StrongBox IT: Modshield SB - Web Application Firewall | OWASP CRS

Modshield SB is a custom-built and affordable web application firewall from Strongbox IT which can protect web and mobile applications from security threats with premium features that include a built-in load balancer, Data loss protection, and Analytics. The Modshield SB WAF is powered by Modsecurity and the OWASP Core Rule Set to protect you from a wide range of threats. Know more!

Visit: https://www.strongboxit.com/modshield-sb/

Rising trends in cybersecurity

Secure Access Service Edge (SASE):  SASE identifies sensitive data or malware, continuously monitors sessions for risk and trust levels, and can decrypt content at line speed.

AI Integration: By analyzing risk data from structured and unstructured resources, AI provides threat intelligence to the security teams to reduce the time they take to make critical decisions and immediately respond to remediate the threat.

Extended Detection and Response (XDR): XDR gains momentum and automatically collects data from multiple endpoints and correlates them to promote faster incident response and threat detection.

Security Process Automation: When implemented competently and with the right kind of tools, automation can support the prevention of successful cyberattacks.

Zero-Trust Network Access: ZTNA has proved to be a secure option for organizations to manage remote access to applications.

Read the full blog here: Trends in cybersecurity

How an application firewall like Modshield SB could have saved the day

Freepik, a top-100 Alexa ranked popular website that provides access to free stock photos and design graphics, announced on Friday (21 August) that it had been subject to a major data breach due to a SQL injection vulnerability.

In a statement released by the company, it is said that they immediately notified authorities of the breach, which is estimated to have affected 8.3m users of Freepik and its free graphic resource subsidiary Flaticon.

Freepik said that the security breach was due to a SQL injection in Flaticon that allowed an attacker to access user information from the company’s database. The breach affected 8.3m of the company’s oldest users, whose email addresses and extracted password hashes were accessed. The hash of the password cannot be used to log into a user account on it’s own, as it is not a password, but a scrambled representation of a password. But it certainly aids an attacker to crack the passwords more efficiently

Freepik’s data breach The company said that out of 8.3m affected users, 4.5M had no hashed password because they used exclusively one or more federated login methods (with Google, Facebook and/or Twitter) and the only data the attacker obtained during this attack was their email address.

The remaining 3.77M users affected by this breach had their email addresses revealed and for 3.55M of these users, their password was encrypted by using a modern algorithm, bcrypt. The password information of the remaining 229,000 users, however, was salted using an obsolete MD5 algorithm. The company said that it has now updated the hash of all users to the latest bcrypt algorithm as a result of the breach.

The company took initiatives to protect its users by revoking the passwords of those using the obsolete algorithm and have sent an email urging them to choose a new password and to change their password immediately if it was shared with any other site.

The company also added that users whose passwords were hashed with bcrypt received an email suggesting that they change their password, especially if it was an easy-to-guess password. Users who only had their email leaked, were notified promptly, since the impact was relatively lower and no special action is required from them.

“While no system is 100% secure, this should not have happened and we apologise for this leak,” the company said. While incidents like these are truly tragic and puts the reputation of the affected company on the line, it is worth noting that the same types of attack could have been prevented easily by using an efficient Web Application Firewall(WAF) such as Modshield SB which includes the most popular Modsecurity and OWASP Core Rule Set effectively preventing against a host of attacks highlighted by the OWASP top 10 threat vectors.

Modshield SB combines the power of Modsecurity and OWASP Core Ruleset with an easy to use, east to implement interface, fantastic dashboards for compliance reports and a built-in load balancer.

Modshield SB is threat aware, being fed by continuous threat intelligence feeds to address the latest threats out in the landscape.

Modshield SB also provides application owners to implement access controls using a series of whitelists and blacklist for IP addresses and geographies.

Modshield SB offer a DLP option which matches application server’s responses to standard patterns of sensitive information and blocks the responses when a predefined format is encountered.

Strongbox IT Releases Its Premium Web Application Firewall Modshield SB on Amazon Web Services (AWS) https://eprnews.com/strongbox-it-releases-its-premium-web-application-firewall-modshield-sb-on-amazon-web-services-aws-464350/

New ModShield silicone cases by JoJo are in stock! Available in multiple styles for: SnowWolf Vfeng, Smok Mag, Smok T-Priv, Smok ProColor and Smok V8 Sticks. 🔥 #modshield #modskin #modcase #modwraps #modskin #modcover #modshield #modshieldbyjojo http://ift.tt/2oit74r

ModShield for Smok Nord AIO Silicone Case ByJojo Protective Cover Shield Sleeve Skin Wrap (Blue) Price : 25 AED Only https://www.instagram.com/p/B1MOeyolflH/?igshid=11j6u51og1rk

