Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Standard Industries. Show all posts

Credential Leak Detection Device Scrapesy Limits Incident of Data Breaches

 

Red team analysts at Standard Industries, have designed an open-source device to assist organizations to detect incidents of the data leak. A credential leak detection device was demonstrated at Black Hat conference USA, which is held both online and in-person in Las Vegas.

The device, which scrapes both the clear web and dark web for uncovered credentials, is developed for use by workers in, but not restricted to, safety operations, incident response, threat intelligence, and penetration testing roles.

Michael Giordano, a red team analyst at Standard Industries, said that the device scrapes credential leaks – commonly known as ‘combolists’ – and can “ingest and parse them against a list of domains and/or explicit email addresses owned by your organization”. 

“It targets known sources that contain combolists from numerous phishing campaigns typically targeted around well-known services like Spotify, Facebook, and Twitter. Many folks may use their corporate email addresses for non-work-related services which can introduce risk in the case of phishing. Additionally, there are instances of third-party breaches where these credentials could become exposed if an organization happens to conduct business with that third party,” he added.

There are several well-established services that can detect identify potential account exploitation, but analysts at Red team wanted to design a platform of their own that will help, for example, security operations members or incident responders by arming them with information such as the compromised password itself, as well as [confirming] if that account was found to be present and active inside the organization to help in limiting triage time and possibly conduct risk searching workout routines.

The security analysts mentioned Scrapesy users can also design and share their very own modules of sources they could know to comprise leaked credentials and feed them again to the community. “As time goes on, we would like to develop a framework for Scrapesy that will make it relatively easy for folks to create their own modules,” Giordano said.