A new phishing campaign that is impersonating UAE government officials is targeting Middle East entrepreneurs and politicians. The threat actor is falsely sending emails in the name of the Ministry of Human Resources. More: - Researchers believe that all 43 domains related to the campaign are tied with a single threat actor. While the threat actor is not confirmed, it's likely that the attack is being carried out by a hacker group.
- The attacker is targeting job-seekers and business owners and is using business email compromise (BEC) and 419 as the methods of choice.
- BEC is a method that targets companies. There are five ways through which hackers can use BEC to breach a target; CEO fraud, Account compromise, false invoice scheme, attorney impersonation, and data theft.
- The 419 scam is a type of breach that usually comes from Nigeria-based threat actors. Victims are contacted by scammers with a request in exchange for money, leading the recipient to send out personal information. This information is then abused by the breacher, leaving the recipient vulnerable to hacks.
- The tools used in this attack may be possibly utilized by other threat actors in order to hack sensitive government files, log-in credentials, crypto wallets, etc.
- Researchers recommended that people in the affected area should use MFA and antivirus tools in order to mitigate any possible risk.
Zoom Out: - Hackers have previously breached news sites that provide information on the Middle East.
- This is not the first time that the UAE has been a center of cyber activity, as it was reported that UAE had spied on the U.K. government using Israel's Pegasus spyware.
| |
Echelon has been chosen as the winner of a $153M U.S. government cybersecurity contract. The contract may last five years as the Department of Defense continues to invest in the government's overall cybersecurity infrastructure. More: - The Virginia-based company will provide services for the Defense Counterintelligence and Security Agency. The agency is a part of the DOD. The DCSA's role is to conduct personnel security investigations, supervise industrial security, and hold security education and awareness training programs.
- This contract has one guaranteed 12-month services option, with four more 12-month options written in as contingent upon the confirmation of the agency.
- The total amount of the contract is $153,398,872, while the two first services that the company will provide are being contracted for over $7M.
Zoom Out: - Since the recent war in Ukraine, many countries around the world, including the U.S., have spoken about the importance of improving cybersecurity capabilities across the public and private sectors. President Biden released a similar statement earlier this year.
- President Biden has signed multiple executive orders and bills that aim to improve the U.S. government's cybersecurity practices and defensive capabilities against possible attacks.
| |
A message from SECURITY COMPASS The top challenges companies encounter when implementing DevSecOps are budget constraints and managing legal, regulatory & compliance controls. These challenges, along with the time it takes to create software applications while documenting AppSec processes along the way, have resulted in very high interest for automating proactive security and compliance processes. The need to build software with security by design, and in so doing to shift security left, is broadly accepted as one of the top priorities among mid-market-sized companies that produce software. These companies struggle to proactively define security for new software under development alongside an inability to document and track implemented controls in reasonable time periods. In this report you will learn: - a comprehensive look at the current state of AppSec
- security maturity in the mid-market
- the challenges and opportunities growing companies face when trying to scale their secure development efforts
Download the report | |
OpenSSL has patched a high-severity bug that could have led to remote code execution hacks. The bug is being tracked as CVE-2022-2274. More: - The bug began being noticed once OpenSSL launched its latest update. After the update was complete, devices faced memory problems due to heap corruption. Once the problem caused the devices to fail, attackers could have launched remote attacks.
- This flaw affected SSL/TLS servers using 2048-bit RSA private keys running on machines supporting AVX512IFMA protocols.
- The latter is a security protocol used to safely transfer information across public systems. The decryption key is held private, and the numbers that unlock the key are known by a few people, while the encryption keys can be used by anyone.
- CVE-2022-2274 was spotted by Xi Ruoyao, a Ph.D. student at Xidian University. The library administrators recommended that all users update to the most recent version of OpenSSL.
Zoom Out: - Due to its popularity, OpenSSL is a target for threat actors. One of the most notorious breaches, named Heartbleed, happened in 2012. The bug resulted in multiple attacks across Canada and The U.S. Over 5 million U.S. patients had their data stolen due to the security flaw being abused by a threat actor.
| |
Germany has presented its plan to protect its satellites from being hacked. The strategy was initiated in early 2021 and established a guideline for vendors to follow. More: - The plan was compiled by Germany's Federal Office for Information Security, The German Space Agency, OHB, etc.
- This strategy contains a long list of overall steps companies need to take to ensure that their procedures meet the security criteria. Furthermore, the strategy directs internal federal agencies on how they should operate the devices and technology they purchase.
- To guarantee that the entire process is secure, the German government has placed instructions for every step of the process, starting from design, testing, transportation, usage, decommissioning, etc. The plan separates the levels of risk into Normal, High, and Very High.
- The German government is expected to present more guidelines and regulations to ensure that the strategy is implemented and the German aerospace industry is more competitive in the international landscape.
Zoom Out: - SpaceX, the U.S. aerospace company led by Elon Musk, recently sent multiple German observation radars into orbit.
- On the day that Russia launched its attack against Ukraine, VIASAT, a satellite company that enables communication across many Western states, was hacked, causing many technical issues. The EU and U.K. accused Russia of hacking the satellites.
| |
A message from CAPACITY Chatbots are changing (for the better) Customers have a lot of questions, and they expect instant and accurate responses. To give them the support they expect, businesses are flocking to AI chatbots that are on call 24/7/365. - 3 out of 4 of consumers cite chatbots as their preferred method of communication with a business.
- On average, chatbots cut customer service costs by 30% or more.
- Almost 65% of consumers cite 24/7 availability as their top reason for preferring chatbots.
See Capacity in action | |
Hive ransomware creators have upgraded to the Rust programming language to improve its encryption. Hive is currently among the most used ransomware in cyberattacks. More: - Hive is a ransomware-as-a-service that has affected dozens of organizations across different sectors such as energy, healthcare, transportation, non-profits, etc. The ransomware was first noticed in 2021.
- The use of Rust will enable the threat actors deploying it to use more cryptographic libraries that make it difficult for authorities to stop the attack. The upgrade will also change the way hackers encrypt files through the flaw.
- Hackers who use Hive are able to disable anti-malware protections and then extract sensitive data. Once the threat actors gain access to the victim's device or files, Hive displays a ransom note that threatens to publish the victim's data on its TOR website.
Zoom Out: - The Costa Rican Social Security fund was hit with the Hive ransomware, causing the organization to be unable to know COVID-19 test results, execute wages for its employees, etc.
| |
Quick Hits: - End your expense reporting nightmares; get $100 to see how dreamy it can be.*
- Unknown threat actors have gained access to software that is used by law authorities to simulate cyberattacks.
- Hackers are deploying a new cyberattack that is targeting supply chain organizations. The threat actors use fake developer documentation that is mistakenly used by developers and then deployed as code.
- CISA has launched a new initiative that offers cybersecurity courses for beginners. The courses are free to take, as the U.S. cybersecurity workforce will need 5 million employees in the next decade.
*This is a sponsored post. | |
Upcoming events at Inside: | |
| | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 Ford. | |
Security Compass is on a mission to accelerate software time-to-market while managing risk. | |
Capacity is a secure, AI automation platform that helps orgs scale and automate support. | |