Over the past few weeks, it has come to our attention via prospective customer and partner network about fake claims spread by competitors and/or unidentified sources regarding Intellectual Property Rights (IPR) issues against Sectona. Please note this is a hoax and there is absolutely no truth to it. Misleading allegations like these from leading players in the kind of mature industry segment that we operate in is deplorable. Unambiguously setting our stand here, we would like to assure customers evaluating our products and partners working with us that there are no IPR issues ever recorded against us in any country. We are committed to building a long-lasting and innovation centered company driven to securing enterprises against advanced attacks with our next-generation privileged access approach. Such propagandized tactics only further reinforces our belief in building a dignified and value-driven security company. Over the past two years, Sectona has achieved unprecedented growth and customer adoption across multiple geographies becoming a fast-growing product company. Enterprises are witnessing a transformation wave in security adoption and our innovation-driven approach is creating a new product experience that is being widely appreciated and embraced. Despite these rumors, we are thankful to all our customers and partners for standing by us and for showing faith in Sectona as well as fostering our ethical journey focused on customer success. Before signing off, I would like to sincerely thank the rumor-spreading sources for the publicity, we do appreciate the attention. :-)
The Emotet banking Trojan works to steal vital and highly sensitive customer information by targeting banks and financial databases. Later versions are known to be introduced with spamming and malware delivery capabilities including other banking Trojans. Emotet has therefore been labeled as one of the most expensive and destructive malwares that can affect local and national governments in addition to private organizations. The malware has cost governments up to 1 million dollars per incident to combat its infectious after-effects. The Emotet Trojan uses email spamming to spread and establish itself. Emotet works by downloading or dropping other banking Trojans; it can easily pass undetected through signature-based detection systems as well as various security layers, thanks to its polymorphic nature. It utilizes modular Dynamic Link Libraries (DLLs) to update its capabilities, making it destructive and difficult to detect. It also is aware if it's running in Virtual machines and will become dormant to avoid detection within sandbox environments. It proliferates through many ways such as auto-start registry keys and services. The attack spreads through malspam. Emotet will hijack your mail contact and distribute itself to those on your contact list via mail. Once the receiver downloads the infected files, the Emotet will spread. In networks that are connected, Emotet will spread by making use of common passwords saved by search engines such as Internet Explorer, Mozilla Firefox. Researchers find that Emotet uses the EternalBlue exploit to proliferate rapidly across the network. Emotet hits multiple targets, individuals, companies and governments in the US and Europe and steals logins, financial information and crypto wallets. As the current version delivers other banking Trojans, its target audiences seem to have grown wider, infecting organizations across Canada, UK and US. An important Emotet attack was on Allentown city, PA, the cleanup of which required assistance from Microsoft’s incident response team and cost the city more than 1 million dollars. Awareness about how the Trojan spreads is key to its prevention. You can also follow certain best practices to limit the effect of Emotet and other malspams, such as: Keeping computers updated with the latest MS windows patches. Refraining from any suspicious downloads or clicking suspect-looking links. If you stop Emotet at this stage itself, then it has no chance of gaining control over entire systems or networks. Learning and teaching about the importance of a strong password and using multiple factor authentications is extremely necessary. Organizations and banks can protect themselves and customers by having a robust plan and cybersecurity program with multiple layers of protection. Such a system is essential for real-time detection and remedy of Emotet attacks. In cases of an existing infection, you first need to isolate the infected computer if it is connected to a network, then patch and clean it. Then move clean-up the other computers within the compromised network, one at a time. Lastly, even if such a malware attacks your system, you can mitigate the risk of a deeper impact by having a controlled layer of user access privileges & password management in place. Here comes into play, Sectona’s Spectra Privileged Access Management solution which manages the passwords, does the timely rotation and reconciliation as per the pre-defined password policy and controls the access privileges given to users. Also, it enables the use of Multi-Factor Authentication (MFA) while granting access to your IT infrastructure for multiple sets of users.
Dashboard Data is power. Data generated at run-time data is even more powerful as it enables the CISO to make quicker decisions. Keeping that in mind, Sectona now provides a dashboard that gives a running information about all the assets, accounts and users that SpectraPAM manages. This also includes the session activity and the health of the PAM system. The dashboard not only answers essential questions, but also reveals trends that let the PAM administrator gain important insights to analyze faster and make critical decisions. You can quickly find answers to your most pertinent questions: Out of all the accounts that are managed, how many accounts are synced? How many accounts were accessed more than a month ago? How many users log in through Windows Authentication vs. Sectona authentication? How many workflow activities were approved vs. rejected? Host header injection mitigation When a browser sends a request to the web server, the request has a field named 'Host Header' in it which has the requested domain as its value. Many times the physical server which hosts this particular web application also has many other web applications running on it or it may have virtual hosts, some of which may be running web applications inside them. Host header makes it possible for this server to serve different content based on the domain inside this header. If a user specifies an invalid Host Header, most web servers are configured to either return an error message or to pass the unrecognized host header to the first virtual host in the list. Therefore, it’s possible to send requests with unrecognized host headers to the first virtual host. Web cache poisoning and Password reset poisoning are two attacks that happen due to this Host Header injection. SpectraPAM can now mitigate the Host Header injection attack. Manually on-boarding accounts When we run Account discovery, the accounts get on-boarded to PAM by having their passwords reset. For some administrative accounts it is not advisable to reset their passwords. For those cases, Sectona now gives the option to manually onboard the accounts. This gives the flexibility to the PAM administrator by letting the accounts be discovered by SpectraPAM yet the administrator has the option to add the discovered account to the PAM system manually.
Internship is a keyhole for someone starting out to understand and get a first-hand experience of how things work in an organization. An internship gives you the opportunity to learn in a new environment where everyone is willing to help you as you are new to it. Like every year, this year as well Sectona conducted summer internship programs in the Research & Development department. This time around, as part of the internship feedback process, we decided to evaluate the intern experiences. Here is what some of our interns had to say about their experience of working with us - “The experience was wholesome, and I learnt a lot apart from the technical knowledge that I got over the internship period. A few of those were understanding how a firm functioned, role of all the individuals in creating and maintaining a product and working to the strengths of everyone here. I yearn to work for firms like Sectona who offer such privileges to grow and become a better version of themselves to all the individuals.” – Shantanu Das, Manipal Institute of Technology, Manipal. “I worked as a Technical Writing intern with Sectona for 3 months. Working with Sectona was an excellent learning opportunity, especially since I was new to the field of Technical writing. Here, at Sectona I got hands on experience as well as valuable guidance. Personally, I loved the working environment. People here are easy to bond with and are liberal in lending a helping hand” – Sneha Naranje, The English and Foreign Languages University (EFLU), Hyderabad. “The main reason I wanted to do the internship is to get some technical experience and work on a real time project and this internship has fulfilled that purpose. I have learned about how to research and do analysis on a problem which is the main role of a data analyst. I am sure this experience will be useful for me in the future.” – BVS Revanth, Manipal University, Jaipur. For an intern it is important to learn and gain as much knowledge as possible because that is what gives them experience and it’s their biggest asset. We are happy that our interns were able to get it. It has been our pleasure to have them intern with us. We wish them all the best with their future endeavours.
Turns out Karate and cyber security had more in common than we thought. Principles that are followed in karate stay pretty damn relevant even when it comes to keeping your organization cyber ready. Here are some of the basic principles in karate. Let's see how they correlate so well with good practices as far as cyber security is concerned. Respect your enemy (rei) Breach of access, website defacement, denial of your service etc are just some of the outcomes of not taking cyber security seriously or in other words giving your enemy (cyber risk) the respect it deserves. Respect your enemy by understanding the level of damage it can cause. This should always be the initial step towards any fight. First, know yourself and then your enemy Its important to know where you stand before you start the fight. Know the strengths and weaknesses of your organization. Creating a checklist of things to be taken care of can give you an idea of what needs to be done. Firewall Cyber security policies Enforce safe password practices Regular data back up Anti-malware These are just some items that should be on that checklist. Identifying which out of these is taken care of and which still needs to be done can simplify your path of action forward. Calamity springs from carelessness Careless actions like we all know can lose someone a fight. Karate teaches us that taking care of these actions will keep us from losing. Some trivial easily avoidable mistakes like Clicking on hypertext links Usages of portable storage devices Transacting on unsecured websites Usage of pirated software Can prove to be of grave danger to any organization and can put your security at risk. Karate is like boiling water; without heat, it returns to its tepid state Karate says that its important to always stay on you’re A game. To keep the water boiling calls for practice and constant introspection. Just like this even cyber security practices need constant updates and support. Its also important to conduct drills where situations of cyber attacks can be simulated to teach employees how to respond. Making cyber security practices an essential part of timely employee evaluations can also be a good way to keep the water boiling. Adjust according to your opponents Karate teaches us that its important to be aware of the strengths of your opponent so that we can train ourselves to cope with their strengths. This helps us to adopt new methods, learning new techniques, basically doing what it takes to survive undesirable situations. Similarly, Staying updated about cyber security attacks happening world over and striving to incorporate the solution that will help us overcome such attacks becomes an essential preparation for the war against cyber risk. Be constantly mindful, diligent, and resourceful, in your pursuit of the Way Having an open mind towards new and better ways is very important because doing something over and over again in a similar fashion is only going to give us the same output. Need a different output? Try a better way! In this Volatile, Uncertain, Complex and Ambiguous world its only obvious that we reinvent methods and means to keep what we hold dear safe. Inducing habits of educating all stakeholders on cyber security and rewarding those who come up with innovative ways of staying safe needs to be imbibed into our systems. Karate is a lifelong pursuit Pursuing karate is a process that consumes time and effort. It takes persistence to stay in the process. A secure organization too cannot be looked at an event, it’s a process just like the pursuit of karate. Locate a security partner who will be there by your side in this pursuit. A partner who knows what's going on and what needs to be done. Living on the edge is the key to survival. Because remember that the attacker has to be right only once but the defender must be right every time.