Darkode Forum Taken Down by FBI

On July 17th, 2015, posted in: Hackers, Success Stories by konweb

Darkode Cybercriminal Forum Dropped by Knockout Punch of FBI

In one of the most massive blows to the cybercrime community to date the FBI’s “Operation Shrouded Horizon” coordinated law enforcement agencies in 20 countries around the globe to nab dozens of criminals.

Image Source: FBI.Gov

According to the FBI website:

“What’s the significance of this case, believed to be the largest-ever coordinated law enforcement effort directed at an online cyber criminal forum? In addition to shutting down a major resource for cyber criminals, law enforcement infiltrated a closed criminal forum—no easy task—to obtain the intelligence and evidence needed to identity and prosecute these criminals. And this action paid off with a treasure trove of information that ultimately led to the dismantlement of the forum and law enforcement actions against dozens of its worst criminal members around the world.”

Darkode has a long history and has undergone several leadership changes over its 8 year life. Evolving from a pet project started by the infamous Slovenian hacker “Iserdo” (Matiaz Skorjanc), Darkode became a forum where cyber criminals from around the world could commune, buy, sell and trade botnets, stolen personal credentials, credit cards, hacked server credentials and a plethora of other cybercrime related data and information that helped facilitate cybercrimes across the 4 corners of the globe.

Now that Shrouded Horizon has charged 70 people across 20 countries one can only speculate what the next step will be for the surviving members of the Darkode community but if one were a betting man (or woman!) you might do well to bet on the group going underground to a new home somewhere on the Dark Web.

While we don’t carry badges or grab headlines like the FBI, our dedicated group of security engineers help keep organizations like yours safe from hackers and cybercriminals 24X7. Give us a call and let’s see how we can help you sleep better at night knowing that your data and network are secure.

 

read more

In what is becoming a seemingly common theme, FireEye and their consulting arm Mandiant (acquired in 2014) are at the center of uncovering another high profile data breach. This time the victim is CareFirst BlueCross Blue Shield.

Earlier this year the dynamic duo of FireEye and Mandiant were brought in to assess the internal IT systems at CareFirst. On April 21st, as reported by securityaffairs.co they had “discovered evidence of unauthorized accesses to the database on June 19, 2014.”

Fortunately for CareFirst no evidence of additional attacks against the CareFirst systems was found.

FireEye the “Go To” Company for Breaches

As reported by USA Today, FireEye (FEYE) has been the “SWAT” team brought in to investigate high-profile attacks against Target, JP Morgan Chase, Sony Pictures, Anthem and others over the past two years. “Often times they ask us to be side-by-side with them when they announce their breach,” said FireEye CEO David DeWalt.

For those of you who don’t follow the players in the security industry as closely as we do, Mr. DeWalt was the CEO of McAfee when in 2010 he orchestrated its sale to Intel for just under $8 Billion.

It would appear as though FireEye has gained the confidence of some of the largest and most high profile organizations in the world and we certainly believe that confidence is warranted. At Konsultek we have been weaving FireEye’s next generation of threat prevention into our custom solutions for over two years.

FireEye’s unique “sandbox” approach to threat prevention allows potential threats to be identified and addressed in the safety of a quarantined evaluation space so that your systems are never at risk.

FireEye’s approach to threat detection and prevention offers several advantages:

  • Cloud based – potential threats are “detonated” in controlled virtual environments outside your network.
  • Machine learning – as more threats are detected and dealt with the FireEye engine learns, applying collective intelligence to protect your system.
  • Real time – since FireEye is cloud based “updates” happen in real time so your protective shield is always up to date.
  • Centralized Management System – consolidates and simplifies all facets of FireEye’s protection into one simple to use interface.

Ready to learn more about how FireEye and Konsultek can help secure your network and data? Please, just give us a call at (847)426-9355, we’re always available to listen!

read more

Konsultek’s Mastery of ForeScout CounterACT Critical to Success

Recently we had the opportunity to work with a school district in North Logan, Utah. The Cache County School District was looking for a solution that was easy to implement and Konsultek’s expertise was critical to making that a reality.

Cache County School District Secures Network with ForeScout CounterACT

“We’re really pleased with how easily everything fell into place. We brought in expertise from system integrator Konsultek, and it made all the difference in the world. The training helped us get everything installed and set up advanced functions within a single week.”

–  Alan Gibbons, Technology Director, Cache County School District

Challenge:
  • Cache County School District is located in North Logan Utah. The district has over 1,000 teachers and serves approximately 16,000 students in grades K-12. The network provides wired and wireless access for a variety of devices, including classroom computers, laptops, smart phones and tablets.
  • Prevent unauthorized network access, which could jeopardize CIPA compliance.
  • Reduce the risk of virus attacks coming from student, faculty, or guest computers.
  • Find an easy-to-manage, easy-to-install network access control solution.
Solution:—
  • The Cache County School District evaluated several different NAC products, including products from Cisco, McAfee, Bradford Networks, Enterasys and several open-source solutions. They selected ForeScout CounterACT because it was the easiest to implement. Specifically, ForeScout CounterACT did not require agents, it installed out-of-band, and it integrated with Cache County’s existing infrastructure without disrupting the network. Other positive considerations were the facts that ForeScout CounterACT was vendor-independent and easy to use and manage.

Read more here

View the Complete Cache County School District Case Study

read more