Skip to content

Qualys Data Breach

Cybersecurity firm Qualys is the latest victim of a cyber attack, the company was likely hacked by threat actors that exploited a zero-day vulnerability in their Accellion FTA server. A set of cybercriminals belonging to the Clop Ransomware group claimed responsibility for a breach of Qualys, a major cloud computing security vendor. As proof of the access to data, an extortion site maintained by hackers on the dark web has leaked documents claiming to contain information on Qualys customers of about 19,000 clients, including major financial firms like Capital One and Experian.

Technical Details

The wave of attacks began in mid-December 2020, threat actors exploited multiple zero-day vulnerabilities in the Accellion File Transfer Appliance (FTA) software to deploy a shell dubbed DEWMODE on the target networks.

The attackers exfiltrated sensitive data from the target systems and then published it on the CLOP ransomware gang’s leak site. It has been estimated that the group has targeted approximately 100 companies across the world between December and January. Further, Qualys CISO Ben Carr added that the incident hadn’t affected Qualys production environments, codebase or customer data hosted on the Qualys Cloud Platform.

FireEye pointed out that despite FIN11 hackers publishing data from Accellion FTA customers on the Clop ransomware leak site, they did not encrypt systems on the compromised networks. In response to the wave of attacks, the vendor has released multiple security patches to address the vulnerabilities exploited by the hackers and the company is also going to retire legacy FTA server software by April 30, 2021.

Mitigation Strategy

An organization should always be well prepared for the forthcoming incidents that may approach possessing harmful instincts such as cyber-attacks. To tackle those attacks at the initial level, following are certain points that needs to be followed by any organization so as to reduce the risk of loss from the occurrence of any undesirable event.

1. Users should follow the best practices to defend against the malware and create an effective backup strategy by following the 3-2-1 rule:
–   Adopt strong passwords throughout the network.
–   Consider network segmentation to separate important processes and systems from the wider access network.
–   Increase awareness of how ransomware spreads, i.e., through spammed emails and attachments.
–   Monitor and audit network traffic for any suspicious behaviors or anomalies

2. Deploy IAM, limit privileged users, and implement MFA.

3. Install an antivirus solution, schedule signature updates, and monitor the antivirus status on all equipment.

4. If noticed any kind of activity (new process initiated, any files have been deleted automatic), take an appropriate action.

5. Keep your operating system and software up to date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Ensuring      these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker. Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.

Preventive Measures

An organization’s ability to rapidly respond to and recover from an incident begins with the development of an incident response capability. An organization’s response capability should focus on being prepared to handle the most common attack vectors (e.g., spearphishing, malicious web content, credential theft).
In general, organizations should prepare for those attacks for a longer run by keeping the following key pointers in consideration:

– Block the IOCs.
– Enable E-mail filtering for .exe attachment files.
– Set remote access restrictions.
– Configure PowerShell to execute only signed scripts.
– Configure Windows to show file extensions and keep the macros disabled.
– To ensure that recovery from a ransomware or sabotage attack is possible, all data must be regularly backed up and a good backup strategy adopted.
– Implement endpoint security with active monitoring.
– Encrypt all sensitive organizational information.
– Upgrade your systems with the latest security patches.

Conclusion

Ransomware has been around for a few years now and we are starting to see instances of this type of malware that break the mold and forge a new direction. Clop differs from other ransomware in many significant ways — from its capabilities to the heart of the ransomware attack itself, gaining entry.

It will be interesting to see if other ransomware begins to use exploit kits as infection vectors like Clop or if this practice remains the exception to the rule. The Financial Services Information Sharing and Analysis Center (FS-ISAC), a clearinghouse for financial threat information whose members include big banks, encourages all financial institutions to follow published procedures to assess and maintain the security of their systems and to continually monitor for signs of any anomalous activity.

398 responses to “Qualys Data Breach”

  1. Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?

  2. Insightful and well-written! Your points are thought-provoking. For those wanting to learn more about this topic, here’s a great resource: FIND OUT MORE. Interested in hearing everyone’s perspective!

  3. Precast Concrete Pipes : Manufactured off-site, these pipes are used for efficient large-scale installations. ElitePipe Factory in Iraq offers reliable precast concrete pipe solutions.

