The sharp increase in funding and mergers-and-acquisition (M&A) activity in the cybersecurity industry over the last year has brought into focus the challenges that organizations can run into when their vendor is acquired by or merges with another company. Specialized, pure-play security companies are being bought by bigger and more generalized technology vendors or by private firms seeking to cash in on the cybersecurity boom.
Data that S&P Global Market Intelligence compiled last November showed there were 151 M&A cybersecurity deals in the first three quarters of 2021 alone compared to 94 over the same period in 2020, 88 in 2019, and 80 in 2018. Many companies secured massive venture capital (VC) investments from private equity firms. Some were acquired outright by these firms. VC firms poured nearly $22 billion into cybersecurity firms last year, which was a record.
Anyone who follows cybersecurity is aware of the steady drumbeat of data breaches and attacks. So, an attack needs to really stand out to earn the name “disaster.”
We’ve assembled eight truly disastrous IT security failures over the past decade, with the goal of finding not just clever hacks, but real mistakes on the part of the victims. Hopefully you’ll come away with some ideas on how not to suffer a disaster of your own.
Hieu Minh Ngo proved that you don’t need a lot of technical know-how to breach the security of an important data broker and get access to a lot of people’s private information. Sometimes all it takes is some brazen misrepresentation and social engineering skills. While still in his early 20s, Ngo convinced Court Ventures, a data broker later purchased by Experian, that he was a private investigator in Singapore. He then purchased personally identifying information (PII) from Court Ventures as part of his “work.”
————————————————————————–
C a l l F o r P a p e r s
27th European Symposium on Research in Computer Security (ESORICS) 2022
26-30 September 2022, Copenhagen, Denmark
URL: https://esorics2022.compute.dtu.dk/#
————————————————————————–
Threat: BuilderRevengeRAT – (Revenge-RAT v0.3)
Vulnerability: XML External Entity Injection
Description: The malware listens on TCP port 333. There is a Config.xml
file used by the RAT builder to specify port, notification, webcam etc. The
XML parser used…
Threat: BuilderTorCTPHPRAT.b
Vulnerability: Insecure Credential Storage
Description: The default password for the TorCT client malwares web-panel
is “ww” and is stored in cleartext within the “password.php” file.
Family: TorCTPHPRAT…
Threat: BuilderPandoraRat.b – (Pandora Rat 2.2 [Beta].exe)
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP port 6622. Credentials are stored
in plaintext in Settings.ini file and default password is blank.
Family:…
Threat: BuilderOrcus (Orcus.Administration-cracked.exe)
Vulnerability: Insecure Credential Storage
Description: The malware stores its password in plaintext in a
settings.json file.
Family: BuilderOrcus
Type: PE32
MD5: cc3670f1b3e60e00b43c86d787563a44…
