Like many of us, our team is constantly monitoring the evolving situation of Covid-19. While the current situation remains uncertain, we persistently continue to take assertive actions to help ensure that our employees and key partners remain healthy and strong.  Here at Sectona, safety and health of our customers, our employees & those we serve is paramount. I want to assure you that as an organization, we are doing everything we can to take necessary precautions and ensure safety of our employees. With that said, our operations have not been impacted or stopped and you can continue to rely on us for technical support in these times.   Our professional services and support teams are working round the clock and you can reach us anytime by writing to your customer success lead or to [email protected] or through your dedicated support contact. Alternatively, you may already have a support ID created on the Sectona Support Portal, you may raise your concern or query over the same and our support team will connect with you for assistance. We understand that many users might be accessing your IT systems from home. Should you require any assistance that can secure their access further, we are happy to help and advice. We hope for things to return to normal soon, until then, please follow health and safety measures for yourself and your loved ones including personal hygiene, social distancing, work from home options and travel restrictions. Our hearts go out to all affected individuals and families around the world.

Over the past few weeks, it has come to our attention via prospective customer and partner network about fake claims spread by competitors and/or unidentified sources regarding Intellectual Property Rights (IPR) issues against Sectona. Please note this is a hoax and there is absolutely no truth to it. Misleading allegations like these from leading players in the kind of mature industry segment that we operate in is deplorable. Unambiguously setting our stand here, we would like to assure customers evaluating our products and partners working with us that there are no IPR issues ever recorded against us in any country. We are committed to building a long-lasting and innovation centered company driven to securing enterprises against advanced attacks with our next-generation privileged access approach. Such propagandized tactics only further reinforces our belief in building a dignified and value-driven security company. Over the past two years, Sectona has achieved unprecedented growth and customer adoption across multiple geographies becoming a fast-growing product company. Enterprises are witnessing a transformation wave in security adoption and our innovation-driven approach is creating a new product experience that is being widely appreciated and embraced. Despite these rumors, we are thankful to all our customers and partners for standing by us and for showing faith in Sectona as well as fostering our ethical journey focused on customer success. Before signing off, I would like to sincerely thank the rumor-spreading sources for the publicity, we do appreciate the attention. :-)

The Emotet banking Trojan works to steal vital and highly sensitive customer information by targeting banks and financial databases. Later versions are known to be introduced with spamming and malware delivery capabilities including other banking Trojans. Emotet has therefore been labeled as one of the most expensive and destructive malwares that can affect local and national governments in addition to private organizations. The malware has cost governments up to 1 million dollars per incident to combat its infectious after-effects. The Emotet Trojan uses email spamming to spread and establish itself. Emotet works by downloading or dropping other banking Trojans; it can easily pass undetected through signature-based detection systems as well as various security layers, thanks to its polymorphic nature. It utilizes modular Dynamic Link Libraries (DLLs) to update its capabilities, making it destructive and difficult to detect. It also is aware if it's running in Virtual machines and will become dormant to avoid detection within sandbox environments. It proliferates through many ways such as auto-start registry keys and services. The attack spreads through malspam. Emotet will hijack your mail contact and distribute itself to those on your contact list via mail. Once the receiver downloads the infected files, the Emotet will spread. In networks that are connected, Emotet will spread by making use of common passwords saved by search engines such as Internet Explorer, Mozilla Firefox. Researchers find that Emotet uses the EternalBlue exploit to proliferate rapidly across the network. Emotet hits multiple targets, individuals, companies and governments in the US and Europe and steals logins, financial information and crypto wallets. As the current version delivers other banking Trojans, its target audiences seem to have grown wider, infecting organizations across Canada, UK and US. An important Emotet attack was on Allentown city, PA, the cleanup of which required assistance from Microsoft’s incident response team and cost the city more than 1 million dollars. Awareness about how the Trojan spreads is key to its prevention. You can also follow certain best practices to limit the effect of Emotet and other malspams, such as: Keeping computers updated with the latest MS windows patches. Refraining from any suspicious downloads or clicking suspect-looking links. If you stop Emotet at this stage itself, then it has no chance of gaining control over entire systems or networks. Learning and teaching about the importance of a strong password and using multiple factor authentications is extremely necessary. Organizations and banks can protect themselves and customers by having a robust plan and cybersecurity program with multiple layers of protection. Such a system is essential for real-time detection and remedy of Emotet attacks. In cases of an existing infection, you first need to isolate the infected computer if it is connected to a network, then patch and clean it. Then move clean-up the other computers within the compromised network, one at a time. Lastly, even if such a malware attacks your system, you can mitigate the risk of a deeper impact by having a controlled layer of user access privileges & password management in place. Here comes into play, Sectona’s Spectra Privileged Access Management solution which manages the passwords, does the timely rotation and reconciliation as per the pre-defined password policy and controls the access privileges given to users. Also, it enables the use of Multi-Factor Authentication (MFA) while granting access to your IT infrastructure for multiple sets of users.

Dashboard Data is power. Data generated at run-time data is even more powerful as it enables the CISO to make quicker decisions. Keeping that in mind, Sectona now provides a dashboard that gives a running information about all the assets, accounts and users that SpectraPAM manages. This also includes the session activity and the health of the PAM system. The dashboard not only answers essential questions, but also reveals trends that let the PAM administrator gain important insights to analyze faster and make critical decisions. You can quickly find answers to your most pertinent questions: Out of all the accounts that are managed, how many accounts are synced? How many accounts were accessed more than a month ago? How many users log in through Windows Authentication vs. Sectona authentication? How many workflow activities were approved vs. rejected? Host header injection mitigation When a browser sends a request to the web server, the request has a field named 'Host Header' in it which has the requested domain as its value. Many times the physical server which hosts this particular web application also has many other web applications running on it or it may have virtual hosts, some of which may be running web applications inside them. Host header makes it possible for this server to serve different content based on the domain inside this header. If a user specifies an invalid Host Header, most web servers are configured to either return an error message or to pass the unrecognized host header to the first virtual host in the list. Therefore, it’s possible to send requests with unrecognized host headers to the first virtual host. Web cache poisoning and Password reset poisoning are two attacks that happen due to this Host Header injection. SpectraPAM can now mitigate the Host Header injection attack. Manually on-boarding accounts When we run Account discovery, the accounts get on-boarded to PAM by having their passwords reset. For some administrative accounts it is not advisable to reset their passwords. For those cases, Sectona now gives the option to manually onboard the accounts. This gives the flexibility to the PAM administrator by letting the accounts be discovered by SpectraPAM yet the administrator has the option to add the discovered account to the PAM system manually.  

Internship is a keyhole for someone starting out to understand and get a first-hand experience of how things work in an organization. An internship gives you the opportunity to learn in a new environment where everyone is willing to help you as you are new to it. Like every year, this year as well Sectona conducted summer internship programs in the Research & Development department. This time around, as part of the internship feedback process, we decided to evaluate the intern experiences. Here is what some of our interns had to say about their experience of working with us - “The experience was wholesome, and I learnt a lot apart from the technical knowledge that I got over the internship period. A few of those were understanding how a firm functioned, role of all the individuals in creating and maintaining a product and working to the strengths of everyone here. I yearn to work for firms like Sectona who offer such privileges to grow and become a better version of themselves to all the individuals.” – Shantanu Das, Manipal Institute of Technology, Manipal. “I worked as a Technical Writing intern with Sectona for 3 months. Working with Sectona was an excellent learning opportunity, especially since I was new to the field of Technical writing. Here, at Sectona I got hands on experience as well as valuable guidance. Personally, I loved the working environment. People here are easy to bond with and are liberal in lending a helping hand” – Sneha Naranje, The English and Foreign Languages University (EFLU), Hyderabad. “The main reason I wanted to do the internship is to get some technical experience and work on a real time project and this internship has fulfilled that purpose. I have learned about how to research and do analysis on a problem which is the main role of a data analyst. I am sure this experience will be useful for me in the future.” – BVS Revanth, Manipal University, Jaipur. For an intern it is important to learn and gain as much knowledge as possible because that is what gives them experience and it’s their biggest asset. We are happy that our interns were able to get it. It has been our pleasure to have them intern with us. We wish them all the best with their future endeavours.