CIS Benchmark SYSTEM HARDENING VULNERABILITY MANAGEMENT

Around 17 million users of the popular restaurant search platform Zomato have had their login credentials stolen by hackers and put on the dark web to be sold to criminals.

Zomato’s CTO, Gunjan Patidar, claims that User IDS, Names, Usernames, Email Addresses, and Password hashes with salt are among the information stolen in the breach.

All passwords were reset and users were required to log back into the platform following the event.

This breach was a case of a hacker wanting to scare the organization into working on their security posture by showing them what kind of vulnerabilities exist and how someone with worse intentions could do a lot of damage to their customer base.

“The hacker has been very cooperative with us. He/she wanted us to acknowledge security vulnerabilities in our system and work with the ethical hacker community to plug the gaps. His/her key request was that we run a healthy bug bounty program for security researchers,” said Patidar.

The hacker has since removed the data from the dark web and Zomato claims “the hacker has agreed to destroy all copies of the data.”

This situation is not the case for most organizations, leaving many without any warning left to scramble and conduct damage control. To avoid this situation organizations need to implement tools like NNT’s System Hardening & Vulnerability Management solution to expose known security vulnerabilities using a wide range of CIS Benchmark hardening reports and eliminate or mitigate them before any harm can be done.

 

Read this article on InfoSecurity Magazine

 

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.