  4. Bwer Company is a top supplier of weighbridge truck scales in Iraq, providing a complete range of solutions for accurate vehicle load measurement. Their services cover every aspect of truck scales, from truck scale installation and maintenance to calibration and repair. Bwer Company offers commercial truck scales, industrial truck scales, and axle weighbridge systems, tailored to meet the demands of heavy-duty applications. Bwer Company’s electronic truck scales and digital truck scales incorporate advanced technology, ensuring precise and reliable measurements. Their heavy-duty truck scales are engineered for rugged environments, making them suitable for industries such as logistics, agriculture, and construction. Whether you’re looking for truck scales for sale, rental, or lease, Bwer Company provides flexible options to match your needs, including truck scale parts, accessories, and software for enhanced performance. As trusted truck scale manufacturers, Bwer Company offers certified truck scale calibration services, ensuring compliance with industry standards. Their services include truck scale inspection, certification, and repair services, supporting the long-term reliability of your truck scale systems. With a team of experts, Bwer Company ensures seamless truck scale installation and maintenance, keeping your operations running smoothly. For more information on truck scale prices, installation costs, or to learn about their range of weighbridge truck scales and other products, visit Bwer Company’s website at bwerpipes.com.

  5. Tech Write For Us explores the transformative impact of AI in education. We provide in-depth articles on how AI enhances learning, supports educators, and personalizes student experiences. Stay informed with the latest trends and innovations in educational technology with us.

  6. купить оригинальный диплом о высшем образовании [url=https://1oriks-diplom199.ru/]купить оригинальный диплом о высшем образовании[/url] .

  7. buy clopidogrel bisulfate [url=https://plavixclo.com/#]Clopidogrel Best Prices[/url] buy plavix

  8. pin up казино [url=https://pinup-kazi.kz/#]pin up казино[/url] пин ап казино онлайн

  9. pinup kazi [url=https://pinup-kazi.kz/#]пин ап казино онлайн[/url] пин ап кз

  10. пин ап казино официальный сайт [url=https://pinup-kazi.ru/#]пин ап казино[/url] пин ап вход

  11. real viagra without a doctor prescription [url=https://canadianpharm1st.com/#]canadian pharm 1st[/url] ed drugs

  12. https://cytotec.top/# Misoprostol 200 mg buy online
    can i buy zithromax over the counter [url=https://azithromycinus.com/#]zithromax over the counter canada[/url] order zithromax over the counter

  13. semaglutide tablets price [url=https://semaglutidetablets.store/#]buy semaglutide[/url] rybelsus semaglutide tablets

  14. en kazancl? slot oyunlar? [url=https://slottr.top/#]slot oyunlar?[/url] az parayla cok kazandiran slot oyunlar?

  15. casino bet gГјncel giriЕџ [url=https://casinositeleri2025.pro/#]jav siteleri[/url] sГјperbetine

  16. mexican border pharmacies shipping to usa [url=https://mexicanpharmi.com/#]mexican pharmacy[/url] pharmacies in mexico that ship to usa

  17. amoxicillin without a doctors prescription [url=https://amoxstar.com/#]Amox Star[/url] amoxicillin without rx

  18. amoxicillin azithromycin [url=https://amoxstar.com/#]over the counter amoxicillin canada[/url] amoxicillin pills 500 mg

  19. cipro for sale [url=https://cipharmdelivery.com/#]ci pharm delivery[/url] ciprofloxacin mail online

  20. cost of cheap clomid tablets [url=https://clomidonpharm.com/#]clomid on pharm[/url] where can i buy cheap clomid without prescription

  21. buy ciprofloxacin [url=https://cipharmdelivery.com/#]buy cipro online usa[/url] ciprofloxacin over the counter

  22. how can i get cheap clomid [url=https://clomidonpharm.com/#]can i buy clomid[/url] how can i get generic clomid without insurance

  23. buy ciprofloxacin over the counter [url=https://cipharmdelivery.com/#]ciprofloxacin 500 mg tablet price[/url] ciprofloxacin 500mg buy online

  24. buy generic ciprofloxacin [url=https://cipharmdelivery.com/#]ciprofloxacin generic[/url] cipro ciprofloxacin

  25. can i order generic clomid [url=https://clomidonpharm.com/#]clomidonpharm[/url] can i get generic clomid prices

  26. buy prednisone from india [url=https://prednibest.com/#]Predni Best[/url] canada buy prednisone online

