blogs

Ridge Security and IshanTech Host Technology Summit in Malaysia

Ridge Security, cutting-edge pen-testing solution provider and IshanTech, a Value-Added Distributor (VAD) host a Technology Summit at the Hilton, in Kuala Lumpur, Malaysia. Ridge and IshanTech, who announced a strategic distribution agreement last year, will deliver two sessions, one catered to Partners, and one delivered to customers and practitioners.

The Summit will cover the latest in the RidgeSecurity solution portfolio that is delivered to the Malaysian market through IshanTech. RidgeSecurity delivers on hyperautomation through its flagship product, RidgeBot™, the most comprehensive, automated security validation tool covering network, host, and web applications. Partners and customers alike will have an opportunity to engage and learn about trends and solutions first-hand from subject matter experts, as well get the latest on product and solutions, along with live demos.

“Cybersecurity today is more complex than ever. Organizations – small and large – are looking for best practices as well as trusted solutions that will harden and secure their critical assets,” says Rames Bala, at Ishatech, “We are hosting a Summit to give our Partners and Customers an opportunity to engage with our subject matter experts, learn more out about solutions, as well as provide a forum for discussion and engagement.”

RidgeBot, the first robot in the industry for security validation, is:

  • Powered by AI Engine & Expert Knowledge
  • Affordable and 100X faster than traditional pen-testing
  • Deployed on-premises or as-a-service through managed service providers

About Ridge Security Technology

Ridge Security delivers ethical, efficient, and affordable pen testing solutions to enterprises, small and large. We ensure our customers stay compliant, alerted, and secure at all times in the cyber world. The management team has many years of networking and security experience. Ridge Security is in the heart of Silicon Valley and is expanding into other areas including Latin America, Asia, and Europe.

About IshanTech

Established in 2008, and headquartered in Petaling Jaya, Malaysia, IshanTechprovides superior solutions and services, both in the domestic and international sectors. IshanTech brings a fresh and innovative approach to solutions and services, acting as liaison between the end-user and the software provider.

IshanTech has leveraged extensive experience to acquire, distribute, integrate and implement a comprehensive range of solutions to empower the ICT aspect of business operations. By using these solutions, organizations of all sizes can reduce costs, improve performance, and gain the ability to respond to changing business needs. IshanTech delivers Enterprise ICT Security Solutions and Professional Services to support their customers’ needs for tomorrow.

Back To News
Things you should do to defend against wild hackers in 2022

According to IBM’s Cost of a Data Breach Report, the average total cost of a data breach increased approximately 10% between 2020 and 2021, “the largest single year cost increase in the last seven years.” The study points to several factors that helped mitigate the average cost of a breach – including implementing a zero-trust approach and automation — as well as factors that accelerated breaches – including system compliance failures and compromised credentials.

These key findings in the report help organizations better understand the anatomy of a breach and all the factors that weigh in. But what can organizations do to defend their critical infrastructure and confidential assets against the factors that contribute to the accelerating breaches?

Recently, in a topical Dark Reading article, Hackers Went Wild in 2021, the author identifies five practical steps that companies can take to defend their critical infrastructure. One of these steps is migration to automated vulnerability management.

We agree. Given the jaw-dropping stats, today’s IT teams can’t afford not to automate and deploy a risk-based vulnerability management system. Pen-testing has come a long way from its traditional ethical hacking beginnings, but not all pen-testing tools are the same. A proper automated vulnerability management system must deliver an actional report that provides zero-false positives. It must have the capacity to keep up with all technology and threat intelligence changes, running on a powerful AI/ML platform. It must augment and help security professionals in delivering more frequent and targeted pen-testing. RidgeBot delivers on all these fronts, and more.

Cybersecurity is an urgent issue for all companies, large and small. And no matter the size of your organization, RidgeBot is built for enterprise environments. Request a demo today or if you’re planning on attending RSAC later this summer, stop by our booth at Moscone.

Back To News
ESET Research warns Malaysian bank customers about three malicious Android apps targeting their money
  • ESET researchers have analyzed three malicious Android applications targeting customers of eight Malaysian banks.
  • In this ongoing campaign (begun in late 2021), attackers set up fake but legitimate-looking websites. The websites entice shoppers into downloading malicious applications.
  • The threat actors use these fake e-shop applications to phish for banking credentials. The apps also forward all SMS messages received by the victim to the malware operators in case they contain 2FA codes sent by the bank.
  • Currently, the campaign targets Malaysia exclusively but it might expand to other countries and banks later on. Moreover, the attackers may also enable the theft of credit card information in the malicious apps in the future

BRATISLAVA, KOŠICE — April 6, 2022 — ESET researchers have analyzed three malicious Android applications targeting customers of eight Malaysian banks. To make a profit off customers who have increasingly turned to online shopping during the pandemic, cybercriminals are tricking these eager shoppers into downloading malicious applications. In an ongoing campaign, the threat actors are trying to steal banking credentials by using fake websites that pose as legitimate services, sometimes outright copying the original. These websites use similar domain names to the services they are impersonating.

“To make the already couch-friendly approach of online shopping even more convenient, people are increasingly using their smartphones to shop. Smartphone purchases make up the majority of online shopping orders – most of them from vendor-specific applications,” says ESET researcher Lukáš Štefanko, who analyzed the malicious applications.

This campaign was first reported at the end of 2021, with the attackers impersonating the legitimate cleaning service Maid4u. Distributed through Facebook ads, the campaign tempted potential victims to download Android malware from a malicious website. In January 2022, MalwareHunterTeam identified three more malicious websites and Android trojans attributed to this campaign. Recently, ESET researchers found four additional fake websites. All seven websites impersonated services that are only available in Malaysia.

The copycat websites do not provide an option to shop directly through them. Instead, they include buttons that claim to download apps from Google Play. However, clicking these buttons does not actually lead to the Google Play store, but to servers under the threat actors’ control. To succeed, this attack requires the intended victims to enable the non-default “Install unknown apps” option on their devices.  When the time comes to pay for the order, the victims are presented with payment options – they can pay either by credit card or by transferring the required amount from their bank accounts. At the time this research was active, it was not possible to select the credit card payment option.

After picking the direct transfer option, victims are presented a fake FPX payment page and asked to choose their bank out of the eight Malaysian banks provided, and then enter their credentials. The targeted banks are Maybank, Affin Bank, Public Bank Berhad, CIMB bank, BSN, RHB, Bank Islam Malaysia, and Hong Leong Bank. After the victims submit their banking credentials, they receive an error message informing them that the user ID or password they provided was invalid. At this point, the entered credentials have been sent to the malware operators. To make sure the threat actors can get into their victims’ bank accounts, the fake e-shop applications also forward all SMS messages received by the victim to the operators in case they contain Two-Factor Authentication (2FA) codes sent by the bank.

“While the campaign targets Malaysia exclusively for now, it might expand to other countries and banks later on. At this time, the attackers are after banking credentials, but they may also enable the theft of credit card information in the future,” adds Štefanko.

ESET Research has found the same malicious code in all three analyzed applications, leading us to conclude that they can all be attributed to the same threat actor.

To protect yourself against this type of threat, first, try to ensure that you are using legitimate websites to shop:

  • Verify if the website is secure, i.e., its URL begins with . Some browsers might even refuse to open non-HTTPS websites and explicitly warn users or provide an option to enable HTTPS-only mode.
  • Be wary of clicking on ads and paid search engine results
  • Pay attention to the source of applications you are downloading. Make sure that you are actually redirected to the Google Play store.
  • Use software or hardware 2FA instead of SMS when possible and use mobile security solutions.

For more information, check out the blogpost “Fake e-shops on the prowl for banking credentials using Android malware” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services to protect businesses, critical infrastructure and consumers worldwide from increasingly sophisticated digital threats. From endpoint and mobile security to endpoint detection and response, as well as encryption and multifactor authentication, ESET’s high-performing, easy-to-use solutions unobtrusively protect and monitor 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company that enables the safe use of technology. This is backed by ESET’s R&D centers worldwide, working in support of our shared future. For more information, visit www.eset.com or follow us on LinkedIn, Facebook, and Twitter.

  • ESET researchers have analyzed three malicious Android applications targeting customers of eight Malaysian banks.
  • In this ongoing campaign (begun in late 2021), attackers set up fake but legitimate-looking websites. The websites entice shoppers into downloading malicious applications.
  • The threat actors use these fake e-shop applications to phish for banking credentials. The apps also forward all SMS messages received by the victim to the malware operators in case they contain 2FA codes sent by the bank.
  • Currently, the campaign targets Malaysia exclusively but it might expand to other countries and banks later on. Moreover, the attackers may also enable the theft of credit card information in the malicious apps in the future

BRATISLAVA, KOŠICE — April 6, 2022 — ESET researchers have analyzed three malicious Android applications targeting customers of eight Malaysian banks. To make a profit off customers who have increasingly turned to online shopping during the pandemic, cybercriminals are tricking these eager shoppers into downloading malicious applications. In an ongoing campaign, the threat actors are trying to steal banking credentials by using fake websites that pose as legitimate services, sometimes outright copying the original. These websites use similar domain names to the services they are impersonating.

“To make the already couch-friendly approach of online shopping even more convenient, people are increasingly using their smartphones to shop. Smartphone purchases make up the majority of online shopping orders – most of them from vendor-specific applications,” says ESET researcher Lukáš Štefanko, who analyzed the malicious applications.

This campaign was first reported at the end of 2021, with the attackers impersonating the legitimate cleaning service Maid4u. Distributed through Facebook ads, the campaign tempted potential victims to download Android malware from a malicious website. In January 2022, MalwareHunterTeam identified three more malicious websites and Android trojans attributed to this campaign. Recently, ESET researchers found four additional fake websites. All seven websites impersonated services that are only available in Malaysia.

The copycat websites do not provide an option to shop directly through them. Instead, they include buttons that claim to download apps from Google Play. However, clicking these buttons does not actually lead to the Google Play store, but to servers under the threat actors’ control. To succeed, this attack requires the intended victims to enable the non-default “Install unknown apps” option on their devices.  When the time comes to pay for the order, the victims are presented with payment options – they can pay either by credit card or by transferring the required amount from their bank accounts. At the time this research was active, it was not possible to select the credit card payment option.

After picking the direct transfer option, victims are presented a fake FPX payment page and asked to choose their bank out of the eight Malaysian banks provided, and then enter their credentials. The targeted banks are Maybank, Affin Bank, Public Bank Berhad, CIMB bank, BSN, RHB, Bank Islam Malaysia, and Hong Leong Bank. After the victims submit their banking credentials, they receive an error message informing them that the user ID or password they provided was invalid. At this point, the entered credentials have been sent to the malware operators. To make sure the threat actors can get into their victims’ bank accounts, the fake e-shop applications also forward all SMS messages received by the victim to the operators in case they contain Two-Factor Authentication (2FA) codes sent by the bank.

“While the campaign targets Malaysia exclusively for now, it might expand to other countries and banks later on. At this time, the attackers are after banking credentials, but they may also enable the theft of credit card information in the future,” adds Štefanko.

ESET Research has found the same malicious code in all three analyzed applications, leading us to conclude that they can all be attributed to the same threat actor.

To protect yourself against this type of threat, first, try to ensure that you are using legitimate websites to shop:

  • Verify if the website is secure, i.e., its URL begins with . Some browsers might even refuse to open non-HTTPS websites and explicitly warn users or provide an option to enable HTTPS-only mode.
  • Be wary of clicking on ads and paid search engine results
  • Pay attention to the source of applications you are downloading. Make sure that you are actually redirected to the Google Play store.
  • Use software or hardware 2FA instead of SMS when possible and use mobile security solutions.

For more information, check out the blogpost “Fake e-shops on the prowl for banking credentials using Android malware” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services to protect businesses, critical infrastructure and consumers worldwide from increasingly sophisticated digital threats. From endpoint and mobile security to endpoint detection and response, as well as encryption and multifactor authentication, ESET’s high-performing, easy-to-use solutions unobtrusively protect and monitor 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company that enables the safe use of technology. This is backed by ESET’s R&D centers worldwide, working in support of our shared future. For more information, visit www.eset.com or follow us on LinkedIn, Facebook, and Twitter.

Back To News
RidgeBot Brings Affordable Pen Tests to your Organization

Many organizations utilize security testing (a.k.a penetration testing) to validate the security posture of their network. In such a test, the security tester takes on the role of a hacker and tries his/her best to break into the organization’s IT environment. The purpose is to find any vulnerabilities and determine how the vulnerabilities could be exploited in a real-world hacker attack. The underlying idea is that a good security test should reveal how an attacker could work his/her way through the organization’s systems before it actually happens. Proper penetration testing helps organizations address issues in a more man- ageable and cost-effective way.

However, nowadays, attackers are always developing new exploits and attack methods, and often using machine learning (ML) to launch attacks automatically. Enterprises’ secu- rity teams and professional “penetration testers” are under tremendous pressure to keep up.

Ridge Security is changing this game with RidgeBOT, an intelligent security validation Robot. RidgeBOT is modeled with a collective knowledge of threats, vulnerabilities, and exploits, and equipped with state-of-the-art hacking techniques. RidgeBOT acts like a real attacker, relentlessly locates, exploits, and documents their findings. RidgeBOT automates penetration testing, making it affordable with the ability to run at scale. They work within a defined scope and instantly replicates to address highly complex structures.

Ridge Security enables enterprises and web application teams, DevOps, ISVs, govern- ments, healthcare, education, anyone responsible for ensuring software security, to afford- ably and efficiently test their systems.

RidgeBOT provides continuous security validation services. It assists security testers in overcoming knowledge and experience limitations and always performs at a top-level. The shift from the manual-based, labor-intensive testing to machine-assisted automation alleviates the current severe shortage of security professionals. It allows human security experts to let go of daily labor-intensive work and devote more energy to the research of new threats and new technologies.

  • Improve Security test coverage and efficiency
  • Reduce the cost of security validation
  • Continuosly protect the IT environment
  • Produce actionable and reliable results for different stakeholders
Read MoreBack To News
Ridge Security and Splunk Partner to Accelerate Speed-of-Response with Integrated Security Solution

Ridge Security, cutting-edge pen-testing solution provider, has partnered with Splunk, a data platform leader, to deliver an integrated risk management solution designed to empower security teams with increased productivity and speed of response to threats. The solution integrates the automated penetration testing and exploitation available in Ridge Security’s RidgeBot, with the orchestration, incident response workflow and playbook capabilities of Splunk SOAR.

Today, the sheer volume of sophisticated threats and breaches are staggering. Cybersecurity Ventures expects global cybercrime costs to grow by 15% per year, reaching $10.5 trillion USD annually by 2025. Understaffed security teams and tight budgets buckle under the pressure to secure expanding attack surfaces, across organizations both large and small. This means that machine-assisted tools and automated and integrated workflows need to coexist and augment resource-constrained security staff in their mandates to secure their organization’s infrastructure and business operations.

“Organizations and security staff are at risk from all vectors,” said Lydia Zhang, Co-founder and President of Ridge Security. “Whether it’s alert fatigue, data paralysis, or simply limited resources, security teams today must be empowered with solutions that deliver a coordinated defense strategy with automated workflows and reports that deliver timely and high-fidelity decision making. We are very excited to team with Splunk to deliver such a solution.”

Digital transformation has accelerated in the era of the hybrid workforce and hybrid multicloud deployment model, due to this acceleration, security teams are scrambling to maintain visibility and control across their disparate environments. The Ridge Security’s API integration into Splunk SOAR delivers the tools that security teams need to detect and respond to threats faster and maintain the security posture of their critical infrastructure and assets.

Ridge Security’s addition to Splunkbase brings an automated, continuous pen-testing integrated with existing incident management workflows and playbooks, at scale. RidgeBot automation performs pen-tests 100X faster than human testers, and instantly replicates any complex infrastructure. The consolidated threat intelligence reports effectively help streamline security operations.

For more information, please reference the Integration Solution Guide.

Back To News