{"id":10980,"date":"2024-07-02T13:37:16","date_gmt":"2024-07-02T11:37:16","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=10980"},"modified":"2024-07-10T10:46:54","modified_gmt":"2024-07-10T08:46:54","slug":"internet-assets","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2024\/07\/02\/internet-assets\/","title":{"rendered":"THREAT INTEL: Organizations need full visibility of Internet Assets, Digital Certs, Keys & Servers."},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"standard-quality-control-collage-concept\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
Image Credit: FreePik<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Gibraltar: Tuesday 02 July\u00a0 2024 at 13:00 CET<\/p>\n

THREAT INTEL: An organization needs full visibility of Internet Assets, Digital Certificates, Encrypted Keys, and Servers.<\/strong><\/p>\n

By Andy Jenkinson \u2013 Guest Contributor |\u00a0 Group CEO\u00a0Cybersec Innovation Partners<\/a>
\nvia CYBERInsights<\/a>
\nFirst for\u00a0SME Cybersecurity News<\/a>
\nGoogle Indexed on 020724 at 13:20 CET<\/a><\/p>\n

#CyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI<\/em><\/p>\n

\n
\n
\n

With 4 months before further chaos rains down across the Digital World and Internet, the attached anonymised report demonstrates the unrivalled discovery and efficacy of Whitethorn and Whitethorn Shield.<\/p>\n

An organization needs full visibility, Whitethorn<\/strong> and Whitethorn Shield<\/strong> provide unrivalled visibility of Internet Assets, Digital Certificates, Encrypted Keys, and Servers.<\/p>\n

Testimony to this statement:<\/p>\n

1) The attached comprehensive report for a UK based Nuclear Provider where we identified previously unknown Chinese and Russian Root Certificates.<\/p>\n

2) Our discovery of a Korean server inside the DNS of Vote.gov<\/a> <\/strong>when we assisted the FBI Cyber Division<\/a><\/strong> in the lead up to the 2020 Presidential Election.<\/p>\n

3) On January 11, 2023, when we showed the Federal Aviation Administration<\/a><\/strong> they did not have Control of their NOTAM’s servers resulting in the closure of the entire U.S. air space.<\/p>\n

Public Key Infrastructure (PKI<\/strong>) and Domain Name System (DNS<\/strong>) are CRITICAL to security and have for decades been dangerously overlooked and ignored.<\/p>\n

Whilst the Google<\/a> <\/strong>and Entrust<\/a><\/strong> issue has come to a head and Entrust<\/a> <\/strong>Digital Certs WILL NO LONGER be Trusted from the 31 October 2024, we truly hope this action by Google<\/a><\/strong> acts as a catalyst for this critical area to be placed firmly at the top of the URGENT SECURITY TO DO LIST.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"whitethorn\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n
\n

To conclude, one may believe they have the very best security in the world, one may be air gapped, one may spend a $billion on Security however, if one DOES NOT manage and control one’s DNS<\/strong> and PKI<\/strong>, all that spend and security may be in vain and worthless.<\/p>\n

Stuxnet<\/strong> and SolarWinds<\/a><\/strong> are just two cases among many thousands of examples that exploit Not Secure Domains, Servers, DNS<\/strong> and PKI<\/strong> every year.<\/p>\n

andrew.jenkinson@cybersecip.com<\/a> We are pleased to assist.<\/p>\n

Cybersec Innovation Partners<\/a>
\nFederal Bureau of Investigation (FBI)<\/a>
\nGCHQ<\/a>
\nSerious Fraud Office (UK)<\/a>
\nInformation Commissioner’s Office<\/a>
\nDigiCert<\/a>
\nVenafi<\/a>
\nGlobalSign<\/a>
\nSectigo<\/a>
\nKeyfactor<\/a>
\nJisc<\/a>
\nNHS<\/a>
\nInternetSecurity<\/a>
\nDNS<\/a> PKI<\/a><\/p>\n

 <\/p>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

About Andy Jenkinson<\/span><\/strong><\/p>\n

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.<\/span><\/strong><\/p>\n

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years\u2019 experience as a hands-on lateral thinking CEO, coach, and leader. A \u2018big deal\u2019 business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100\u2019s \u00a3 millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world\u2019s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Image Credit: FreePik Learn More \/… Learn More \/…<\/p>\n","protected":false},"author":1,"featured_media":10989,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"yes","footnotes":""},"categories":[440],"tags":[439],"ppma_author":[505],"class_list":["post-10980","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberthreat-intel","tag-cyberthreat-intel"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2-300x200.jpg",300,200,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-concept-2-2.jpg",500,334,false]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"SME CYBER\/THREAT INTEL<\/a>","tag_info":"SME CYBER\/THREAT INTEL","comment_count":"0","authors":[{"term_id":505,"user_id":1,"is_guest":0,"slug":"admin_yjdstq4n","display_name":"Cybersecurity Journalist Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/10980","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=10980"}],"version-history":[{"count":0,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/10980\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/10989"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=10980"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=10980"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=10980"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=10980"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}