News & Blog

We guard the Slovak internet, even if no one is watching

We guard the Slovak internet, even if no one is watching

Dozens of Slovak companies. Dozens of opportunities for hackers to enter the systems unnoticed. Countless possible cases of loss of control, data leaks, sabotage or blackmail. However, a chance to react in time and strengthen their defenses was given to all potential victims.

“We alerted companies and government agencies about a possible vulnerability several hours before the public exploit was released” said Ján Andraško, SOC Operations Manager at Binary Confidence, on a recent case of serious cyber security threats. “This gave companies affected by the vulnerability sufficient time to take an action.”

Free way to the network

Binary Confidence experts continuously monitor the dark side of the Internet. Even so, they immediately noticed a new threat to Citrix ADC and Gateway network devices, known as CVE-2019-19781. Devices contained a critical vulnerability that allowed unauthenticated attacker to gain control without knowing any credentials.

“An attacker could read and edit a configuration, change passwords, establish a remote connection, and run any commands on the device,” says Binary Confidence. “Because this type of device is often linked to Active Directory user account management software and domain logins and passwords are used to log in to VPN, an attacker has an open way to retrieve them. They can then log on to other computers and servers in the victim’s network” says Andraško. In addition, there was no patch for vulnerability for almost two weeks, just a complicated guide to mitigate its consequences.

Slovak companies at risk

The possibility of attack involved more than 125,000 devices in 80,000 companies worldwide. Slovakia was not safe too.

“We at Binary Confidence are constantly monitoring information about new vulnerabilities. As soon as there are some remotely exploitable, we use publicly available sources and tools to determine if vulnerable devices are also present in Slovakia and whether their administrators have taken any action. If not, we try to contact them and draw attention to a possible problem, ”says J. Andraško. National Cyber Security Centre SK-CERT, with which Binary Confidence has been working for a long time, is also immediately notified about the potential threat.

“In our work, we discover many of the cyber attacks among first. This is one of the reasons why we consider as our duty to notify Slovak authorities and companies regardless they are our clients or not. Consequently, we can also advise them on how to deal with threats, ”says Andraško. “We are guarding the Slovak internet even when no one is watching,” he adds.

Binary Confidence is not an IT company, Binary Confidence is a security company that looks after its clients’ 24 hours a day, 7 days a week. If it detects an attempted penetration, it immediately begins defending.

Subscribefor more usefull articles


I agree and consent to and want to receive useful articles (Newsletter) by email from company Binary Confidence that contain useful articles and information from IT Security industry or about security projects or achievements of this company. Company Binary Confidence will not share my personal data with any third party for marketing or other purposes. other recipients, except company MailChimp that provides platform for sending our useful articles (Newsletters). I can withdraw my consent at any time on info@binconf.com or on +421 232199980 or by opt out link in each Newsletter email. I have read and understood the Privacy Policy and I agree how my personal data are processed and what my rights are in respect of processing my personal information for purpose of subscription for useful articles (Newsletter). I declare that I am over 16 years old.

Contact

Address

Binary Confidence s.r.o.
Špitálska 53,
811 01 Bratislava
Slovak republic

E-mail

info@binconf.com
support@binconf.com

Telephone

+421 2 321 999 80

I agree with Privacy and Data Protection Policy
By clicking [I agree] you consent to processing your personal data by company Binary Confidence s.r.o. and you accept Privacy and Data Protection Policy.