Stayin’ Alive Campaign Targets High-Profile Asian Government and Telecom Entities. Is It Linked To ToddyCat APT?
The main payload is composed of three primary functionalities, ‘report’, ‘shell’, and ‘file.’ Each functionality is assigned to a different message type that is sent to the C2 server.
Upon execution, the payload initially runs the ‘report’ feature sending basic recon info to the C2, then it creates two separate threads that repeatedly run the shell and file functionalities.
@Cyber_Security_Channel
Data Thieves Test-Drive Unique Certificate Abuse Tactic
Notably, the malware uses abnormal certificates featuring Subject Name and Issuer Name fields that have unusually long strings, which means they require specific tools or infrastructure to inspect the certificates and are not visible in Windows systems.
Specifically, the signature strings include Arabic, Japanese, and other non-English languages, along with special characters and punctuation marks, diverging from the typical English character string structures, the researchers noted.
@Cyber_Security_Channel
DataLocker® Introduces Sentry 5: The Ultimate Hardware Encrypted USB Flash Drive for Compliance and Security
DataLocker CEO Jay Kim emphasizes, "In the ever-evolving digital landscape full of cyber threats, the Sentry 5 encrypted cold storage USB drive provides an additional tool for your security arsenal.
This device is a continuation of our unwavering commitment to upholding data security, offering organizations a blend of top-notch security measures, flexibility, and efficiency."
@Cyber_Security_Channel
In June, Argentina's Executive Branch Filed a New Bill to Replace the Current Personal Data Protection Law With the National Congress of Argentina.
Extraterritorial application of the law is included in the proposed bill and applies to those located in Argentina, even when the processing is performed in another country.
It also applies to those not located in Argentina but who comply with other conditions, such as providing goods and services to those within the country.
@Cyber_Security_Channel
Quantum Announces New DXi Edge-Core-Cloud Bundles for Comprehensive Data Protection and Ransomware Recovery to Safeguard Business Operations Across the Distributed Enterprise
To simplify purchasing and deployment, DXi Edge-Core-Cloud Bundles are now available with all the components customers need to easily deploy the solution across their enterprise.
The bundles include pre-configured physical and virtual appliances and are available in four standard capacity sizes—Small, Medium, Large and Extra Large—in support of multiple edge locations, central data centers, and cloud-based archiving targets.
Logical capacities range from 400 TB terabytes up to 228 petabytes.
@Cyber_Security_Channel
Patch Confusion for Critical Exim Bug Puts Email Servers at Risk — Again
It's unclear yet whether cyberattackers leapt on the patch-lag opportunity.
But with between 250,000 and 3.5 million Exim servers currently used by organizations to handle email, the potentially vulnerable software poses a risk for a wide swath of companies, even now with patches available.
Mail servers are a popular target for attackers, says Robert Foggia, a senior security researcher with security services firm Trustwave.
@Cyber_Security_Channel
Navigating the Intersection of Cybersecurity, Stress, and Risk
Stress impacts cybersecurity on two fronts.
Cyber professionals are contending with ongoing threats and enduring taxing hours, which lead to errors and compromised judgments.
Simultaneously, strained employees exhibit reduced threat awareness, rendering them susceptible to phishing and social engineering on their company devices.
This underscores the relevance of integrating mental health and mindfulness into best cybersecurity practices.
@Cyber_Security_Channel
📩 In case you missed it: Our partners at Hacklido released a new version of their newsletter, Cyber Security Round Up - September 30th, 2023
It includes materials on the following topics:
• Bug Bounty
• OSINT Guide
• Web Security
• Data Breaches
• Malware Analysis
• Android Pentesting
And more...
You can find the full version of the newsletter here.
——
✨ If your company / project / community is willing to become a partner of Cyber Security News, feel free to contact us: @cybersecadmin
——
@Cyber_Security_Channel
Email Encryption Market worth $16.3 billion by 2028 - Exclusive Report by MarketsandMarkets™
The healthcare vertical is anticipated to have the highest CAGR in the Email Encryption market, primarily driven by stringent regulatory compliance demands worldwide, particularly concerning patient data protection.
In many countries, such as the US, with the Health Insurance Portability and Accountability Act (HIPAA), healthcare institutions are mandated to safeguard patient health information, especially when transmitted via Email.
@Cyber_Security_Channel
⚡️Hackers Abusing Skype and Teams to Deliver the DarkGate Malware
The attacker simply utilized the hijacked Skype account to hijack an existing conversation thread and send a message that looked like a PDF file but was a malicious VBS script.
“The threat actor abused a trusted relationship between the two organizations to deceive the recipient into executing the attached VBA script”, researchers said.
@Cyber_Security_Channel
Spearheading the AI Revolution: Teradata Aims to Help Orgs Navigate the Intersection of Deep Data Analytics and Robust Cybersecurity
“As an AI practitioner of more than two decades, I have done a lot of use cases and solved tough business problems,” he explained.
