Skip to content

Blog

Articles

Effectively manage your exposure surface (Part 2)

In the previous article Effectively Managing Your Attack Surface (Part 1), we used the tool Uncovery - Advanced EASM to get an accurate view of the attack surface of the information system. The results showed 160 services exposed on the internet network, intended for a well-defined user population. In this article, we will show how to use Chimere to secure all of these services and remove them from the attack surface while keeping them accessible to employees.

To do this, we will use the automatic service enrollment mechanism offered by Chimere and then connect the company's identity provider to the Chimere Manager to provide user access to services.

  • in Articles
  • 5 min read

Effectively manage your exposure surface (Part 1)

When you are a CISO or CIO taking on a new position, one of the challenges is to efficiently understand the areas where protection measures and security actions need to be implemented. Esteemed readers of this blog, you know how exposing applications on the internet is one of the most common causes of information system compromise. If this is your first Chimere article, take a look at our previous thoughts on the subject: 10 cyberattacks that exploited the principle of exposure, 3 types of attacks feared by companies, and 3 strategies to protect your information system from internet scans (and resulting attacks)

In this article, we provide a method to identify and manage this exposure, ultimately reducing the risk of compromise resulting from the exposure of your assets on the internet.

  • in Articles
  • 5 min read

Network and cybersecurity: What is a 'Hidden Service'? Part 2

Application anonymity, network authentication, and exposure elimination are three characteristics intimately linked to the principle of hidden services. In the previous article: What is a 'Hidden Service'? Part 1, we highlighted these three aspects of the mechanism, but they are not alone in bringing interesting properties in terms of network security. In this new article, we found it interesting to highlight four other characteristics, much less known than the first ones, yet providing a real defensive added value.

  • in Articles
  • 5 min read

Network and cybersecurity: What is a 'Hidden Service'? Part 1

The term "hidden service" is intimately related to certain technologies like the darknet and the Tor Project. This mechanism is used to provide various security and anonymity features to network users. In the collective consciousness, it is widely accepted that the darknet and hidden services are primarily used by cybercriminals to offer applications accessible through the Internet without revealing the identities of the parties involved. However, in reality, hidden services are often used for much nobler purposes, where the technical advantages they offer are highly appreciated.

Whistleblowers, secure data exchanges, journalistic content publication, and today's widespread and secure remote access with the advent of Zero-Trust Network Access are all ways in which hidden services are used for protection. But what are hidden services, and what do they really offer? Answers in this article.

3 types of attacks feared by companies

When exchanging with CISOs and CIOs about the actions to be taken to ensure optimal security of their information systems, user awareness and the implementation of good security hygiene practices are frequently discussed. It is undeniable that the human factor often plays a decisive role in the compromise of information systems. While raising awareness among employees and partners is essential, it is common to observe decision-makers adopting a fatalistic view of the situation and considering that security through the use of technical solutions is a failure.

Are they right? In an attempt to provide some insights in this article, we address three well-known techniques that attackers employ to hack enterprise computer systems, and against which security services must fight.

How to use the Tor darknet to protect your information system?

In the article about the issue of service exposure and 10 cyber-attacks that have exploited the principle of exposure, we highlighted the risks associated with exposing services on the internet.

But what if we could conceal these services, preventing them from being discovered by just anyone?

One way to achieve this is by using the Chimera network and its hidden services mechanism it offers. However, if you have only a few services and users to manage, performance is not a concern, and you enjoy getting your hands dirty, why not directly use the Tor network? This method is particularly interesting for individuals or small enterprise information systems.

Let's see how to protect an SSH service and avoid becoming a target for attacks. Let's dive in!

3 strategies to protect your information system from internet scans (and resulting attacks)

In the previous two articles, we presented the issue of service exposure on the internet (Information System security: understanding the issue of exposure and 10 cyberattacks that exploited the principle of exposure), as well as 10 cyber attacks that exploited the principle of exposure. Today, we want to revisit three common strategies that companies use to address this problem. As remote access needs and teleworking have particularly increased in recent years, what are the common strategies that companies choose to prevent their exposed services from becoming a gateway for hackers?

10 cyberattacks that exploited the principle of exposure

In the previous article (Information System security: understanding the issue of exposure), we highlighted the exposure of services on the internet, its origin, and the associated risks. In this article, we revisit ten cyberattacks that took advantage of the principle of exposure to succeed. Whether it was exploiting vulnerabilities, configuration defects, phishing techniques, or a combination of these different vectors, these are the elements that the targeted companies or investigative commissions were able to reveal following a post-mortem analysis of the attacks.