 Pegasus spy software was used to track protesters in Thailand. Pegasus is software developed by the Israeli NSO group. More: - The threat actor is believed to have spied on at least 30 individuals who are members of different NGOs and civil society.
- While the hackers responsible for the attack are not known, the breach is timed with anti-establishment protests in Thailand, raising suspicion over the government.
- Attackers used two security flaws known as KISMET and ForcedEntry to spy on their victims' phones. These two are zero-day attacks that have been used in the past. Kismet is known for having the capability to bypass wireless connection security and enable Pegasus to take control of the device.
- Pegasus is able to access a user's texts, call logs, photo galleries, location, etc.
Zoom Out: - Pegasus has been used on numerous occasions. The spyware has been used to spy on Catalan government officials, EU officials, Ukrainian army members, etc.
| |
 The White House will hold a summit on cybersecurity. The summit will tackle the issue of the talent gap in the industry. More: - The meeting will be led by National Cyber Director Chris Inglis, while other participants include Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency; Anne Neuberger, White House deputy national security advisor for cyber and emerging technology; Susan Rice, director of the Domestic Policy Council; and James Kvaal, undersecretary of education.
- U.S. organizations believe that the number of unfilled job positions in cybersecurity will be 700,000 in the future, with the number potentially increasing year by year.
- The summit will focus on concrete steps: getting students to trade schools, getting them to apply and join cybersecurity internships, having more diversity in the workspace, etc.
| |
 A message from SECURITY COMPASS The top challenges companies encounter when implementing DevSecOps are budget constraints and managing legal, regulatory & compliance controls. These challenges, along with the time it takes to create software applications while documenting AppSec processes along the way, have resulted in very high interest for automating proactive security and compliance processes. The need to build software with security by design, and in so doing to shift security left, is broadly accepted as one of the top priorities among mid-market-sized companies that produce software. These companies struggle to proactively define security for new software under development alongside an inability to document and track implemented controls in reasonable time periods. In this report you will learn: - a comprehensive look at the current state of AppSec
- security maturity in the mid-market
- the challenges and opportunities growing companies face when trying to scale their secure development efforts
Download the report
| |
The global cybersecurity market size may reach $403B by 2027, with a CAGR of 12.5%. Currently, this market is valued at $176B. More: - The report comes as cybersecurity has proven to be relatively inflation-resistant as a vertical compared to other industries.
- Ever since the start of the war in Ukraine, cybersecurity incidents have increased. In the first six months of 2022, there have been more cybersecurity attacks against small businesses than ever before.
- Internet attacks grew from 32.5 million globally in 2021 to almost 35.4 million in 2022 so far. Due to the increased number of cyberattacks around the world, governments have vowed to improve their defensive and offensive capabilities. Cybersecurity workers enjoy some of the highest salaries in the country.
| |
 Hackers are distributing malware that targets industrial engineers. Threat actors are using password cracking tools to breach their targets. More: - A new hacking campaign aims to breach Programmable Logic Controllers, tools used in industrial computers that manage manufacturing plants.
- These tools are usually controlled by industrial engineers through log-in credentials. If hacked, these tools could be used to manipulate manufacturing schedules or even have the entire production line shut off.
- Threat actors are specifically using a trojan known as Sality. The victims who have been breached by the malware have had their devices used to mine crypto while losing access to their accounts.
- Automation Direct, a company that produces PLCs, was recently breached by hackers. Similar hacking campaigns have also affected other companies such as Siemens, Fuji, Mitsubishi, etc.
| |
 A message from BOXABL Imagine if houses were built like cars, with one home coming off the assembly line every 60 seconds...wouldn’t that change the world? Cutting-edge housing manufacturer Boxabl plans to do just that, by setting up the world's largest and most advanced housing factory. Why Boxabl? - Setting up a 170,000 sq ft manufacturing facility in less than one year
- Raising over $100M from over 15,000 investors
- Elon Musk shouted out the Las Vegas-based company calling Boxabl a “cool product.”
- Achieving LEED certification and hurricane wind ratings on all houses
- Strategic partnership and investment from the largest home builder in the USA, D.R. Horton Inc.
- Over 50 patent filings due to considerable innovations in building technology
- Factory 2 is now under construction
- Customer waitlist of over 100,000 pre-orders, indicating potential demand worth billions of dollars
- Guided by Volkswagen Group's Porsche Consulting Inc. for the design and implementation of Boxabl’s new factory
- Shipping houses every day
Invest Today
| |
 A WordPress plug-in flaw named Kaswre Modern WBakery Page Builder Addons has been discovered. The bug has a critical 10.0 vulnerability rating. More: - The bug was initially tracked in 2021, but the company has not managed to solve the bug yet.
- Researchers have stated that there have been over 400,000 cyberattacks per day against thousands of WordPress websites, most of which have been successfully avoided.
- Most of the attacks seem to originate from only 10 IP addresses, while over 8,000 websites are believed to be potentially at risk.
| |
Quick Hits: - Ransomware attacks grew by 485% in 2020. This multi-pronged approach can help organizations respond to and recover from ransomware attacks.*
- Digium Software is being abused by threat actors who are launching fake VoIP calls to gain data on their targets.
- Mexico's newly appointed CIO has stated that cybersecurity will be a priority for the country, citing its importance for economic development, law, education, etc. Peter Mantos, the new CIO, stated that enabling endangered communities to have a proper broadband internet connection will help in raising them as producers in the digital community.
- The FBI has warned against threat actors that are contacting VC firms and convincing them to download apps or visit links that are malicious. These hackers usually demand payment via cryptocurrency and use cryptocurrency trading apps to scam users across the U.S.
- How's your current digital marketing strategy? Make it even stronger with our new interactive worksheet.*
*This is a sponsored post.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 Ford. | |
Security Compass is on a mission to accelerate software time-to-market while managing risk. | |
| |