“As practitioners, we have to be very responsible in approaching how we use data for AI and ML models.
Teradata has strong governance in place [with] model ops that will monitor the performance and make sure that the data is well-governed and protected.”
@Cyber_Security_Channel
Trustpair: Implementing the Right Cybersecurity Strategies
Implementing automated account validations across your vendor network can ensure you are paying the right bank account every time.
For example, over half of successful fraud attempts are perpetrated through credentials or information changes on legitimate payments.
Frequent fraud awareness and cybersecurity training can help teams understand when cybercriminals have breached their organisation and fallen into the trap of paying the wrong vendor.
With the right approach, companies can mitigate and manage the risk of payment fraud.
@Cyber_Security_Channel
Cybersecurity Talent in America: Bridging the Gap
Let's face it: Not everyone has the luxury to undertake a master's program, spend thousands on certifications, or can afford to take an unpaid internship when starting their careers.
This barrier has led to a paradoxical scenario where despite the surging demand for cybersecurity professionals, many entry-level positions remain unfilled.
And we can't rely solely on those who can afford an expensive education because we need a diversity of both perspective and lived experiences.
Those interested in career changes can bring practical expertise to cybersecurity.
In 2022, ISC2 reported that only 23% of C-level cybersecurity executives identified as being nonwhite, and that women are under-represented in advanced, nonmanagerial positions.
@Cyber_Security_Channel
'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits
The Qualys write-up noted that in addition to successfully exploiting the vulnerability and obtaining full root privileges on the default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, Debian 12 and 13, other distributions were also likely vulnerable and exploitable.
@Cyber_Security_Channel
Encryption Services Are Sending the Right Message to the Quantum Codebreakers
Existing computers are based on manipulating digital bits that can be either 1 (on) or 0 (off).
Quantum machines, in contrast, work with qubits, which can be on and off simultaneously. (And, yes, I know that seems nuts, but then so does much of subatomic physics to the average layperson.
The key tool for providing that protection is a technology called public-key cryptography.
It was originally conceived by British engineer and cryptographer James Ellis at GCHQ in 1970, but only broke into the public domain in 1976, when his US counterparts Whitfield Diffie and Martin Hellman came up with a practical method for establishing a shared key over an open communications channel without using a previously shared secret code.
This approach was then formalised by three Massachusetts Institute of Technology scientists, Ronald Rivest, Adi Shamir and Leonard Adleman, and became the RSA algorithm (based on the first letters of their respective surnames).
@Cyber_Security_Channel
New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare
Amazon observed and mitigated more than a dozen HTTP/2 Rapid Reset attacks over two days in late August, the strongest one hitting its infrastructures at 155 million requests per second.
Cloudflare reported a peak at 201 million requests per second and mitigated more than 1,100 other attacks with more than 10 million RPS, and 184 attacks greater than the previous DDoS record of 71 million RPS.
@Cyber_Security_Channel
State of New York Makes Moratorium on Facial Recognition Technology in Schools Permanent
The report did not take digital fingerprinting off the table, however, noting that it presented lower risk to student rights and would be fit for specific uses such as tracking lunch payments and letting students unlock school-owned devices.
The new legislation requires allows school districts to implement fingerprinting and types of biometric identification other than facial recognition technology, but they must first obtain input from parents and conduct a similar assessment of the potential impact on student rights.
@Cyber_Security_Channel
Canada Privacy Commissioner Wants Feedback on New Biometric Data Processing Guidelines
They come with “Musts” (must use authentication before ID, must delete biometric information on request) and “Shoulds” (should seek to keep the template in the individual’s control, should use active versus passive biometrics).
@Cyber_Security_Channel
Don’t Overlook US State Law Protecting Collection of Genetic Data – Legal Insiders
The 23andMe situation is more nuanced. It actually is a story about a credential-stuffing attack, according to IT trade publication BleepingComputer.
But the data stolen includes photos, gender and genetic ancestry, valuable information that cannot be changed once exposed.
@Cyber_Security_Channel
Ransomware Crisis, Recession Fears Leave CISOs in Tough Spot
With cybercriminals capitalizing on crises for exploitation, any compromise of an organization's security posture or a potential ransomware attack amid recession fears could leave them vulnerable to greater risks and in a dire financial position or, worse, out of business.
@Cyber_Security_Channel
Old-School Attacks Are Still a Danger, Despite Newer Techniques
In many situations, threat actors are obtaining these credentials through social engineering.
That tactic continues to be successful because it relies on human error, which is much harder to fix with technology.
And from a bad actor's standpoint, why create new and/or complex threat vectors when the old, easier ones work just fine?
