Authentic8 Blog Author: Drew Paik

Webinar: Cloud-based Research Platform for Threat Hunters

One of the most important applications of a cloud browser is investigating threat intelligence. Information security analysts can get quickly overwhelmed with data, from potential risks to false leads. Providing context for threat intelligence is critical for any security operations team.

Investigating leads from threat intelligence can be time-consuming and expensive for an already over-taxed function. Imagine having thousands of alerts, and no way to tell which ones are legitimate and which ones are benign.

Cloud-based technologies make infosec analysts more productive by doing much of the grunt work for them. Instead of slogging through thousands (or millions) of alerts, analysts rely on threat intelligence services like Recorded Future for in-depth and high-speed analysis to bring that down to a manageable number. And a cloud browser like the Silo Research Toolbox gives analysts a safe and efficient way to perform deep analysis on legitimate threats.

Illustration: Silo Research Toolbox - the cloud browser for analysts, researchers and investigators (screenshot)
Silo Research Toolbox on the Dark Web

Authentic8 and Recorded Future are presenting a cloud-based research platform

Why Hollywood Should Disconnect from the Web

Production companies need to revise the way they access the internet or more major studios will fall victim to hackers because of web-borne attacks.


News of an unreleased Disney film (coincidentally about pirates) being held hostage by hackers marks the latest in many costly and embarrassing web-based attacks targeting content producers and their supporting vendors.

The causes of these data breaches have one thing in common: criminals gained unauthorized access via the web.

In the case of Sony, malware installed via an open port exfiltrated terabytes of sensitive data, including emails, contracts, and content. For Disney and Netflix, their breaches seem to have occurred because criminals targeted a production partner with weaker defenses.

Bottomline: The movie industry serves as another high-profile example of how valuable certain data -- in this case, intellectual property -- has become to criminal hackers and how easy it is to steal because of porous defenses.

Hackers thrive on Hollywood connections

Glitz and glamour aside, content producers are no different from other companies insofar as their operations depend on access to the web and working online with trusted partners.

From email apps to bookkeeping software to streaming video, the web now determines how most business is conducted - the movie and entertainment business included. But unfettered access to the web also leaves gaping holes for outside parties to attack.

Studio Access Hollywod-style: Hacked.

IT professionals face the impossible challenge of opening up the network to important web apps like Office 365 while simultaneously keeping all dangerous content out.

Further complicating matters, malicious code can piggyback on approved channels, e.g. nefarious attachments enter the studio through corporate email. Malvertising can take over the browser when a studio employee simply visits a media site whose online ad network has been compromised.

Hello Hollywood, disconnect from the web…

So how can production studios protect themselves better? Could they disconnect from the web without forfeiting its advantages?

Many organizations have considered virtualization as a possible solution -- i.e. any time a user needs access to the web, they connect to a virtual desktop and access the web through an intermediary.

There are numerous DIY instructions available online, some dating back over a decade. The problem with such a solution are the costs. They can overwhelm even the largest organizations. License fees for Virtual Machine/s (VM) and the OS, hardware spend, and expenses for regular updates to keep images current add up quickly.

Even if an organization is willing to accept those expenses as the cost of doing business, it is still saddled with the vulnerabilities of a regular endpoint device and browser, albeit virtualized now. Even a virtual desktop can be infected with ransomware, with very real consequences.

...without losing access: enter Silo

Silo, the secure virtual browser developed by Authentic8,  takes the best of virtualization and incorporates the benefits of the Software-as-a-Service model. Leading financial services providers, law firms and other security-sensitive organizations have chosen this "Browser-as-a-Service" approach to protect their digital assets.

Users get the security of a virtual browser running remotely. Administrators have a predictable cost model that includes maintenance and support. And online attackers don't get the red carpet treatment anymore.

This approach lets content producers tighten their network perimeter while still providing access to the web via Silo. With fewer authorized apps, IT can tightly monitor all traffic into and out of the organization, and the virtual remote browser isolates and neutralizes potentially dangerous web code outside the network before it can touch the local IT infrastructure.

We’ve seen other industries pass along tightened

Make Improving Data Breach Prevention Your New Year's Resolution

Illustration: 2017 - the Year We Make Cybersecurity a Habit? (Authentic8 blog post)SECURITY

As we reflect on the passing year, it’s clear that 2016 was a tipping point in terms of public awareness of data security issues. It was the year that John Q. Public suddenly became aware of encryption issues, with Apple’s battle with the FBI after the San Bernardino terrorist attack.

It was also the year people pondered how foreign governments could perhaps hack into our election system. The year also showed that the government’s biggest security breach — which resulted in the arrest of an NSA contractor — wasn’t necessarily malicious. It hammered home the idea that some data breaches occur simply because employees don’t take their responsibilities seriously enough.

Though there is an increasing awareness of what kinds of threats we are all vulnerable to, there’s a knowledge gap in how to keep yourself and your business secure — despite our best efforts towards cybersecurity education.

So as you imagine what improvements you can make to your

Monthly News Roundup - December 2015 (TL;DR)



This month we learned that Microsoft’s browser is vulnerable and many people’s Java has security flaws. No, you haven’t traveled back in an infosec time machine. These old-fashioned headlines came back in a new way this month. Oh, and a mere 191 million people’s personally identifiable information was exposed online. Check out those stories plus much more in our December 2015 news roundup:

  • US Voter Records Leaked Online: On Dec. 20, security researcher Chris Vickery discovered an exposed database containing personally identifiable information for 191 million registered US voters. The data included voters’ full names, addresses, voter IDs, birthdates, phone numbers, political affiliations, voting histories, and confirmation about whether or not they are on the do-not-call list. Depending on state law, much of that information must remain private and secure. As of now, the owner of the database remains unknown but the database has been taken offline.
  • Apps Share User Info But Don’t Tell Their Customers

Monthly News Roundup - November 2015 (TL;DR)


This month we learned about a host of newfangled malware and hacks that compromise everyday websites, online ads, hotel chains, and British tabloids. Plus, State Department employees recently found out that their love of Facebook made them vulnerable to the Axis of Evil. Check out November’s biggest infosec headlines, below:

US State Department Targeted By Iranian Cyber Attack: Multiple sources reported on an apparent spear phishing attack from Iran’s Revolutionary Guard on the US State Department. The attackers used compromised social media accounts of junior level State Department employees to hack computers of officials who work on Iranian and Middle Eastern affairs. In a strange twist, the US government learned about the attack from Facebook. Often it’s the other way around, with private sector firms and organizations learning they’ve been victims once they’re notified by the feds. The upshot: The government needs to manage employee web access and passwords, and control access to social media apps