Tag: dropbox

Explained: How MOVEit Breach Shows Hackers’ Interest in File Transfer Tools

Ransom-seeking hackers have increasingly turned a greedy eye toward the world of managed file transfer (MFT) software, plundering the sensitive data being exchanged between organizations and their partners in a bid to win big payouts.

Governments and companies globally are scrambling to deal with the consequences of a mass compromise made public on Thursday that was tied to Progress Software’s MOVEit Transfer product. In 2021 Accellion’s File Transfer Appliance was exploited by hackers and earlier this year Fortra’s GoAnywhere MFT was compromised to steal data from more than 100 companies.

So what is MFT software? And why are hackers so keen to subvert it?

Corporate dropboxes

FTA, GoAnywhere MFT, and MOVEit Transfer are corporate versions of file sharing programs consumers use all the time, like Dropbox or WeTransfer. MFT software often promises the ability to automate the movement of data, transfer documents at scale and provide fine-grained control over who can access what.

Consumer programs might be fine for exchanging files between people but MFT software is what you want to exchange data between systems, said James Lewis, the managing director of UK-based Pro2col, which consults on such systems.

“Dropbox and WeTransfer don’t provide the workflow automation that MFT software can,” he said.

MFT programs can be tempting targets

Running an extortion operation against a well-defended corporation is reasonably difficult, said Recorded Future analyst Allan Liska. Hackers need to establish a foothold, navigate through their victim’s network and exfiltrate data — all while remaining undetected.

By contrast, subverting an MFT program — which typically faces the open internet — was something more akin to knocking over a convenience store, he said.

“If you can get to one of these file transfer points, all the data is right there. Wham. Bam. You go in. You get out.”

Hacker tactics are shifting

Scooping up data that way is becoming an increasingly important part of the way hackers operate.

Typical digital extortionists still encrypt a company’s network and demands payment to unscramble it. They might also threaten to leak the data in an effort to increase the pressure. But some are now dropping the finicky business of encrypting the data in the first place.

Increasingly, “a lot of ransomware groups want to move away from encrypt-and-extort to just extort,” Liska said.

Joe Slowik, a manager with the cybersecurity company Huntress, said the switch to pure extortion was “a potentially smart move.”

“It avoids the disruptive element of these incidents that attract law enforcement attention,” he said.

© Thomson Reuters 2023
 

Apple unveiled its first mixed reality headset, the Apple Vision Pro, at its annual developer conference, along with new Mac models and upcoming software updates. We discuss all the most important announcements made by the company at WWDC 2023 on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated – see our ethics statement for details.

Check out our Latest News and Follow us at Facebook

Original Source

WeTransfer Is Down, Downloads Are Crashing; Company Investigating Issues With Service

WeTransfer, a popular service that allows users to transfer large files and is used by a large number of Internet users across the globe, is down. The Amsterdam, Netherlands-based company has also confirmed that it is currently experiencing failures on downloads, uploads and other services. However, it is not confirmed whether the issue is limited to India or affects users in other regions. A few members of the Gadgets 360 team provided details of the issue when working with the platform.

Various team members at Gadgets 360 reported that the WeTransfer service was unavailable on their networks. On checking the company’s incident status page, we found that the service was experiencing failures on downloads, uploads and other services. The issue is still not fixed and the company has announced that it is investigating this issue, via the status page.

We were unable to download a file shared with us, despite multiple download attempts. One team member said that it reached 99 percent on one attempt before it started again. After multiple retries, the download eventually failed. For some, the download began, but restarted after 4-5 seconds, despite multiple attempts.

There is no information on when we can expect the service to be operational again. WeTransfer is offered in two versions. The free version allows users to upload files of up to 2GB in size, while the Pro version enables transfer of up to 200GB of files or folders and offers 1TB of storage space, and the service lets users decide when transfers expire.

If you are among those who are experiencing this problem, you can use other file transfer services such as Google Drive, Dropbox, among other consumer cloud services, until the issue is resolved.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Samsung May Be Working on Dual Under Display Camera System for Improved Facial Recognition, Patent Suggests



Check out our Latest News and Follow us at Facebook

Original Source

Government Orders Employees Not to Use Google Drive, Dropbox, VPNs

A new government order restrict employees from using third-party, non-government cloud platforms including Google Drive and Dropbox as well as virtual private network (VPN) services including NordVPN and ExpressVPN. The order passed by the National Informatics Centre (NIC) has been circulated to all ministries and departments and all government employees are required to comply with the directive, Gadgets 360 has learnt. The new move by the government comes just weeks after directing VPN service providers and data centre companies to store their user data for up to five years.

Citing an increased number of cyberattacks and threat perception to the government, the 10-page document seen by Gadgets 360 ordered employees to “not upload or save any internal, restricted, confidential government data or files on any non-government cloud service (ex: Google Drive, Dropbox, etc.).” The document is titled “Cyber Security Guidelines for Government Employees.”

In addition to restricting employees from using the popular cloud services, the government instructed employees through its directive to not use any third-party anonymisation services and VPNs, including NordVPN, ExpressVPN, Tor, and proxies. Additionally, it directed the workforce to refrain from using “unauthorised remote administration tools” such as TeamViewer, AnyDesk, and Ammyy Admin, among others.

Government employees are also directed to not use any “external email services for official communication” and conduct “sensitive internal meetings and discussions” using “unauthorised third-party video conferencing or collaboration tools.”

The government additionally ordered employees to not “use any external websites or cloud-based services for converting/ compressing a government document”. It also directed the workforce to not use “any external mobile app-based scanner services” including CamScanner for “scanning internal government documents.

Notably, the government banned CamScanner in 2020 as a part of its initial move to restrict China-based apps in the country. Some government officials were, however, still being seen using the app for scanning physical copies of their official documents.

Alongside restricting the usage of certain apps, the government’s order also directed employees to not ‘jailbreak’ or ‘root’ their mobile phones.

The directive also ordered employees to take measures including the use of complex passwords as well as updating passwords once in 45 days and updating operating system and BIOS firmware with the latest updates and security patches.

“All government employees, including temporary, contractual/ outsourced resources are required to strictly adhere to the guidelines mentioned in this document,” the order said. “Any non-compliance may be acted upon by the respective CISOs/ department heads.”

The order was released on June 10 after a couple of revisions in the original draft made by the NIC. It included inputs from India’s Computer Emergency Response Team (CERT-In) and was approved by the Ministry of Electronics and Information Technology (MeitY) secretary.

Gadgets 360 has reached out to Google, Dropbox, and other entities to get their comments on the government’s directive. This article will be updated when the companies in question respond.

In late April, the CERT-In issued a directive to make its mandatory for VPN service providers, data centres, virtual private server (VPS) providers, and cloud service providers to keep user data for five years or even longer. The order will come into force from June 28.

As a result of that order, VPN service providers including NordVPN, ExpressVPN, and Surfshark have decided to remove their physical servers in the country as they follow no-log policies and are not technically capable of storing logs. The major VPN entities as well as some digital rights groups have also raised privacy concerns for users in storing their data.

Tech companies including Facebook and Google also warned that the rules made by CERT-In could create a frightening environment.

Check out our Latest News and Follow us at Facebook

Original Source

Exit mobile version