@Cyber_Security_Channel
Trustifi’s Solutions Named Cybersecurity Breakthrough Awards’ “Email Security Software of the Year”
“It’s our mission to deliver superior security that exceeds the capabilities of traditional solutions, which surprisingly include many established brands that rely solely on blacklisting and whitelisting of known malicious IP addresses.
Without a more aggressive, AI-based approach to security technology, this SEG-based method is not an adequate line of defense in today’s escalating environment,” said Rom Hendler, CEO and co-founder of Trustifi.
“We’re delighted that the prestigious Cybersecurity Breakthrough Award program has recognized that a born-in-the-cloud solution like Trustifi’s protection suite is a high-caliber, industry-leading email security software package.”
@Cyber_Security_Channel
Sustainable Funding, Workforce Challenge Whole-Of-State Cybersecurity Transition
Officials said securing sustainable funding for tools and services is also a challenge.
Both Crass and Murray disagreed with the notion that grants will solve their IT problems.
“The reality is it’s not,” Crass said.
“Most of the grants are set up so it’s one time you get to use the grant money to establish the tool or the service that you’re looking at and then it’s up to the local, the county, the state to sustain after the initial infusion of capital.”
@Cyber_Security_Channel
TD Synnex CEO Rich Hume: AI A ‘Massive Opportunity’ For The Channel
“I think approximately 35 percent of the channel now is either active or has the aspiration to be engaged in AI,” he said.
“So a very profound shift has taken place with the emergence of ChatGPT.
But make no mistake, AI is going to be a major inflection point in technology. It’s going to create a lot of great business opportunity moving forward. I like it to mobile phones and the cloud. It is going to be a titanic opportunity for everybody in it.”
@Cyber_Security_Channel
In a Nutshell: Data Protection, Privacy and Cybersecurity in Switzerland
The most important recent event in terms of data protection law has been the entry into force of the fully revised DPA on 1 September 2023, together with the DPO and the Federal Ordinance on Data Protection Certification (DPCO).
In short, the revision leads to stricter constraints and requirements.
For example, the DPA now requires organisations to create and maintain an inventory of processing activities, and private controllers with a domicile or residence outside Switzerland are, under certain circumstances, required to appoint a representative in Switzerland if personal data of individuals in Switzerland is processed.
@Cyber_Security_Channel
Email Encryption Market worth $16.3 billion by 2028
The healthcare vertical is anticipated to have the highest CAGR in the Email Encryption market, primarily driven by stringent regulatory compliance demands worldwide, particularly concerning patient data protection.
In many countries, such as the US, with the Health Insurance Portability and Accountability Act (HIPAA), healthcare institutions are mandated to safeguard patient health information, especially when transmitted via Email.
The B2B economy is witnessing the emergence of $25 trillion of new revenue streams that are substituting existing revenue streams in this decade alone.
We work with clients on growth programs, helping them monetize this $25 trillion opportunity through our service lines - TAM Expansion, Go-to-Market (GTM) Strategy to Execution, Market Share Gain, Account Enablement, and Thought Leadership Marketing.
@Cyber_Security_Channel
Is Your State’s Child Safety Law Unconstitutional?
Courts have issued preliminary injunctions blocking laws in Arkansas, California, and Texas because they likely violate the First Amendment rights of all internet users.
EFF has warned that such laws were bad policy and would not withstand court challenges. Nonetheless, different iterations of these child safety proposals continue to be pushed at the state and federal level.
The answer is to re-focus attention on comprehensive data privacy legislation, which would address the massive collection and processing of personal data that is the root cause of many problems online.
@Cyber_Security_Channel
⚡️Hacker Leaks Data of 8,000 Decathlon Employees and Customers; Previous Breach Confirmed
The potential impacts of this recent breach are substantial.
The exposed information can be misused in elaborate phishing campaigns to extract further sensitive data.
Malicious actors may impersonate official representatives of Bluenove or Decathlon to manipulate affected individuals into providing social security numbers or other sensitive personal identifiable information (PII).
This information could then fuel identity theft and fraudulent financial or government transactions.
@Cyber_Security_Channel
Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites
The threat actor typically hijacks websites in an effort to redirect their visitors to fake tech support, lottery and other scam sites.
Sucuri estimated in April that more than one million WordPress sites had been infected as part of the Balada Injector campaign since 2017.
In the recently observed attacks, Sucuri saw over 17,000 websites infected by Balada, including 9,000 related to exploitation of the TagDiv plugin vulnerability.
@Cyber_Security_Channel
Omni DataSafe Reviews: Is This Encrypted USB Drive Worth My Dime?
Traditional USB devices don't have the essential security features to fully protect your data, despite being useful for transferring files.
An unencrypted USB stick would have complete access to all the data on it if you lost it or it ended up in the wrong hands.
The information stored on encrypted devices is extremely impossible to access without the encryption key.
In addition to a password, encryption provides an additional level of security.
@Cyber_Security_Channel