  27. order generic clomid pills [url=https://clomidonpharm.com/#]clomidonpharm[/url] where can i get generic clomid

  28. amoxicillin online pharmacy [url=https://amoxstar.com/#]Amox Star[/url] amoxicillin no prescipion

  29. пин ап вход [url=https://gramster.ru/#]gramster.ru[/url] пин ап казино официальный сайт

  30. пин ап казино официальный сайт [url=https://gramster.ru/#]gramster[/url] пинап казино

  31. mexican online pharmacies prescription drugs [url=https://mexicanpharmacy.store/#]purple pharmacy mexico price list[/url] best online pharmacies in mexico

  32. buy prescription drugs from india [url=https://indianpharmacy.win/#]cheapest online pharmacy india[/url] indian pharmacies safe

  33. medication from mexico pharmacy [url=https://mexicanpharmacy.store/#]mexican online pharmacies prescription drugs[/url] purple pharmacy mexico price list

  34. india pharmacy mail order [url=https://indianpharmacy.win/#]india pharmacy[/url] india pharmacy

  35. buy medicines online in india [url=https://indianpharmacy.win/#]indian pharmacy paypal[/url] india online pharmacy

  36. buying prescription drugs in mexico [url=https://mexicanpharmacy.store/#]mexican pharmaceuticals online[/url] mexican mail order pharmacies

  37. india pharmacy mail order [url=https://indianpharmacy.win/#]indianpharmacy com[/url] india pharmacy mail order

  38. order ed pills [url=https://fastpillseasy.com/#]cheapest erectile dysfunction pills[/url] cheapest online ed meds

  39. Cheap generic Viagra online [url=https://fastpillsformen.com/#]FastPillsForMen.com[/url] cheap viagra

  40. cialis for sale [url=https://maxpillsformen.com/#]MaxPillsForMen[/url] Cialis 20mg price in USA

  41. Cheap generic Viagra online [url=https://fastpillsformen.com/#]FastPillsForMen[/url] over the counter sildenafil

  42. Buy Tadalafil 20mg [url=https://maxpillsformen.com/#]Max Pills For Men[/url] п»їcialis generic

  43. Cialis over the counter [url=https://maxpillsformen.com/#]buy cialis online[/url] buy cialis pill

  44. buy ed medication [url=https://fastpillseasy.com/#]FastPillsEasy[/url] best online ed treatment

  45. viagra canada [url=https://fastpillsformen.com/#]Viagra Tablet price[/url] buy Viagra online

  46. Viagra online price [url=https://fastpillsformen.com/#]Fast Pills For Men[/url] Cheapest Sildenafil online

  47. Tadalafil price [url=https://maxpillsformen.com/#]buy cialis online[/url] Cialis without a doctor prescription

  48. best online ed pills [url=https://fastpillseasy.com/#]cheapest online ed meds[/url] cheap erection pills

  49. Viagra online price [url=https://fastpillsformen.com/#]FastPillsForMen[/url] buy viagra here

  50. sweet bonanza guncel [url=https://sweetbonanza25.com/#]sweet bonanza oyna[/url] sweet bonanza

  51. deneme bonusu veren siteler [url=https://denemebonusuverensiteler25.com/#]yat?r?ms?z deneme bonusu veren siteler[/url] denemebonusuverensiteler25

  52. deneme bonusu veren casino siteleri [url=https://casinositeleri25.com/#]canl? casino siteleri[/url] canl? casino siteleri

  53. slot oyunlar? [url=https://slotsiteleri25.com/#]en kazancl? slot oyunlar?[/url] guvenilir slot siteleri

  54. guvenilir slot siteleri [url=https://slotsiteleri25.com/#]slot oyunlar? puf noktalar?[/url] slot siteleri

  55. en cok kazand?ran slot oyunlar? [url=https://slotsiteleri25.com/#]en kazancl? slot oyunlar?[/url] guvenilir slot siteleri

  56. az parayla cok kazandiran slot oyunlar? [url=https://slotsiteleri25.com/#]az parayla cok kazandiran slot oyunlar?[/url] en kazancl? slot oyunlar?

Call Our Experts:

+91 9814688151

small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png
small_c_popup.png

We’d love to help your organization achieve your Data Protection goals!

Schedule a complimentary consultation with our Team of Experts.