “sedut” joined a number of cybercrime forums and contested the hacker’s assertions to have accessed the company VPN as well as its main database and its Twitter account. A hacker did have access to its Jira instance and did obtain some customer purchase orders, CloudSek acknowledges.
The hacker did not obtain access to the company’s main Twitter account but did compromise an account used to perform takedowns, the company says. Purported screenshots and video of the database posted online by “sedut” were really taken from training webpages hosted on Atlassian platforms, it adds. The company says the hacker did not obtain VPN credentials but did gain access to its VPN IP addresses.
As for how the employee’s Jira credential was compromised in the first place, the company says it sent a malfunctioning employee laptop to a third-party vendor and when the laptop was returned, it was loaded with the Vidar Stealer. CloudSEK says its attacker purchased the employee’s session cookies the same day the info stealer operator uploaded them to a criminal marketplace.
A criminal forum contains a post from a “sedut” that offers to sell purported CloudSek data – $10,000 for the database, $8,000 for the code base and $8,000 for employee and engineering product documentation. CloudSEK says it has found “no suspicious activity” in its code repositories.
“Not state sponsored (please hire me, lol). Here only to make money. All about that money, baby,” wrote “sedut” in the post.
Consultant Editor, ISMG
Asokan is a consultant editor for Information Security Media Group’s global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.

Covering topics in risk management, compliance, fraud, and information security.
By submitting this form you agree to our Privacy & GDPR Statement

Endpoint Security
Cyberwarfare / Nation-State Attacks
Big Data Security Analytics
Fraud Management & Cybercrime
Encryption & Key Management
KPMG – Montvale, NJ
Pfizer – Tampa, FL
DraftKings – Ontario, CA
Continue »
90 minutes · Premium OnDemand 
From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations’ risk management capabilities. But no one is showing them how – until now.
Learn the fundamentals of developing a risk management program from the man who wrote the book on the topic: Ron Ross, computer scientist for the National Institute of Standards and Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37 – the bible of risk assessment and management – will share his unique insights on how to:
Sr. Computer Scientist & Information Security Researcher, National Institute of Standards and Technology (NIST)
Was added to your briefcase
CloudSEK Pins Blame for Hack on Other Cybersecurity Firm
CloudSEK Pins Blame for Hack on Other Cybersecurity Firm
Sign in now
Need help registering?
Contact support
Complete your profile and stay up to date
Contact Support
Create an ISMG account now
Create an ISMG account now
Need help registering?
Contact support
Sign in now
Need help registering?
Contact support
Sign in now
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top

Adblock Detected

Please consider supporting us by disabling your ad blocker

Refresh Page