Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:25 PM
Dark Reading
Dark Reading
Products and Releases

Ntrepid Strives to Protect OPM Breach Victims from Further Harm

Passages Provides Complete Protection From Web-based Attacks, Isolating All Browsing Activity From the User's Computer

HERNDON, VA – February 3, 2016 – Ntrepid Corporation, a provider of cutting-edge cyber security solutions, today announced its intention to provide the victims of the Office of Personnel Management (OPM) breach with free access to its upcoming consumer version of Passages, a secure virtual browser for the enterprise. The breach of highly accurate data on seven percent of the U.S. population, particularly those working within our national security programs, requires extraordinary efforts to quickly extend the security perimeter to account for the victims’ web presence, wherever they are. This data breach elevates the Internet browser to the greatest vulnerability the victims now face. Credit reporting services do not protect the victims from phishing and watering hole attacks or infection from hostile zero-day malware loaded during a browsing session. By offering victims access to Passages Consumer, those who suffered from the greatest loss of personal data in history are protected from further targeted collection, manipulation and disruption. Ntrepid will accelerate access to Passages by making its Release Candidate widely available as soon as possible. Free use of Passages Consumer will extend for a year after general availability is declared later this year. 

Passages is a secure, virtual browser that protects users from targeted cyber social engineering attacks and allows them to navigate and browse the Internet without concern of picking up malware. Using Passages as the default method for Internet browsing, assures that when a user clicks a bad link or is targeted with a web attack, they will be protected. Passages isolates the web session allowing the user the ability to be on the web, watch and download videos, music, and files of all types, as well as print without compromising their machine. Passages further enhances the safety of victims and their families by protecting the identity of the user; significantly reducing the ability of adversaries to conduct targeted social engineering attacks – all while providing the complete functionality that users expect from a traditional web browser. Our focus is making all of this work in a secure, affordable package that provides a great user experience without the need for special training.

OPM issued guidance containing eight warnings about the types of likely future attacks in September 2015. Given the personal nature of the information stolen, these potential attacks will likely take place outside the traditional security perimeter the government provides on its premises. Unfortunately, the scenarios outlined are just the tip of the iceberg – the personal aspects of this information give it an unlimited shelf life. Now that this information is out there, attackers can patiently gather more information before taking any action; whether that is against current government employees or future generations of workers and their families. The most effective way victims can protect themselves outside of work is through the use of a secure virtual browser.

“The potential for what can be done using this information is significant, and as a victim and employer of victims affected by this breach I take this personally,” explained Richard Helms, Founder and Chief Executive at Ntrepid. “Passages will allow victims to maintain their normal lives without fear that their web usage will put them at further risk; despite the fact that their personally identifiable information has already been compromised. Once the full scope of the breach became public we expedited the development of Passages. In October 2015 we began engaging potential partners in government and the private sector to address this important vulnerability in a secure, efficient manner. We know we have a great solution that we can deliver in a manner that does not create yet another vulnerability.”

Beginning on February 29th Ntrepid will host a 60-day sign up period for victims of the OPM breach to register for Passages. This preregistration will assist Ntrepid in scoping the task of deployment. While the signup can be done online, breach victims can register in person and get a hands-on demonstration of Passages during RSA 2016 being held at the Moscone Center, San Francisco February 29 – March 4. For more information on how Passages can help OPM breach victims from further web-based attacks and for updates on availability, please visit: www.GetPassages.com/Breach.

About Passages

Passages provides a secure virtual browser that protects the enterprise from all web-based attacks, including web-delivered malware, watering hole attacks, spear phishing, passive information leakage, and drive-by downloads. Passages isolates all browsing activity from the local computer and network, allowing users to access any website and follow any link without risk to the company’s infrastructure or data. Additionally, Passages hides user identity and corporate affiliation, significantly reducing the ability of adversaries to conduct targeted social engineering attacks.

Leveraging Ntrepid Corporation’s platform and 15-year history of protecting the national security community from the world’s most sophisticated opponents, Passages allows organizations to implement security at the speed of business. From corporate identity management to secure browsing, Ntrepid products empower enterprise online research and data collection, eliminating threats to an online workforce. More information can be found at: www.NtrepidCorp.com.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...