Security News
Once the malicious software is installed, it redirects incoming calls to a call center under the control of the criminals. To facilitate the routing of voice traffic, "Letscall" utilizes cutting-edge technologies such as voice over IP and WebRTC. It also makes use of Session Traversal Utilities for NAT and Traversal Using Relays around NAT protocols, including Google STUN servers, to ensure high-quality phone or video calls and bypass NAT and firewall restrictions.
Through them, any tech company doing business with Australians will be required to actively scan their emails, online photo libraries, cloud storage accounts and dating sites for illegal content. Part of the Commissioner's role has been to create and enforce a framework whereby illegal or damaging material can be removed at the eSafety Commissioner's request.
48% of CIOs are more likely to prioritize innovation in new technologies over optimizing their current tech stack. "The job of the CIO has never been more demanding, and the findings indicate they are taking increasing risks in response. The more complex the technology landscape, the more challenging it is for the CIO to enact organization-wide digital transformation and prioritize initiatives and investments that will deliver business outcomes," said Ken Wong, President of Lenovo Solutions and Services Group.
The United States and the Republic of Korea have issued a joint cyber security advisory [PDF] about North Koreas "Kimsuky" cyber crime group. In their joint advisory, US and South Korean authorities said Kimsuky targets "Think tanks, academic institutions, and news outlets for the purpose of intelligence gathering." The South says the gang is also involved in stealing info used by the DPRK's satellite program.
Economic perils notwithstanding, 94% of tech leaders are committed to investing in new tools and technologies, including AI, according to a survey by EY. The new poll suggests tech leaders view this investment strategy, particularly for cybersecurity, as a way to weather geopolitical uncertainty and the economic downturn. Ken Englund, the technology, media and telecommunications leader for EY Americas, said in the press release about this EY survey that the results suggest resiliency in the face of buffeting uncertainties.
Even in the face of ongoing global economic uncertainty, the Linux Foundation's 2023 State of Tech Talent Report found that many organizations plan to increase their staff in 2023 and do not anticipate employment reductions or freezes to balance those increases. Economic concerns did cause 59% of organizations to revise their 2023 hiring plans for tech roles, primarily by freezing new positions.
Tech companies must take SaaS security seriously to prevent resources from leaking or being stolen. A strong SaaS posture is important for any company, but it is particularly important for organizations that store their proprietary code in SaaS applications.
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations.On May 7th, the company fell victim to a ransomware attack conducted by Black Basta, a cybercrime group that surfaced in April 2022.
EU MEPs want to start the public body - along with a host of other recommendations contained in a report that landed last night - after the so-called PEGA committee spent over a year looking into the use of Pegasus and equivalent spyware. In April, Citizen Lab and Microsoft both reported that a zero-click exploit allegedly developed by Israeli spyware company QuaDream - called "Reign" - was used to deliver spyware on devices running Apple's iOS 14 on victims' phones.
The Commission adopted the first designation decisions under the Digital Services Act, designating 17 Very Large Online Platforms and 2 Very Large Online Search Engines that reach at least 45 million monthly active users. Following their designation, the companies will now have to comply, within four months, with the full set of new obligations under the DSA. These aim at empowering and protecting users online, including minors, by requiring the designated services to assess and mitigate their systemic risks and to provide robust content moderation tools.