Plus: Hackers are breaching Atlassian Confluence servers with never-before-seen spyware
| Part of  Network | |
 Presented by  |
 Hackers are targeting Russian organizations with new malware named Woody Rat. Researchers believe the campaign has been ongoing for one year. More: - Woody Rat is spyware that is meant to steal data and go unnoticed by security systems.
- Hackers usually use a Microsoft Office security flaw known as "Follina."
- The malware has numerous capabilities, such as
- encrypting its communications with a remote server,
- write arbitrary files to the machine,
- execute additional malware, delete files,
- enumerate directories, capture screenshots
- and gather a list of running processes.
- To evade security systems, the trojan uses deleted Notepad processes to pass itself as a sidelined file. The origin of the malware is not yet known.
| |
 A single-core Intel Xeon CPU cracked an algorithm meant to withstand quantum computer-based attacks. The algorithm was a fourth-round candidate as a post-quantum cryptography algorithm for the U.S. government. More: - The algorithm was named Supersingular Isogeny Key Encapsulation.
- Most of the algorithms today are built using math problems that are linearly designed. Quantum computers can calculate these problems both in order and in reverse, which makes them very efficient at breaching virtually all encryption algorithms that are present on the internet today.
- Quantum-resistant cryptography is an attempt by governments and companies to build algorithms that can withstand these brute force attacks from quantum computers in the future.
- Microsoft is one of the companies that helped build SIKE.
| |
 A message from PERCENT Trying to find sizable returns in this volatile market? Percent gives accredited investors exclusive access to the $7 trillion private credit market, letting you invest like hedge funds and pension plans. What is Private Credit? An asset class involving investments in private loans and debt financing. Investors loan money to companies, receiving interest in return. Investing in these deals means the chance to earn high-yielding interest. Percent investors have unprecedented access to different types of debt financing, including: - Non-bank lenders’ small business and consumer lending portfolios (receivables, merchant cash advances, installment loans)
- Corporate loans to startups
- Automated exposure to multiple private credit investments
Why Percent? They offer up to 18% APY, with an average maturity of 9-months. Plus, deals are largely uncorrelated from the stock market. Ready to learn more? Download our factsheet and find out if Percent and private credit are right for your investing goals. Download Here
| |
 Multiple security flaws in Cisco business routers have been tracked. Some of the flaws could be used to gain unauthorized remote access. More: - The flaw is being tracked as CVE-2022-20842 and has a CVSS rating of 9.8.
- If a user is breached, hackers could gain access to their devices.
- Hackers are using HTTP attacks to override security protocols.
- Besides this flaw, there are two other major security flaws related to Cisco business routers: CVE-2022-2082, with a CVSS score of 9.0, and CVE-2022-20841, with a CVSS score of 8.0.
- Cisco has not announced any fixes because it claims there is no proof these vulnerabilities are being used to breach users at the moment.
| |
 Hackers have exploited a vulnerability in Atlassian Confluence servers to deploy never-before-seen spyware. Atlassian has been in the spotlight this year due to numerous hacking attempts and security issues. More: - The attack originated from a threat actor tracked as TAC-040.
- TAC-040 used one of the two main known Confluence security flaws:
- CVE-2022-26134, taking advantage of Confluence servers by attacking the company with malware attacks that would enable the group to gain remote access control.
- CVE-2022-22965, a data binding flaw that may have been used to breach the company's web app.
- Researchers believe that hackers have managed to steal at least $106,000 in the attack.
- The hacker group has not claimed the breach yet, but it is believed that its goal is cyberespionage.
| |
 A message from VANTA The fastest way for organizations to become compliant is with the help of automated security platforms. Researching and committing to an automated security platforms can be tricky — where do you start and what do you need? Vanta’s 5 Must-Haves in an Automated Security Platform guide dives into the five features organizations should look for in an automated platform. The guide will also cover, how the features can accelerate the compliance process and why investing in the right compliance platform now can enhance your security in the future. Download the guide today
| |
 Talon Cyber Security has raised a $100M Series A funding round. The round was led by Evolution Equity Partners. More: - Participants in the funding round included Ballistic Ventures, Falcon Fund, Merlin Ventures, SYN Ventures, Lightspeed Venture Partners, Sorenson Ventures, and Team8.
- The company has created a product named Talon Browser, which allows enterprises to use their applications on this browser.
- By doing so, the company claims that its clients are safer through data backup and authentication features.
- The round also includes the conversion of $17M in SAFE share investments announced earlier this year into A shares.
| |
Quick Hits: - 2022 Capital Gains of $250K+? Reinvest them and unlock attractive tax incentives like tax deferral. Learn How — Grab This No-Cost Investor Guide.*
- Axio has raised a $23M Series B round. The startup helps companies evaluate how much they risk being breached by threat actors.
- Lumu, a Miami-based cybersecurity startup, has raised $8M. The round was led by Panoramic Ventures with participation from SB Opportunity Fund and KnowBe4 Ventures.
- Funding for cybersecurity startups in Q2 2022 fell by 25%, according to a new report. Startups in this space raised $12.5B globally during this period.
- An RCE bug that may enable hackers to remotely control DrayTek routers has been tracked. The flaw has a vulnerability rating of 10.0, with as many as 29 different routers models being considered at risk.
- Get a FREE Trial Pack of Super Coffee's NEW Tasty Pastry flavors that contain 0g of sugar, 10g of protein, and 200mg of caffeine. Just cover shipping!*
*This is sponsored content.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 Ford. | |
Percent: Private Credit Investments. High-Yield Investing. Short-Term Durations. Learn More. | |
| |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2022 Inside.com | |
| |