ModShield for Smok G-Priv 2 230W TC Silicone Case ByJojo G PRIV2 Cover Shield Wrap Skin

https://topcellulardeals.com/product/modshield-for-smok-g-priv-2-230w-tc-silicone-case-byjojo-g-priv2-cover-shield-wrap-skin/

Silicone Case ONLY–Device NOT Included NEW TECHNOLOGY provides Non-Slip texture for a better grip MADE SPECIFICALLY for Smok G-Priv 2 230W TC and will NOT fit any other Device

Cyberattacks in IOT

Companies with IoT integrated into their operations has advantages like real-time data tracking, an efficient work management system, improved customer relationship management and increased productivity in the usage of resources. IoT is rapidly increasing in almost all aspects of our life but so are the cyberthreats. IoT to generate 79.4ZB of data in 2025, says IDC. Apart from offering greater access to consumer data, IoT devices track and record patterns in which a consumer interacts with the devices. Know the risks 1. Late Firmware Updates - Vulnerabilities that are already exploited and not patched through regular firmware updates could open a backdoor for hackers to take over a host of data. 2. Embedded Credentials - IoT devices come with hardcoded passwords that can get bypassed in numerous ways like password guessing, credential stuffing or brute force attack, etc. 3. Open API - IoT connects with open source API/Internet making it vulnerable to injection attacks, cross-site scripting, identity attack, and man in the middle. Learn how we are helping various sectors in IOT

Learn more about cybersecurity in https://www.strongboxit.com/blogs/

The Pharma industry is lagging behind other industries when it comes to implementation of information security measures. With the help of a WAF, an organization can mitigate multiple consequences ranging from stolen IP (Intellectual Property), repeating clinical trials, litigation, and lost revenue that can hurt real bad.

Get compliant by installing Modshield SB Enterprise Grade WAF: https://www.strongboxit.com/free-trial/

OWASP Modsecurity Core Rule Set: OWASP’s modsecurity core rule set serves as the base on which many web application firewalls work. There are two modes of operation. Standard Scoring - Self Contained Rules Anomaly Scoring - Collaborative Rules Concept Standard Scoring - Self Contained Rules Standard scoring blocks the threat if it gets detected by any single rule without validating with the rest of the rules. This way, threats are quickly blocked but can increase false alarm rates. Anomaly Scoring - Collaborative Rules Concept Unlike standard scoring, Anomaly scoring uses several rules simultaneously to detect any threat. It reduces the false alerts at the cost of a high workload.

To know more about WAF with OWASP Core rule set check our Modshield SB page

Cybersecurity in Education

Sudden rise in online education has made the education sector struggling with application security, endpoint security, and patching cadence. Learn why cybersecurity is important in education DDoS attacks – DDoS attacks can be carried out by even novice cybercriminals when the network is poorly protected. There have been cases of DDoS attacks just to get a day off. Data theft – Students and staff personal info can be leaked, which can compromise their privacy and confidentiality. Financial gain – Large amount of money is involved in tuition fee transactions, providing a high risk to return ratio to the hacker. Espionage – Universities hold valuable intellectual property. Professional hackers can be hired to steal research assets

Learn about us at https://www.strongboxit.com/modshield-sb/

ModShield for VOOPOO DRAG 157W TC Silicone Case ByJojo Sleeve Cover Wrap Shield Skin

https://topcellulardeals.com/product/modshield-for-voopoo-drag-157w-tc-silicone-case-byjojo-sleeve-cover-wrap-shield-skin/

NEW TECHNOLOGY provides Non-Slip texture for a better grip SILICONE CASE ONLY–Device is NOT included AUTHENTIC ModShield ByJojo Product WITHOUT ModShield LOGO

ModShield for SMOK T-PRIV 220W TC Silicone Case ByJojo T PRIV 220 W Skin Cover Sleeve Shield Wrap

https://topcellulardeals.com/product/modshield-for-smok-t-priv-220w-tc-silicone-case-byjojo-t-priv-220-w-skin-cover-sleeve-shield-wrap/

Missing Attachment NEW TECHNOLOGY provides Non-Slip texture for a better grip SILICONE CASE ONLY–Device is NOT included AUTHENTIC ModShield ByJojo Product

ModShield for Smok Alien 220W TC Silicone Case & TANK BAND ByJojo Skin Cover Sleeve Wrap Shield

https://topcellulardeals.com/product/modshield-for-smok-alien-220w-tc-silicone-case-tank-band-byjojo-skin-cover-sleeve-wrap-shield/

INCLUDES: 1 ModShield Silicone Case & 1 Tank Band “PINK” & “GLOW-IN-THE-DARK” Tank Bands are NOT AN EXACT COLOR MATCH to the Silicone Case NEW TECHNOLOGY provides Non-Slip texture for a better grip