Popular Mechanics profiles Hold Security’s Alex Holden. Exclusive details in a revealing look inside Hold Security. Meet the Man Who Finds Your Stolen Passwords.
Hackers’ biggest issue is not how to steal data, but how to convert it to currency or usable goods. Hold Security opines.
Hold Security’s Incident Response and Investigation Practice worked on numerous breaches where the clues and extrapolations of vital data about the perpetrators, information about the breach, and even the stolen data has been found in the “dark corners of the Internet”. Through our numerous resources, we continuously monitor underground forum communications, chat channels, and data exchanges between the most notorious cyber criminals. This “Deep Web Monitoring” service has been very successfully utilized by our existing customers as an extra value.
Hold Security’s newly announced Deep Web Monitoring Program working with journalist Brian Krebs informed Adobe Systems Incorporated that source code for their flagship products has been found on servers of known hackers responsible for breaches of LexisNexis, Kroll, NW3C, and many other sites. Over 40 Gigabytes in encrypted archives have been discovered on a hackers’ server that appear to contain source code of such products as Adobe Acrobat Reader,Adobe Acrobat Publisher, and the Adobe ColdFusion line of products.
In a wake of the Liberty Reserve shutdown, Hold Security has received credible evidence derived from recent and on-going cyber attacks, that Liberty Reserve customers’ data have been used to compromise their other financial accounts. Based on the evidence, at very least, e-mail addresses and passwords that belonged to Liberty Reserve users have been used in attacks against other financial institutions. Cyber attacks using Chinese CAPTCHA-breaking services began as early as May 27, 2013, targeting financial institutions where Liberty Reserve customers may have accounts.
The New York Times breaks the news of Hold Security’s discovery of the CyberVor gang amassing 1.2 billion credentials.
The New York Times credits Hold Security with the initial discovery of the JPMorgan Chase breach.
Hold Security discusses the challenges facing travel reward and customer loyalty programs as they are being targeted by hackers for easy gains.
Over the past 18 months, this was our conversation starter with many companies and individuals. Helping our clients prevent breaches or find their stolen data is our business. If you have been following information security, or even if you haven’t, you have probably heard of Hold Security and our work. In October 2013, we identified a data breach with Adobe Systems. Later in December that year, we independently identified and tracked the Target breach and in February 2014 we identified over 360 million stolen credentials trafficked on the black market.
