Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

2/16/2016
10:00 AM
Dark Reading
Dark Reading
Products and Releases
100%
0%

buguroo bugThreats Uses Aggressive Hacker Countermeasures to Identify Compromised End Users, Stolen Data and the Cybercriminals Next Moves

Launch of comprehensive threat intelligence platform marks company's entrance into U.S. market

SAN FRANCISCO – Feb. 16, 2016—Against an onslaught of high profile data breaches, nation-state cyberthreats and flourishing cybercrime, one group of world-class cyber sleuths at ®buguroo— a U.S. startup and spinoff of Deloitte’s European Security Operations Center (SOC) — is taking the fight back to the threat actors themselves. Using aggressive techniques to hack the hackers like Dark Web data mining, malware back-tracing sandboxes and deceptive “take my endpoint, please” decoys, buguroo is taking aim at the very criminals behind the attacks, as well as the malware, botnet networks and command and control centers on which they rely.

To aid in the fight, buguroo is launching bugThreats, a comprehensive threat intelligence platform (TIP) that, in sharp contradistinction to other entrants in the nascent TIP market, looks outside the enterprise infrastructure and focuses purely on useful intelligence gathered where the compromised end users, and their stolen data, are.

“If you are a bank, an e-commerce provider or another high value target, your biggest problem is not the employees inside your hardened infrastructure. It is the millions of users outside of your control that are under attack,” said Pablo de la Riva Ferrezuelo, CTO and founder of buguroo.

buguroo aims to complement the existing IT security stack, not reinvent it. Focused on intelligence and not protection, the bugThreats vision is to strengthen existing tools by investigating beyond the infrastructure to gather and feed intelligence that helps protect the millions of home banking, social media and email end users — as well as off-hours employees — that are receiving massive attacks, from the whole world.

Not only does it detect and analyze threats to determine who and what they are after, bugThreats patrols the Dark Web, paste bins and other cybercrime haunts to find stolen credit cards, login credentials and identities and sends alerts back into the ITSEC protection infrastructure solutions to make them more effective.

“Whether an end user or partner client is compromised in their home, hotspot, hotel, Internet cafe, or wherever they are, bugThreats is designed to identify information for our clients’ customers that is exposed online and can be used to profile a company and orchestrate an attack. We provide a tool that can detect and isolate the attacks used to capture the data, analyze the new technique, trace the actors involved back to their source and discover what was stolen before it can be used for fraud,” said de la Riva Ferrezuelo.

The comprehensive bugThreats platform makes enterprise security operations analysts more effective and has already been proven in use in several large global infrastructures. The new bilingual English-Spanish bugThreats and the associated professional cybersecurity services are available immediately in the U.S., European and LATAM regions.

In addition to its extra-infrastructure focus, buguroo’s approach to the rapidly evolving cyberthreat intelligence market is unique and novel in many other ways:

  • Designed by ethical hackers and cybersecurity analysts, the platform automates their own best practices and provides a single tool for managing everything
  • Includes dozens of advanced technology solutions and techniques used to detect new threats and deliver intelligence on who and what they target, who the threat actors are, where the attacking botnets and C&C centers are, where the data is going and what data, such as login credentials or credit cards, was compromised so action can be taken to prevent fraud
  • Helps “hack the hackers” by delivering intelligence to penetrate the Dark Web cybercrime networks, botnets and C&C centers
  • Deploys easily and delivers time-to value; does not require any on-premise software or hardware; simply create a user ID on the buguroo cloud and an automatic intelligent infrastructure discovery capability starts getting the intelligence you need
  • Provides a cloud-based big data and proprietary analytics ecosystem that automatically stores, correlates and analyzes all of the intelligence, searchable from a global suite and accessible from anywhere in the world

Although a startup in the U.S., buguroo is building on its five-year history in Europe and its proven technology and security operations experience. Originally, the company was a stand-alone unit in Deloitte Spain, and the buguroo team of ethical hackers and cybersecurity analysts worked alongside experts from Deloitte Spain to manage the Deloitte Security Operations Center (SOC) for Europe. In 2015, the 50-employee company was spun off as buguroo and closed a $3.34 million round of angel financing to expand its business internationally and accelerate development of its product roadmap.

Separately today, buguroo announced its bugFraud Defense next-generation online fraud detection solution that provides real-time protection of websites from hijacked sessions using man-in-the-browser or man-in-the-middle attacks. It also announced its application security solutions, bugScout and bugBlast that, among other distinctions, include a modern architecture designed for the cloud that enables full modeling of today’s very large applications in memory, a capability not available from current appsec providers that industry analysts have cited as a security weakness.

buguroo also provides technical services from its highly qualified team of professional security auditors to help clients with malware analysis and remediation, forensics, impact analysis, Dark Web data recovery, botnet takedowns and other advanced techniques.

More information on the bugThreats comprehensive threat intelligence platform is available online or by emailing [email protected].

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30477
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to send messages to private streams that the user was not intended to be able to send messages to.
CVE-2021-30478
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to send messages appearing as if sent by a system bot, including to other organizations hosted by the sa...
CVE-2021-30479
PUBLISHED: 2021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization.
CVE-2021-30487
PUBLISHED: 2021-04-15
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
CVE-2020-36288
PUBLISHED: 2021-04-15
The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused ...