Russian hacker group Gamaredon is attacking the Ukrainian government. The group is using a custom-made malware variant as a threat vector to target defense agencies and officials. More: - The group is using LNK files, PowerShell, and VBScript to enable initial access, while other malware is deployed after gaining initial access.
- Gamaredon is also known as Actinium, Armageddon, Primitive Bear, Shuckworm, and Trident Ursa.
- The LNK files that the group uses to lure its victims are Microsoft Word files, a practice that has been consistently noticed by researchers in many different hacking campaigns.
- Once the LNK file is opened, a PowerShell script is deployed. This script takes a screenshot of the user's activity and creates a copy.
- Other information that the malware is able to steal includes:
- Computer name.
- Volume serial number.
- Base64-encoded screenshot.
- This malware also contains a new piece of info stealing variant that previous Gamaredon attacks did not have. Researchers believe that this variant may be categorized as part of the Giddome backdoor family, but no official reports have been published yet.
| |
Cybersecurity firm Fortanix has raised a $90M Series C funding round. The company develops data protection solutions that focus on cloud infrastructure. More: - This round was led by Goldman Sachs Growth Equity with participation from Giantleap Capital, Foundation Capital, Intel Capital, Neotribe Ventures, and In-Q-Tel.
- The company provides software that enables users to communicate safely, store data, and lock data with privileged access so that only a limited number of people can access it.
- In order to provide the latter, the company uses Intel's SGX technology. SGX is a device that stores specific code and serves as a memory-storage unit for individuals and enterprises who use the cloud.
- Fortanix claims to have more than 125 customers, including Adidas, Google, PayPal, GE Healthcare, the U.S. Department of Justice, and the Centers for Disease Control and Prevention.
- Fortanix was founded in 2016 by two IT professionals.
| |
 A message from SECURITY COMPASS Current approaches to software threat modeling simply don’t work. They are manual, inconsistent, take too long, don’t scale, and don’t give developers what they need. When software security and compliance are considered more as an afterthought, rather than a vital step in the development process, organizations end up trying to remediate security and compliance issues after software has been written, rather than preventing issues in the first place. Here you can find a series of posts breaking down how you can anticipate threats earlier in the software development life cycle to create more secure and compliant software. Empower DevSecOps teams to make software secure and compliant by: - Design through automating threat modeling
- Generating application security requirements
- Providing secure development
- Compliance best practices
The SD Elements platform is the best solution for organizations who: - Need to scalably model software threats
- Identify countermeasures
- Deliver secure and compliant code quickly.
Learn How
| |
The EU plans to introduce new cybersecurity legislation named the Cyber Resilience Act. The legislation would oblige companies to take more steps to protect consumers from possible attacks. More: - The announcement was made by EU Commissioner for the Internal Market Thierry Breton.
- If the legislation is passed, companies will have to report exploited vulnerabilities and incidents, provide security updates for at least five years, and provide consumers with instructions for the use of their products.
- Companies that do not adhere to these rules will have their products temporarily or permanently removed from the Single Market and/or be fined 2-5% of their global revenue.
- EU officials stated that the possibility of threat actors hacking toys, smart fridges, or cars could have dramatically dire consequences.
- Once this bill is approved by the European Parliament, it will take effect two years later.
Zoom Out: - EU officials have struggled with breaches from threat actors and different security organizations before. Multiple EU officials, including the Prime minister of Spain, were spied on by Israeli spyware Pegasus.
- The developments after reports of this scandal led to the resignation of the CEO of Pegasus' parent company, NSO.
| |
Self-spreading malware is being used to breach gamers, according to a new report. Hackers are specifically targeting gamers who look for cheat codes and tutorials on YouTube. More: - Hackers are creating videos that pretend to have cheat codes and other tools that could help them win games.
- The gamers are being led to download a RAR file that contains a bundle of malware, including RedLine stealer.
- Redline breaches its victims by abusing cookies stored in the browser. Those cookies contain log-in credentials, which the hackers use to gain unauthorized access to a specific account.
- The malware is available for purchase online for a relatively small amount.
- The malware, written in C#, can also steal usernames, passwords, credit card details, crypto wallets, and autofill data from browsers.
Zoom Out: - The RedLine stealer trojan has become one of the most used malware this year. Hackers are believed to use it due to its ability to quickly steal credentials from browser autosave features.
- RedLine has also been used to steal cryptocurrency wallet credentials. Earlier this year, hackers used YouTube to lure viewers into buying mystery NFT boxes.
- There have been more than 200,000 RedLine cyber attacks in 2022 so far.
| |
 A message from QUANTUM Avoid Paying a Ransom - Get the Ultimate Backup Guide Before You Need It Paying a ransom may sound like the best case scenario: get your data back, make your customers feel worth it. But actually, it can affect your business in other ways and may, in some cases, be illegal. Make sure your systems are protected across the entire data lifecycle - and never pay a ransom again. You’re able to balance cost while maximizing efficiency. No one can stop ransomware or fully prevent it from taking place - but you can make sure you’re protecting your customers and your data by ensuring that there is a fully air-gapped solution. Request A Demo
| |
dope.security has raised a $4M growth round. The company is based in Mountain View, California. More: - The round was led by boldstart ventures. As part of the deal, two executives from boldstart will join dope security's board of directors.
- dope.security has built a fly-direct Secure Web Gateway that aims to make data centers more efficient and safe.
- The company provides cybersecurity defense against web-based threats, but it also enables its users to integrate productivity apps such as Office 365.
Zoom Out: - Cybersecurity VC funding reached $12B during the first half of 2022, comparable to 2021, which was a record-breaking year.
| |
Quick Hits: - Organize your startup business the right way with ClickUp. Create tasks and projects for each business division.*
- Cybersecurity companies in the Asia Pacific region are set to reach $150B in revenue by 2026, according to a new report.
- The White House has presented new cybersecurity guidelines that have been signed by President Biden. The guidelines direct federal agencies to update their software choices and tools.
- Zoom users are reporting that the app is down, and they are unable to host or join video calls. This error is reportedly affecting users globally.
- A recently published survey of U.K. citizens claims that 40% of the respondents are worried that their children may turn to cybercrime as a result of rising living costs.
*This is sponsored content.
| |
Upcoming events at Inside: - September 14 - AMA with Brian Dean (Founder of Backlinko) (Register Here)
- September 21 - Hired's Navigating Market Uncertainty: The State of Tech Hiring Webinar (Register Here) *
- September 21 - AMA with Kristen Ruby (Founder of Ruby Media Group) (Register Here)
- September 22 - "Top 10 Overlooked VxWorks Features" with Brian Kuhl (Register Here) *
- September 28 - AMA with Leigh-Ann Buchanan (Founder of aīre ventures) (Register Here)
- October 05 - AMA with Ram Bartov (Chief Accounting Officer at TripActions)* (Register Here)
- October 11 - AMA with Mike Malone (Smallstep) (Register Here)
- October 12 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here)
- October 19 - AMA with Zecca Lehn (Responsibly VC) (Register Here)
- October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Security Compass is on a mission to accelerate software time-to-market while managing risk. | |
With Quantum, we shift the focus from accumulating data to making it work for you. | |
