sb-au logo
Story image

New solution shines light on Dark Web credential trading

02 Apr 2020

The Kaseya-owned Spanning Cloud Apps has announced a new solution that monitors Dark Web for data that may have been stolen from an organisation.

The Spanning Dark Web Monitoring solution is a first-to-market Dark Web Monitoring solution for Microsoft Office 365. 

It combines backup and restore functionality for Office 365 with Dark Web intelligence and search capabilities to identify, analyse and proactively monitor for an organisation’s compromised or stolen employee data.

“In this new and challenging cybersecurity environment that we are all facing, Spanning Dark Web Monitoring fills a critical gap for businesses that use Office 365,” says Unitrends and Spanning general manager Mike Sanders. 

“No other solution like it exists. Spanning Dark Web Monitoring for Office 365 gives IT administrators something other tools don’t – an integrated Dark Web monitoring tool that provides insight into potentially compromised accounts so that companies can take action to safeguard themselves and their employees.”

Office 365 credentials are prime targets of malicious actors because they provide access to all of the Office 365 services, not just email. 

The credentials are the gatekeepers of every user’s entire Office 365 environment, which includes Microsoft Outlook, OneDrive, and SharePoint, collaboration services like Microsoft Teams and Planner, and business Intelligence-rich applications like Microsoft Power BI and Dynamics.

The solution helps reduce the risk of the increasingly common Account Takeover (ATO) attack, where cybercriminals steal or buy credentials in third-party breaches and reuse them to access corporate systems. 

They will then move to steal intellectual property, gain access to financial accounts and commit other types of cyber-fraud such as business email compromise (BEC) attacks in which cybercriminals hijack business email accounts to facilitate fraudulent wire transfers.

Spanning’s solution scans the unindexed portion of the internet often used by identity thieves – the Dark Web – to discover compromised or stolen employee credentials. 

It then enables administrators to take proactive steps to secure those accounts before any malicious activity occurs.

Key features include:

  • Real-Time Breach Notifications for Office 365 Domains - Dark Web Monitoring alerts Office 365 administrators when their employee’s emails and passwords have been compromised.
     
  • View and Restore Corrupted Data - Once alerted, administrators are redirected to a Spanning Backup for Office 365 Dark Web panel where they can view the compromised credentials for both current and inactive users. They can then leverage Office 365’s audit reporting and Spanning search capabilities to determine if any malicious activity has taken place and restore any corrupted data in just a few clicks.
     
  • A Pre-Configured Platform - Spanning Dark Web Monitoring is pre-configured and requires no integration, development or extensive training. The solution, which is activated in the Office 365 tenant, provides intuitive administrator controls integrated with Spanning Backup and an administrator experience identical to Office 365.
     
  • Specific to Business Use Cases - It is the first purpose-built solution to address this need outside of the consumer market, designed specifically for front-end protection of Office 365 business email accounts.

Spanning Dark Web Monitoring is now available. Licensed users of Spanning Backup for Office 365 will have the option to add on the Spanning Dark Web Monitoring capability to their existing account

Story image
The Dark Web: Not all as bad as it may seem - expert
While there is the perception that the dark web is mainly a hub for criminal activity, there are many other reasons why someone may use it.More
Story image
Fortinet appoints new director of operation technology for A/NZ
Fortinet has appointed a new director of operational technology (OT) solutions in a bid to extend offerings to Australian and New Zealand customers.More
Story image
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."More
Story image
Sophos named a Numbering Authority in CVE programme
The programme, which runs an open data registry of vulnerabilities, enables programme stakeholders to correlate vulnerability information used to protect systems against attacks. More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
SMEs treading water against 'endless volley' of cyber-attacks — report
According to a new report from Cynet, these SMEs are resorting to outsourcing some aspects of their threat mitigation in order to safeguard IT assets, as a result of the heightened risk of serious breaches.More