Nearly a year ago Hold Security opened its Ukrainian office to support the country torn by war and to give its citizens a way to show their strength by fighting cyber crime. fDi Intelligence highlights a part of our journey and challenges.
In late December of last year, Forbes published an article describing the actions of Hold Security against the Russian illegal drug platform Solaris. Today we are releasing additional information and data about this platform.
Hold Security indexes and correlates public and private/confidential resources on the Dark Web and Internet to identify malicious and threatening events. Our comprehensive Threat Intelligence Services provide visibility into cyber-criminal activities. We utilize our unique vantage points to derive invaluable intelligence. Hold Security Threat Intelligence Analysts examine threat data and interpret it to eliminate false positives.
Stolen user credentials are among the most frequent causes of breaches. Whether it is your company's employee or user credentials that have been stolen, or if a service provider you trusted with their credentials has experienced a breach, cybercriminals may exploit them for their malicious purposes. Hold Security's world-class stolen credentials recovery services will detect your credentials on the Dark Web and promptly notify you before the cyber criminals have a chance to abuse them.
Hold Security’s Domain Integrity Service provides monitoring and alerting of domain names. We identify possible abuse, phishing, impersonation, or other misuse as it is relevant to our clients and their brands. With simple and flexible portal access or customized reports created by our analysts, your domain names and brands will be protected using comprehensive and swift identification and alerting of new or existing threats.
Technology will remain one of our biggest security weaknesses; however, today most cyberattacks have a social engineering component, where threat actors target people as the most vulnerable part of the system. As cybersecurity professionals, we are tasked with training our personnel to avoid both simple and complex mistakes while still doing their jobs, delivering good customer experiences, and keeping business running.
In recent years, threat actors have dissected business processes to find hidden vulnerabilities, leveraged AI to craft highly realistic scams, exploited employee trust, and even infiltrated corporate ranks from within.
This talk will explore the latest techniques for detecting and preventing breaches at the human level, highlight practical approaches to security training, and discuss how we must adapt our business practices to operate under the constant assault on our social systems and trust, well beyond the realm of technology.
Takeaways:
- Technology isn’t the weakest link, people are.
- Training must be practical, not theoretical.
- Threat actors evolve, so should we.
- Security is a business function, not just IT.