Security News
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. "In the Linux and macOS versions, it masquerades as a system update. In the Windows version, it masquerades as Intel drivers. The update names are somewhat generic: In the macOS version, the file is relocated and named 'updateMacOs' and in the Linux version it is named 'updateSystem'," Avigayil Mechtinger, security researcher at Intezer, has shared with Help Net Security.
North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices. Chinotto, the malware deployed in their most recent campaign discovered by Kaspersky security researchers, allows the hacking group to control compromised devices, spy on their users via screenshots, deploy additional payloads, harvest data of interest, and upload it to attacker-controlled servers.
The research found that fraud fighters - professionals tasked with investigating and prosecuting insurance fraud - in North America were the least prepared for threats from abroad. "Organized rings, both foreign and domestic, are stealing billions," Coalition Co-Chair David Rioux of Erie Insurance said. Globalized insurance fraud is not a priority at all for 27.7% of respondents and a low-to-medium priority for 57.5% of respondents, leading to a lack of resources and time invested in day-to-day operations fighting global insurance fraud.
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team. Lockean activity was first noticed in 2020 when the actor hit a French company in the manufacturing sector and deployed DoppelPaymer ransomware on the network.
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team. Lockean activity was first noticed in 2020 when the actor hit a French company in the manufacturing sector and deployed DoppelPaymer ransomware on the network.
The infamous REvil ransomware group has reportedly been dealt a severe blow, courtesy of an operation conducted by officials in the US and other countries. A so-called "Leadership figure" for REvil known as "0 neday," who helped restart the gang's operations after it previously shut down, revealed that REvil's servers had been hacked by an unknown party, Reuters said.
As we noted a few days back, notorious ransomware gang REvil "Disappeared" again this week. The REvil leaks blog, known as Happy Blog, was made inaccessible on October 17, the same day one of its operators announced the group was shutting down due to a hijacking of their domain on Russian forum XSS, security vendor Flashpoint said at the time.
Enterprises are taking steps to move away from passwords and adopting low-friction authentication methods to protect the hybrid workforce, a Cisco's Duo Security report reveals. Multi-factor authentications increased significantly.
MEC buildouts are being carried out by a broad cross-section of edge stakeholders, and cloud providers) to deliver latency-sensitive edge network services. Beyond connectivity, MEC buildouts will also provide opportunities for organizations to host applications both on premises and in edge cloud sites.
Making the decision to implement a multi-cloud strategy is difficult. From the decision to pursue a multi-cloud journey to defining the requirements to laying the foundation to identifying and deploying applications and services to the multi-cloud environment, the process requires a solid strategy and flawless execution to succeed, say experts at Taos.