Cloudbric provides free website security for everyone. Cloudbric aims to bring mainstream enterprise level website security to small and medium businesses. Cloubric’s blog aims to provide readers with the latest company news and trending infosec topics.
Until now, threat intelligence has been highly privatized meaning security vendors are continuously collecting vast amounts of emerging cyber threat information but are not making it accessible for public use.
Instead, vendors typically use it for their own personal gain as we discuss in dept in our whitepaper.
With the launch of Threat DB, users have access to our threat information (hacker wallet addresses, phishing URL, blacklisted IPs) without restrictions.
We aim to develop Threat DB into one of the largest decentralized global databases of cyber threat information and will be made transparent for public use.
However, it’s not just for end users to benefit.
Developers or companies interested in using the data from Threat DB can do so through our API, which is set to be available at a later release date.
Now here’s where the fun part begins!
Users have the opportunity to get compensated in the form of cryptocurrency simply by adding valuable threat information to the database (to be verified by Cloudbric’s team of security experts).
In the future, existing Cloudbric users will also have the opportunity to be rewarded simply by submitting their logs following a hacking episode.
With the CLB Reward System, anyone can earn by signing up and contributing to Threat DB.
Although Threat DB only offers a collection of hacker fraud addresses, phishing URLs and blacklisted IPs for viewing and contributing at its beta stage, we strive to continuously expand our service and add more threat data in the future.
Head over now to Cloudbric Labs on April 29 to begin exploring our database which holds over 10,000+ threat data or begin contributing.
More details about the contribution and rewards process will be available on the Cloudbric Labs page.
To reiterate, VISION will be integrated into our existing detection system in order to amplify the accuracy of cyber threat identification by blocking incoming threats.
One of the biggest challenges for cloud-based WAF vendors is the ability to accurately block malicious without the need to later whitelist or blacklist traffic that was mistakenly identified and blocked or allow actual malicious traffic to seep through the cracks.
When using a WAF we want to avoid both these false positives and false negatives.
Luckily for us, AI can directly address this challenge as its predictive analysis capabilities can be applied to web traffic.
Cloudbric’s WAF is recognized in the industry for its high accuracy rate, and the addition of AI capabilities will allow our filtering system to more intelligently block attacks.
Current users will now be able to inspect their own web traffic and identify behavior anomalies and in turn help VISION learn characteristics of web attacks to improve our filtering system (and subsequently reduce false positives and false negatives).
VISION will learn the traffic characteristics of each user website to execute detection and prevention tailored to each website. In other words, it will predict and recognize various attack patterns that may act as potential risks to individual user websites.
Ready to see it in action?
More on how to do this can be found directly on your dashboard!
Within the second quarter, we have plans to offer this feature via its recently launched console app so be on the lookout for that as well.
The AWS Partner Network (APN) is a global partner program composed of cloud software and service vendors that have earned endorsement from AWS after meeting several important criteria.
With the cloud computing market estimated to be worth 272 billion USD worldwide, cloud computing has made it easy to access applications and data from virtually anywhere, without compromising scalability or security.
Cloudbric’s partnership with AWS has armed us with additional tools and resources from Amazon enabling us to differentiate our solution for AWS customers with improved functionality and cloud security service offerings.
As a Technology Partner, Cloudbric is made-ready for the cloud environment.
Not only that, but as Cloudbric expands into the blockchain business (by currently providing web security services to numerous crypto exchanges and other wallet platforms), we realize cloud infrastructure is more important than ever.
It’s why Cloudbric has announced it has delved into the operation of blockchain wallet nodes.
As a result, Cloudbric aims to secure the operation and building of blockchain nodes in its existing data centers and servers around the world.
Until now Cloudbric has been able to provide cloud-based security services around the world, and this know-how in cloud infrastructure has led to the signing of blockchain node operation contracts and is expected to draw the attention of companies that operate blockchain wallets.
Cloudbric Console App is now out and available for Android and iOS.
When we ask our users what they most like about Cloudbric’s services, our intuitive interface dashboard and functionality of our console are usually top picks.
We make it easy for users to simply login and view their security status without complications, as Cloudbric protection runs in the background.
Now, with the release of our first ever mobile application, it’s become even easier to access Cloudbric’s services and for users to monitor their websites via their smartphones.
Cloudbric’s new service console app was developed with the goal of providing users greater control and visibility while on the go, allowing users to receive updates via push notifications anytime and anywhere.
With its simple user interface, users can access their information and site settings as well track their traffic usage and check on the progress of their site registration just as they would on their PCs.
Users can instantly get notifications of attacks to their sites and receive push alarms when their website or websites reach the 80% and 100% traffic limit, enabling quick response.
Typically, administrators, developers, or IT personnel can only monitor web attacks or resolve certain issues, such as blacklisting and whitelisting IPs, via their dashboard on the web. Now, the console app will allow IT personnel to resolve these issues and do everything administratively via the dashboard on mobile.
So whether you’re managing one site or twenty sites, the new console app will make viewing your security status easy.
But it doesn’t end there – Cloudbric’s development team is currently building a drop menu for integrating deep learning security (available in Q2).
A step further in bringing blockchain and security together, Cloudbric will also roll out a crypto wallet that will serve as an add-on for users who own CLB or any other crypto to safely store, transfer, and manage it.
Cloudbric’s console service app is now available for download on Google Play and the App Store.
Google Play and the Google Play logo are trademarks of Google LLC.
Apple, the Apple logo, iPhone, and iPad are trademarks of Apple Inc., registered in the U.S. and other countries and regions. App Store is a service mark of Apple Inc.
There’s a general consensus in the crypto industry that blockchain cannot be hacked. This is because blockchain transactions listed on the distributed ledgers are immutable meaning they cannot be erased, changed or configured.
The distributed general system also has accountability in place so that all transactions distributed across each node must be the same in order to achieve consensus.
The blockchain so far have proven to be impossible to hack, but organizations are using blockchain in ways that involve elements outside the blockchain itself, such as crypto wallets.
Because these elements exist outside the scope of the blockchain, they are susceptible to common web vulnerabilities, hackings, and other human errors. Therefore, if a transaction is handled improperly, it can be unintentionally listed as an official transaction.
For example, tokens stored in a wallet or an exchange whose website isn’t secure can lead to hacking episode and ultimately the withdrawal of tokens, which will be recorded on the distributed ledgers as valid transactions when they are not.
So what are companies and users left to do in protecting crypto assets?
While blockchain technology offers interesting security alternatives to cybersecurity in general, that does not mean traditional cybersecurity solutions and other cyber practices are obsolete in protecting against attacks that ultimately target cryptocurrency.
Check out our tips in protecting against some of the most common cyber hacks in the crypto world.
Wallets don’t actually contain any crypto; instead they hold a private key, which is needed to access, withdraw, or trade it. Wallets are not protected by the same technology that makes blockchain essentially “unhackable.”
The same goes for crypto exchanges which is why we advise users to avoid holding significant amounts of coins on any exchange. Wallets and exchanges are also vulnerable to web attacks such as SQL injection and Cross-Site Scripting (XSS) attacks.
Hackers, for example, can launch SQL attacks to exploit a vulnerability in data input forms by inputting a malicious code into the login pages of a website or web app, thus revealing sensitive data like the private keys of wallets.
XSS attacks can be used by hackers to intercept information including login details between a client and server by executing a malicious code.
While these attacks can easily be thwarted off with a WAF, which monitors web traffic at the web application layer in the background and blocks malicious agents automatically, there are other ways end users can protect themselves.
As an end user, we highly recommend you to utilize “cold” wallets such as a ledger so that your private keys are stored offline unlike “hot” wallets which are always connected to the internet and are prone to hacking.
We also recommend users to write down their private keys in a safe location since anyone that gets hold of your mnemonic phrases can access your wallets.
Wallet addresses contain a long string of both numbers and letters (up to 21 characters) and are difficult to memorize. When users want to transfer funds to another wallet, most opt to copy and paste wallet addresses, but this shortcut creates an opportunity for certain malware to exploit it.
Though not entirely new in its execution, a trojan has been discovered that monitors over 2.3 million different crypto addresses and works by exploiting the clipboard function. It replaces the intended recipient wallet address with that of the attacker’s.
A similar malicious software called CryptoShuffler follows this trend and is known to also manipulate wallet addresses.
Unfortunately, these actions often go unnoticed by users, which puts them at risk when transferring funds. To protect against such malware, it’s important for users to keep their antivirus software and operating systems up to date, perform regular malware scans, and avoid installing untrusted software.
We also recommend users to always double check the intended recipient address prior to transferring any funds. A good tip is checking the first and last characters to see if they match the rightful wallet address.
Smart contracts are commonly used to facilitate and conduct credible transactions on the blockchain without intermediaries.
Because they are directly tied to these transactions, they can hold massive amounts of digital currencies, making them a lucrative target for hackers.
Error codes or bugs in the smart contract can result in crypto being frozen or stolen by hackers.
Utilizing external auditors can help to inspect the code for any vulnerabilities. For organizations, we recommend finding reputable auditors who have a track record in protecting against such attacks or errors.
Fake Apps and Classic Phishing
Phishing takes all kinds of forms in the crypto world. Most phishing scams aim to either steal credentials to access wallets or trick users into sending crypto directly to addresses of scammers or hackers.
The ways in which hackers “phish” for new victims are many.
This includes hackers cloning websites that mimic legitimate exchange sites or malicious crypto apps to steal personal information including wallet credentials.
There are also bots that notify users about issues with their crypto but are actually malicious and used to steal crypto, and not to mention the usage of Telegram to pose as ICO team members and then asking users to invest and send crypo to fraudulent addresses.
Another rising trend among scammers is figuring out how to bypass 2FA by duping telecom companies into sending verification codes to the phone numbers of scammers. This grants them access to authentication on crypto accounts and exchanges.
These types of social engineering tactics are highly prevalent. Taking extra precaution while whether it’s discussing, investing, or transferring crypto is absolutely necessary as anyone can fall victim to classic phishing scams.
Unlike banks which offer standard protections and insurances for customers, the blockchain cannot offer the same luxury to crypto holders.
Elements outside the blockchain make it difficult for companies and users using blockchain to remain entirely protected. Protecting these elements, namely crypto wallets and exchanges, is one of the biggest challenges in blockchain security .
A proper cyber defense strategy will seek to incorporate traditional solutions like using antivirus software and running malware scans, but it’s also equally important to use common sense when dealing with anything crypto.
Cloudbric is pleased to announce it has recently signed an MOU with Bitberry, an easy and safe crypto wallet run by RootOne.
As a subsidiary of Dunamu, the main company behind Korea’s largest cryptocurrency exchange Upbit, RootOne developed the Bitberry mobile app wallet to safeguard the crypto assets of users and to make it easy for users to send payments through phone numbers or email without any need to store private keys.
Currently, Bitberry has over 30 cryptocurrencies (more coming soon) available to store and send on its mobile app. Most recently, the global version has been released with both Android and iOS versions are available for download.
Working with reputable companies is critical for Cloudbric in growing its service. Through this partnership, Cloudbric will work with Bitberry in interchanging cyber threat data, specifically fraudulent wallet addresses for Cloudbric’s soon to launch Threat Database.
Cloudbric aims to use this cyber threat intelligence for the development of its security platform and crypto asset protection service. Additionally, we will work together to create a safer crypto wallet service and will make the CLB token available through Bitberry’s platform in the future, enabling the payment of services with CLB.
Already Cloudbric provided security to various crypto exchanges and wallet services. As we move forward, the team will continue working in the blockchain security field.
On March 4, Cyber Defense Magazine announced the winners of 7th Annual Coveted Information Security Awards during the RSA Conference 2019. Cloudbric was selected as a recipient of the Hot Company selection for Website Security.
Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine has spent the past six months scouring the globe and found nearly 3,000 companies who create and offer the most respected information security products and services.
Cloudbric was honored for their Website Security, which boasts an award-winning WAF, DDoS Protection, and SSL as a full service package for small and medium-sized businesses who are looking for a more proactive solution to emerging cyber threats.
“We’re thrilled to have won the Hot Company award from Cyber Defense Magazine as a recognition of our website security services. Cloudbric aims to proudly emerge as a household name within the website security industry and hope to lead the way for SMB security,” said TJ Jung, Chief Executive Officer of Cloudbric.
“While nation state exploitation, Cybercrime, Hacktivism, Cyberespionage, Ransomware and malware exploits are all on the rise, Cloudbric has won the Hot Company Website Security InfoSec Award from our magazine. They won after we reviewed nearly 3,000 infosec companies, globally, because they are an innovator on a mission to help stop breaches and get one step ahead of these threats, proactively,” said Gary S. Miliefsky, Publisher, Cyber Defense Magazine.
This is Cyber Defense Magazine’s seventh year of honoring InfoSec innovators. Submission requirements are for any startup, early stage, later stage or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service. Learn more at www.cyberdefenseawards.com.
About the Judging
The judges are CISSP, FMDHS, CEH, certified security professionals who voted based on their independent review of the company submitted materials on the website of each submission including but not limited to data sheets, white papers, product literature and other market variables. CDM has a flexible philosophy to find more innovative players with new and unique technologies, than the one with the most customers or money in the bank. CDM is always asking “What’s Next?” when looking for Next Generation InfoSec Solutions.
