Tag: cyberx9

CyberX9 questions PNB’s denial of server vulnerability

Banking & Finance

[ad_1]

Read More/Less


Cyber security firm, CyberX9 which alleged that there was a vulnerability in Punjab National Bank’s (PNB) internal server on Tuesday questioned the bank’s claims that no such breach or leak of customer data has taken place.

Read also: PNB server vulnerability may have exposed data of over 180 m customers

CyberX9, in a statement, asked, “Have they checked every single computer system and servers in their massive network which even includes computer systems in their large number of bank branches and other offices? It is a baseless argument from PNB without putting any actual efforts into checking if there are attackers already in their network or not who could’ve entered in at any point in these ~7 months when they were vulnerable. They simply left the door to their internal systems open for ~7 months and now they’ve to check their whole network (a very big maze) to find if any attacker is covertly hiding.”

Read more: No breach of systems and pilferage of any personal data, says PNB

“For the scale of PNB’s network (extremely large number of systems which includes computers in bank branches and other servers), it’ll take at least more then a month even for a very large team of skilled security and forensic engineers to re-secure everything and find and clean up any infiltration. Until then PNB can’t be considered secure. We should not forget that CERT-In and NCIIPC accepted our reports to them where we mentioned the impact of the vulnerability which we also mentioned in our blog. And also that PNB had to shut down their server after our report which is a big thing since it shows the severity of the vulnerability and it’s impact,” it added.

Following several reports of vulnerability found in Punjab National Bank’s internal server, exposing personal and financial information of customers, the bank on Monday denied any breach of system and possibility of data exposure. The bank has deployed data leak prevention solutions that stop any unauthorised data from being sent through emails, it said.

Following PNB’s claims of deploying data leak prevention solutions that prevent any unauthorised data to be sent through emails,CyberX9 said, “It’s an irrelevant statement here since it’s unclear what they mean by “unauthorised data. Any internal employee sending sensitive customer personal or financial data or internal confidential documents isn’t “unauthorised data” and hence is indeed shared in emails.”

CyberX9 even questioned PNB’s ISO 27001 certification saying it has violated the same by not timely report and remediate the vulnerability.

[ad_2]

CLICK HERE TO APPLY

Leave a comment , ,

Vulnerability in PNB server exposed customer data for about seven months: CyberX9

Banking & Finance

[ad_1]

Read More/Less


A vulnerability in the server of Punjab National Bank allegedly exposed the personal and financial information of its about 180 million customers for about seven months, according to cyber security firm CyberX9.

CyberX9 has claimed that the vulnerability provided access to the entire digital banking system of PNB with administrative control.

Meanwhile, the bank has confirmed the glitch but denied any exposure of critical data due to the vulnerability.

PNB said, “customer data/applications are not affected due to this” and “server has been shut down as a precautionary measure.” “Punjab National Bank kept severely compromising the security of funds, personal and financial information of over 180 million (all) its customers for about the last 7 months. PNB only woke up and fixed the vulnerability when CyberX9 discovered the vulnerability and notified PNB through CERT-In and NCIIPC,” CyberX9 founder and MD Himanshu Pathak told PTI.

He said CyberX9 research team discovered a critical security issue in PNB, leading to admin access to internal servers hence exposing a massive number of banks’ systems nationwide open for cyber-attacks for the last about seven months.

Pathak said that vulnerability was found in an exchange server interconnected with other exchanges and shares all access — including access to all email addresses, which results in access to all email addresses.

“The vulnerability which we discovered was leading to the highest level of admin privilege in PNB’s exchange servers. If you gain access to Domain Controller through an exchange server, the doors are easily open to make any computer accessible in the network.

“These computers even include those that are being used in their branches and other departments,” Pathak said.

When contacted, PNB said, the server in which the vulnerability was found had no sensitive or critical data.

“The server wherein the vulnerability was reported, was being used as one of the multiple Exchange Hybrid servers used to route emails from On-prim to Office 365 Cloud. There is no sensitive/critical data in this server,” PNB said.

PNB denied CyberX9 claim on the impact of the vulnerability on customer’s data.

“The server is in a separate VLAN segment and customer data/applications are not affected due to this. Vulnerability assessments and penetration testing is done periodically by external Cert-in empanelled Information Security Auditors and the observations are complied with.

Now this server has been shut down as a precautionary measure,” PNB said.

According to CyberX9, the vulnerability was mitigated on November 19, and it reported the incident to Indian cyber security watchdog Cert-In and National Critical Information Infrastructure Protection Centre (NCIIPC).

[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , ,

CyberX9, BFSI News, ET BFSI

Banking & Finance

[ad_1]

Read More/Less


A vulnerability in the server of Punjab National Bank allegedly exposed the personal and financial information of its about 180 million customers for about seven months, according to cyber security firm CyberX9. CyberX9 has claimed that the vulnerability provided access to the entire digital banking system of PNB with administrative control.

Meanwhile, the bank has confirmed about the glitch but denied any exposure of critical data due to the vulnerability.

PNB said “customer data/applications are not affected due to this” and “server has been shut down as a precautionary measure.”

“Punjab National Bank kept severely compromising the security of funds, personal and financial information of over 180 million (all) its customers for about the last 7 months. PNB only woke up and fixed the vulnerability when CyberX9 discovered the vulnerability and notified PNB through CERT-In and NCIIPC,” CyberX9 founder and MD Himanshu Pathak told PTI.

He said CyberX9 research team discovered a very critical security issue in PNB which was leading to admin access to internal servers hence exposing a massive number of banks’ systems nationwide open for cyber-attacks for the last about seven months.

Pathak said that vulnerability was found in an exchange server which is interconnected with other exchanges and shares all access — including access to all email addresses which results in access to all email addresses.

“The vulnerability which we discovered was leading to the highest level of admin privilege in PNB’s exchange servers. If you gain access to Domain Controller through an exchange server then the doors very easily open to make any computer accessible in the network.

“These computers even include those that are being used in their branches and other departments,” Pathak said.

When contacted, PNB said the server in which the vulnerability was found had no sensitive or critical data.

“The server wherein the vulnerability was reported, was being used as one of the multiple Exchange Hybrid servers used to route emails from On-prim to Office 365 Cloud. There is no sensitive/critical data in this server,” PNB said.

PNB denied CyberX9 claim on impact of the vulnerability on customer’s data.

“The server is in a separate VLAN segment and customer data/applications are not affected due to this. Vulnerability assessments and penetration testing is done periodically by external Cert-in empanelled Information Security Auditors and the observations are complied with.

Now this server has been shut down as a precautionary measure,” PNB said.

According to CyberX9, the vulnerability was mitigated on November 19, and it reported the incident to Indian cyber security watchdog Cert-In and National Critical Information Infrastructure Protection Centre (NCIIPC). PTI PRS DP DRR DRR



[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , ,