DEFEND AGAINST CYBER-ATTACKS BEFORE THEY HAPPEN
The CISO’s Solution – forewarned is forearmed.
Kaduu helps you understand when, where and how stolen or accidentally leaked information is exposed. Kaduu’s alerting service can also detect threats before they turn into incidents. There are certain indicators that can be measured. Before an attack takes place, hackers often reserve similar domain names (typosquatting), they spoof profiles in social media like LinkedIn or they exchange information about targets in hacker forums. Kaduu monitors these activities using "Social Media Monitoring", "Domain Monitoring" and the "Hacker Forum Monitoring". Kaduu’s Intelligent Filters and Machine Learning find the real risks among the vast amount of data we collect through human and machine intelligence.
We monitor all new domain registrations (ccTLDs, gTLDs, uTLD, sTLD). In doing so, we also record typical typosquatting techniques. Kaduu automatically analyzes domains that appear suspicious, capturing key properties such as WHOIS , geolocation, open web services, screenshots, similarity to the original site (AI analysis) etc. With our certificate log monitoring service you will also detect scammers using the same name on a SSL certificate as your protected asset.
We monitor server access, IOT (Shodan) or complete DB dumps in different formats (CSV, Memory Dumps, Office Files etc). We regularly also examine also S3 buckets for sensitive data. Kaduu also provides a search option to query regularly updated botnet logs for domain names, brands or IP addresses as
malicious actors have built vast networks of hacked computers that can be rented or purchased and used for cyberattacks such as distributed denial of service, fraud, spam or phishing.
In ransomware attacks, victims are blackmailed into paying a ransom sum in order to regain access to their own data. In some cases, ransoms are not paid or, despite payment of ransom, the stolen data is uploaded to the Internet or darknet for every user to see. We monitor common ransomware groups and can inform the customer if stolen data is shared with the public.
Monitoring whether your organisation’s name appears in Dark Web forums, Onion-, I2P and paste sites can help you detect potential insider threats, enabling you to prevent data leaks and other incidents that may damage your organisation. Access to leacked accounts and passwords is also a popular darknet commodity. Passwords are valuable because attackers know that people tend to reuse their passwords for multiple accounts.
We monitor social media services such as Twitter, Reddit, Youtube, Telegram, etc. for posts that could be damaging to our reputation. We also detect attempts to create fake user profiles of key executives. Especially in the case of phishing and spoofing attacks, in which a false identity is simulated, such attacks should already be detected in the preparation phase.
Employees who are heavily exposed to the Internet are at greater risk of social engineering attacks such as phishing. Therefore, in Kaduu we measure how exposed an employee is on the Internet and where indications of activities related to the specific email account can be found.
In Kaduu we offer the possibility to monitor credit card information (name, part of number etc) on the darknet. If such data is offered for sale in relevant forums as part of a phishing or malware attack, we can inform the owner promptly.
Kaduu is constantly under development and we see ourselves as a one-stop-shop for various cyber threat intelligence indicators. We will be happy to show you a detailed list of all the data sources we monitor and are still developing in a personal meeting.
© Kaduu 2022