About Cyber Defense Magazine
With over 1.4 Million annual readers and growing, and over 7,000 pages of searchable online infosec content, Cyber Defense Magazine is the premier source of IT Security information. They are managed and published by and for ethical, honest, passionate information security professionals. Their mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free, and limited print editions exclusively for the RSA conferences and paid subscribers. CDM is a proud member of the Cyber Defense Media Group. Learn more at www.cyberdefensemagazine.com and visit www.cyberdefensetv.com and www.cyberdefenseradio.com to see and hear some of the most informative interviews of many of these winning company executives.
Cloudbric is pleased to announce our Official Cloudbric Ambassador Program!
Maybe you’re new to the community or perhaps you were unable to participate in our airdrops and bounty programs previously — whatever the case may be, now is your chance to earn rewards with us.
Participating in the Official Cloudbric Ambassador Program is easy:
How to Participate
✔ Step 1: Follow us on social media and get verified by our team
Subscribe to Cloudbric’s main social media channels (i.e. Reddit, Telegram Community, Facebook, LinkedIn, and Twitter). Let us know your handle in each of our community channels for verification through this Google Form. Individuals can check their approval here.
By joining the program, you are agreeing to subscribe to our newsletter. Opting out may disqualify you from the program. Please make sure your email is valid and that you have not accidentally marked incoming emails from or firstname.lastname@example.org or email@example.com as spam.
✔ Step 2: Participate in discussions
Provide insightful questions, comments, help for other users, etc. that lead to additional sharing/discussion (comments or posts in our communities does not have to be directly Cloudbric related, but must be relevant within the cybersecurity or blockchain space). Submit our social activities through this Google Form.
✔ Step 3: Receive rewards
If your posts or comments receive additional shares or follow up comments, you are eligible to receive prizes and giveaways including CLB airdrops, Starbucks/Amazon gift cards, free WAF servicing, and more.
Referrals – You can also invite friends to join our channels. They MUST satisfy the same requirements (Steps 1-3) for you to potentially receive double the rewards (2x CLB airdrops, larger gift card giveaways, longer WAF servicing, etc.). Referrals can be added through the same Google Form.
Guidelines & Rules
To avoid disqualification from the program, please read through the guidelines and rules carefully.
– Users who have submitted their social media handles and have been verified/approved can begin their duties as an Official Cloudbric Ambassador.
– Engagements will be treated equally across the different social media platforms (i.e. Reddit, Telegram Community, Facebook, LinkedIn, and Twitter). So, if you don’t have a Twitter account for example, you’re not at a disadvantage!
– We reserve the right to remove anyone from the campaign at any time from suspected dishonesty or spamming.
– Anyone discussing issues regarding race, gender, politics, or other irrelevant topics can be permanently banned from the campaign.
– Guidelines are subject to change at any time.
Users are not limited to the number of engagements per week, however, users will be asked to submit the URL links of their social activities. You can submit up to five social activities per week. If you submit more than five, only five will be reviewed by our team. If you’re submitting for Telegram, please submit your Telegram username in lieu of a an URL.
Posts should avoid using generic tones (e.g. “well done,” “nice work,” “interesting work,” etc.). Only engaging content will be reviewed and only legitimate comments/questions/referrals will be legible for rewards..
Yes, as long as the required points are met. We will ask participants to choose a reward of their choice.
4) How do you redeem prizes?
As specified in the guidelines, users will receive their awards twice bi-quarterly basis, depending on the number of overall participants. Cloudbric will request further information (for example, recipient email address for gift cards, ETH address for receiving CLB) if needed.
5) Is there a limit on the number of referrals?
There is not limit at the moment but rules and other are guidelines are subject to change. Please note that simply adding referrals does not guarantee you the specified points. Referrals must fulfill Steps 1-3 and therefore must participate in discussions to be eligible for rewards.
We previously outlined our progress and goals for 2019 with Cloudbric community. Suffice to say, the Cloudbric team is busy focusing on a variety of efforts specifically with regards to product development, sales and marketing, and overall business expansion for our current cloud-based security services.
We’ve updated our roadmap to reflect progress so far and for what lies ahead in terms of product development and marketing activities. Take a look below!
As shown, Cloudbric’s upcoming console application (70% complete) and Threat Database for threat information sharing (40% complete) will be released within the first quarter and our cryptocurrency wallet (60% complete) will be released within the second quarter.
With the initial service of the universal security platform expected to launch within the fourth quarter of this year, we’re aiming to build momentum for the CLB token by launching variety of marketing strategies including an Official Cloudbric Ambassador Program and other events throughout the year.