CYBER Insights » THREAT INTEL: Organizations need full visibility of Internet Assets, Digital Certs, Keys & Servers.

THREAT INTEL: Organizations need full visibility of Internet Assets, Digital Certs, Keys & Servers.

Image Credit: FreePik

Gibraltar: Tuesday 02 July  2024 at 13:00 CET

THREAT INTEL: An organization needs full visibility of Internet Assets, Digital Certificates, Encrypted Keys, and Servers.

By Andy Jenkinson – Guest Contributor |  Group CEO Cybersec Innovation Partners
via CYBERInsights
First for SME Cybersecurity News
Google Indexed on 020724 at 13:20 CET

#CyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI

With 4 months before further chaos rains down across the Digital World and Internet, the attached anonymised report demonstrates the unrivalled discovery and efficacy of Whitethorn and Whitethorn Shield.

An organization needs full visibility, Whitethorn and Whitethorn Shield provide unrivalled visibility of Internet Assets, Digital Certificates, Encrypted Keys, and Servers.

Testimony to this statement:

1) The attached comprehensive report for a UK based Nuclear Provider where we identified previously unknown Chinese and Russian Root Certificates.

2) Our discovery of a Korean server inside the DNS of Vote.gov when we assisted the FBI Cyber Division in the lead up to the 2020 Presidential Election.

3) On January 11, 2023, when we showed the Federal Aviation Administration they did not have Control of their NOTAM’s servers resulting in the closure of the entire U.S. air space.

Public Key Infrastructure (PKI) and Domain Name System (DNS) are CRITICAL to security and have for decades been dangerously overlooked and ignored.

Whilst the Google and Entrust issue has come to a head and Entrust Digital Certs WILL NO LONGER be Trusted from the 31 October 2024, we truly hope this action by Google acts as a catalyst for this critical area to be placed firmly at the top of the URGENT SECURITY TO DO LIST.

To conclude, one may believe they have the very best security in the world, one may be air gapped, one may spend a $billion on Security however, if one DOES NOT manage and control one’s DNS and PKI, all that spend and security may be in vain and worthless.

Stuxnet and SolarWinds are just two cases among many thousands of examples that exploit Not Secure Domains, Servers, DNS and PKI every year.

[email protected] We are pleased to assist.

Cybersec Innovation Partners
Federal Bureau of Investigation (FBI)
GCHQ
Serious Fraud Office (UK)
Information Commissioner’s Office
DigiCert
Venafi
GlobalSign
Sectigo
Keyfactor
Jisc
NHS
InternetSecurity
DNS PKI

 

About Andy Jenkinson

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years’ experience as a hands-on lateral thinking CEO, coach, and leader. A ‘big deal’ business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100’s £ millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world’s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.