cyber Cyber Attack

Foxit

May 11, 2023 2 min read
Foxit

Netherlands-based Fox-IT, one of the world's leading IT security providers was targeted by the cyber attack after an unknown attacker carried out a Man-in-the-Middle (MitM) attack and spied on a small number of Fox-IT customers.

The company's domain name was taken over by an attacker, who then used it to sign up for an SSL certificate under Fox-name. IT's .

Fox-IT also moved rapidly to alert affected clients and reset passwords that had been captured but were useless due to the usage of two-factor authentication by Fox-IT.

The business added that the majority of the intercepted files did not include critical information, and none of the files were tagged as secret.

Source: https://www.bleepingcomputer.com/news/security/top-security-firm-admits-to-mitm-security-incident/

TPRM report: https://scoringcyber.rankiteo.com/company/foxit-corporation

"id": "fox215926223",
"linkid": "foxit-corporation",
"type": "Breach",
"date": "12/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Small number of Fox-IT '
                                              'customers',
                        'industry': 'IT Security',
                        'location': 'Netherlands',
                        'name': 'Fox-IT',
                        'type': 'IT security provider'}],
 'attack_vector': 'Domain name takeover and SSL certificate fraud',
 'data_breach': {'sensitivity_of_data': 'Majority of intercepted files did not '
                                        'include critical information, none '
                                        'tagged as secret',
                 'type_of_data_compromised': 'Intercepted files'},
 'description': "Netherlands-based Fox-IT, one of the world's leading IT "
                'security providers, was targeted by a cyber attack after an '
                'unknown attacker carried out a Man-in-the-Middle (MitM) '
                'attack and spied on a small number of Fox-IT customers. The '
                "company's domain name was taken over by an attacker, who then "
                "used it to sign up for an SSL certificate under Fox-IT's "
                'name. Fox-IT also moved rapidly to alert affected clients and '
                'reset passwords that had been captured but were useless due '
                'to the usage of two-factor authentication by Fox-IT. The '
                'business added that the majority of the intercepted files did '
                'not include critical information, and none of the files were '
                'tagged as secret.',
 'impact': {'data_compromised': 'Intercepted files'},
 'initial_access_broker': {'entry_point': 'Domain name takeover'},
 'motivation': 'Spying on Fox-IT customers',
 'response': {'communication_strategy': 'Alerted affected clients',
              'containment_measures': 'Alerted affected clients and reset '
                                      'passwords'},
 'threat_actor': 'Unknown attacker',
 'title': 'Man-in-the-Middle Attack on Fox-IT',
 'type': 'Man-in-the-Middle (MitM) attack'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.