Logo Logo
  • Home
  • Modshield SB
  • services
    • Application Security Testing
    • IoT Security Testing
    • Infrastructure Security Testing
    • Testing for Compliance
    • Red Team Exercise
    • Performance Testing
  • Training
    • Cybersecurity Awareness Program
    • Cybersecurity For Developers(Web Application)
    • Cybersecurity For Developers(Mobile Application)
  • Resources
    • Blog
    • CyberNews
  • About
    • Partners
    • Contact

How an application firewall like Modshield SB could have saved the day

  • Home
  • Blog Details
September 2 2020
  • Blog


Freepik, a top-100 Alexa ranked popular website that provides access to free stock photos and design graphics, announced on Friday (21 August) that it had been subject to a major data breach due to a SQL injection vulnerability.
In a statement released by the company, it is said that they immediately notified authorities of the breach, which is estimated to have affected 8.3m users of Freepik and its free graphic resource subsidiary Flaticon.
Freepik said that the security breach was due to a SQL injection in Flaticon that allowed an attacker to access user information from the company’s database.
The breach affected 8.3m of the company’s oldest users, whose email addresses and extracted password hashes were accessed. The hash of the password cannot be used to log into a user account on it’s own, as it is not a password, but a scrambled representation of a password. But it certainly aids an attacker to crack the passwords more efficiently
Freepik’s data breach
The company said that out of 8.3m affected users, 4.5M had no hashed password because they used exclusively one or more federated login methods (with Google, Facebook and/or Twitter) and the only data the attacker obtained during this attack was their email address.
The remaining 3.77M users affected by this breach had their email addresses revealed and for 3.55M of these users, their password was encrypted by using a modern algorithm, bcrypt. The password information of the remaining 229,000 users, however, was salted using an obsolete MD5 algorithm. The company said that it has now updated the hash of all users to the latest bcrypt algorithm as a result of the breach.
The company took initiatives to protect its users by revoking the passwords of those using the obsolete algorithm and have sent an email urging them to choose a new password and to change their password immediately if it was shared with any other site.
The company also added that users whose passwords were hashed with bcrypt received an email suggesting that they change their password, especially if it was an easy-to-guess password. Users who only had their email leaked, were notified promptly, since the impact was relatively lower and no special action is required from them.
“While no system is 100% secure, this should not have happened and we apologise for this leak,” the company said.
While incidents like these are truly tragic and puts the reputation of the affected company on the line, it is worth noting that the same types of attack could have been prevented easily by using an efficient Web Application Firewall(WAF) such as Modshield SB which includes the most popular Modsecurity and OWASP Core Rule Set effectively preventing against a host of attacks highlighted by the OWASP top 10 threat vectors.
Modshield SB combines the power of Modsecurity and OWASP Core Ruleset with an easy to use, east to implement interface, fantastic dashboards for compliance reports and a built-in load balancer.
Modshield SB is threat aware, being fed by continuous threat intelligence feeds to address the latest threats out in the landscape.
Modshield SB also provides application owners to implement access controls using a series of whitelists and blacklist for IP addresses and geographies.
Modshield SB offer a DLP option which matches application server’s responses to standard patterns of sensitive information and blocks the responses when a predefined format is encountered

Previous Post Next Post

Leave a Comment

Recent Posts

  • SOC 2 Compliance – Complete Guide
  • What is compliance and why do you need it?
  • OWASP WAF – Web Application Firewall
  • Top Cyber News April Week 3
  • Top Cyber News April Week 2

Recent Comments

  1. Vishnu on IEC 62443 – Cybersecurity for Industrial Automation and Control Systems

Archives

  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • June 2020

Categories

  • Blog
  • CyberNews
© Copyright 2020. Anada WordPres Theme By WordPressRiver