Latest news with #NordStellar
Business Upturn
01-08-2025
- Business
- Business Upturn
NordStellar achieves SOC 2 Type II compliance, demonstrating its commitment to security
NEW YORK, Aug. 01, 2025 (GLOBE NEWSWIRE) — The next-generation threat management platform NordStellar has announced that it achieved System and Organization Controls (SOC) 2 Type II compliance. It's the third and final product of the Nord Security Business Suite to have successfully concluded this audit. NordStellar enables businesses to detect and respond to cyber threats before they escalate, empowering them to stay ahead of threat actors. It was launched in 2024 and is the newest addition to the Nord Security Business Suite, alongside NordLayer , the toggle-ready platform for business, and NordPass , a password manager. Both are SOC 2 Type II compliant. 'Last year NordStellar achieved SOC 2 Type I compliance, and we're thrilled that our constant efforts and product development have allowed us to complete the SOC 2 Type II audit successfully. Security is our greatest priority, and we are on a mission to deliver a high-quality and trustworthy product to our customers. We dedicate ourselves to continuously advancing our standard of excellence, maintaining transparency and reliability at every step', says Vakaris Noreika, head of product at NordStellar. SOC 2 is a security framework developed by the American Institute of Certified Public Accountants (AICPA) to ensure service providers securely manage customer data. SOC 2 compliance is achieved by undergoing independent audits assessing data management based on five criteria: security, availability, processing integrity, confidentiality, and privacy. All three Nord Security Business Suite products passed the SOC 2 Type II audit with no exceptions. ABOUT NORDSTELLAR NordStellar is a next-generation threat exposure management platform that enables companies to detect and respond to cyber threats before they escalate. NordStellar offers visibility into how threat actors work and what they do with compromised data. NordStellar was created by Nord Security, a globally recognized company behind one of the world's most popular digital privacy tools, NordVPN. For more information, visit . Contact details:Inga Vaitkeviciute [email protected]
Forbes
16-05-2025
- Forbes
Millions Of Stolen Passwords Available To Hackers For Just $81 A Week
If you thought the sheer number of stolen passwords that have been published on dark web criminal marketplaces was shocking, and when 19 billion is the figure in question, that's understandable, then wait until you find out how little it costs for cybercriminals to access them and carry out potentially significant money-making attacks. There are many ways that passwords can be compromised, some more convoluted than others. While the risk from a Microsoft Copilot for Sharepoint password access exploit ranks pretty low, phishing attacks even highly-targeted ones against Gmail accounts, for example, more so. The biggest stolen passwords risk is posed by infostealer malware including Lumma Stealer which can then be packaged into so-called combo lists. It is these lists, or more specifically, the infostealer logs that are used to compile them, that have become something of a valuable currency in the shady world of the cybercrime actors who inhabit the dark web and various other dodgy forums and marketplaces. Vakaris Noreika, a cybersecurity expert at threat exposure platform NordStellar, has revealed that a cyberattack employing stolen passwords can cost remarkably little: how does $81 a week grab you? With IBM having reported that the average cost of a data breach to organisations in 2024 was a staggering $4.88 million, it seems almost ludicrous that cybercriminals can do so much damage to a business for such a small investment. But here we are. Infostealers don't just steal passwords; they will look for any useful data they can grab, including two-factor authentication session cookies to enable 2FA bypass attacks and credit card information. "Usually, their attacks are random, but in some instances, cybercriminals can also use infostealers for targeted strikes,' Noreika said. Whatever, one fact remains inescapable: infostealer logs are sold pretty much anywhere you will find cybercriminals. That means the dark web, of course, but also Telegram channels. "Dark web users can purchase stealer logs by subscribing to a private channel,' Noreika explained, adding that a weekly subscription to infostealer log updates averages out at $81, or you can get a monthly deal for $200. There are as many mitigations to the infostealer threats as there are criminals out there collecting stolen passwords by using them, but my personal favourite is as simple as it is effective: stop using passwords. I know that sounds like silly advice, but nonetheless, I'm offering it. Don't use passwords, switch up to passkeys wherever they are available and stop the infostealer threat dead in its tracks. You're welcome.
