Go back

03 November 2021 Kurt Haller

3rd party applications taking information for nearly 2 years undetected

According to Bleeping Computer, "In 2019 the UpGuard Cyber Risk team found more than 540 million records of Facebook users were exposed by publicly accessible Amazon S3 buckets used by two third-party apps to store user data."

This information included plain text application passwords, account names, user IDs, interests, and relationship status...in 2017, the research found that 7 percent of all Amazon S3 buckets were exposed and 35 percent were unencrypted. In many circumstances organisations don't even know what information is being accessed from 3rd parties, this could be from a past PoC or a breach in a 3rd party provider.

It is of utmost importance that organisations adopt technologies that provide visibility into their own infrastructure so that they are able to do the following: (1) maintain regulatory compliance, (2) understand what 3rd party suppliers are approved, (3) understand where there are vulnerabilities, and most importantly, (4) sleep better at night 😴

#BeCompliantGetTheMeasure #VenariSecurity #compliance #regulatorycompliance #GDPR #MIFID #PCI #ETA #HIPAA #encryptedtrafficanalysis #encryptedtraffic #networksecurity #NTA #networktrafficanalysis #NTA #cybersecurity #enterprisesecurity #encryption #AI

Get the Measure

View more

You Don’t Know What You Don’t Know

Today’s controls on your enterprise network are no longer fit for purpose. Cybercriminals now use encryption as their primary method of communication.

Defend your business effectively, know what is on your network.

See it in Action