“To protect themselves, organizations need to make sure that not only are they using phishing detection and training employees to recognize phishing, they also need to make sure they have defense in depth for all of their applications, data and assets that are internet-facing,” Shukla explained.
Nitro software inc pdf#
“While we don’t know how the data breach involving the Nitro PDF service may have come about, it’s likely from phishing campaigns and stolen credentials, or from exploiting vulnerabilities in applications, as these are the two most common sources of breaches,” Jayant Shukla, chief technology officer and co-founder of application security firm K2 Cyber Security Inc., told SiliconANGLE. The database does not contain user or customer documents, which are hosted in a separate database.” Officially, Nitro is downplaying the data breach, saying in a statement that “Nitro continues to investigate an isolated security incident involving limited access to a Nitro database by an unauthorized third party. In the words of Bleeping Computer, “this could be one of the worst corporate data breaches we have seen in a while.” Among the stolen data is tens of thousands of accounts and documents linked to those companies, including financial reports, merger and acquisition activities, nondisclosure agreements and product release details.
Nitro software inc full#
The data, offered at a starting price of $80,000 on a dark web site is said to include 70 million user records containing email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses and other system-related data.ĭata breaches in 2020 are a dime a dozen, but where this becomes more interesting than others is that Nitro clients include Google LLC, Apple Inc., Inc., Microsoft Corp., JPMorgan Chase & Co. According to Bleeping Computer, the data stolen included the company’s user and document databases along with 1 terabyte in documents created by Nitro’s customers. “Low impact” is an interesting choice of words.
In a statement last week to the Australia Stock Exchange, Nitro advised that they had been impacted by a “low impact security incident” involving “limited access to a Nitro database by an unauthorized third party.” The company, which provides services to much of the Fortune 500, was hacked sometime earlier this month. has suffered a data breach with customer data being offered for sale on the dark web. Australian document productivity company Nitro Software Inc.
0 kommentar(er)
