Details On The Largest B2B Leak: BlueBleed

Forums Security News (Security) Details On The Largest B2B Leak: BlueBleed

Tagged: 

  • This topic is empty.
Viewing 0 reply threads
  • Author
    Posts
    • #66645
      Telegram SmartBoT
      Moderator
      • Topic 5954
      • Replies 0
      • posts 5954
        @tgsmartbot

        #News(Security) [ via IoTGroup ]


        SOC has been tireless in expanding its proactive defense capabilities including a recently developed built-in Cloud Security Module (CSM) that monitors public cloud buckets to detect data leaks.SOCRadar’s CSM has so far detected six large cloud buckets that consist of sensitive data belonging to 150 000 companies in 123 countries.

        SOCRadar platform automatically sent alarms to its affected users whose data was exposed due to misconfigured cloud buckets.While examining a critical level alarm generated by SOCRadar’s cloud security module for more than one of our customers we detected multiple misconfigured buckets with data belonging to tens of thousands of companies.Due to the size and potential impacts of these public buckets collectively dubbed BlueBleed SOCRadar researchers analyzed them to determine potential threats to SOCRadar users.

        The largest one of those misconfigured buckets that the SOCRadar platform has detected contains 2.4TB of data that belongs to 65 000 entities in 111 countries.As a result of the meeting with the Microsoft Security Response Center (MSRC) SOCRadar paused sending alarms after the Microsoft team asked for some time to analyze the data.SOCRadar has intended to proceed in coordination with Microsoft in every step of the process and had meetings with several members of MSRC and discussed a wide range of issues from the date of publication of the blogs from both sides to how to define the entities potentially affected by the data leak.One of the main differences between the negotiating parties is the BlueBleed search engine that SOCRadar created for those who are curious if their data was exposed in the bucket.After the search with the domain name on our publicly accessible BlueBleed website visitors can only get information about whether data related to the organization whose domain name is entered exists in the previous public cloud buckets SOCRadar CSM detected.

        SOCRadar encourages users to get in contact with the Microsoft


        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.03976805238 Build 04 April 2020

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.