Security News

An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. Kaspersky linked the campaign with a Chinese APT group tracked as TA428, known for its information theft and espionage focus and attacking organizations in Asia and Eastern Europe [1, 2, 3, 4]. The threat actors successfully compromised the networks of dozens of targets, sometimes even taking control of their entire IT infrastructure by hijacking systems used to manage security solutions.

Very few organizations are focusing on protecting their machine learning assets and even fewer are allocating resources to machine learning security. The advantages are proven, but as we've seen with other new technologies, they quickly become a new attack surface for malicious actors.

The Minister for Foreign Affairs of Belgium says multiple Chinese state-backed threat groups targeted the country's defense and interior ministries. "Belgium assesses these malicious cyber activities to have been undertaken by Chinese Advanced Persistent Threats."

Federal district judge William Shubb last week approved [PDF] the out-of-court deal struck by the biz and Markus, who joined the defense contractor in 2014 as senior director of cybersecurity, compliance, and controls. In his 2017 complaint, Markus alleged the company's computer systems failed to meet minimum cybersecurity standards that the federal government requires for contracts funded by NASA and the Department of Defense.

Agents sit on devices to perform security scanning and reporting, system restarts/reboots, software patching, configuration and general system monitoring. Agentless security tools do much the same, just without the agents, making them a better bet for security vulnerability scanning on remote machines where its harder to install an agent - like the cloud.

For this review, I tried out System Mechanic Ultimate Defense. After installing the product, System Mechanic hits the ground running upon first launch by offering to analyze your system to see what issues it can find and fix.

Apple's M1 chip has been found to contain a hardware vulnerability that can be abused to disable one of its defense mechanisms against memory corruption exploits, giving such attacks a greater chance of success. MIT CSAIL computer scientists on Friday said they have identified a way to bypass the M1 chip's pointer authentication, a security mechanism that tries to prevent an attacker from modifying memory references without being detected.

The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was "One of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare," according to Dmitri Alperovitch, a co-founder of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator. The two suggested that the primary purpose of the attack on satellite comms provider Viasat was to disrupt Ukrainian communications during the invasion, by wiping the modems' firmware remotely, it also disabled thousands of small-aperture terminals in Ukraine and across Europe.

Today's threat landscape is constantly evolving. Threat actors and tactics are becoming more determined and advanced.

China has begun talking to ten nations in the South Pacific with an offer to help them improve their network infrastructure, cyber security, digital forensics and other capabilities - all with the help of Chinese tech vendors. That's a nod to accusations that China practices what's been labelled "Debt trap diplomacy" whereby development assistance comes with repayment plans small nations may not be able to afford.