Election workers in the U.S. targeted by hackers / Numerous IoT devices found vulnerable / Chinese hacker group Budworm cyberattacks U.S. agency

Plus: Tehtris raises $43M to detect cyberattacks without human intervention

Inside.com Part of   Network October 13, 2022

Presented by

Election workers in the U.S. were targeted by malicious emails during state elections. Most cases were tracked in battleground states. More: Election workers in battleground states such as Arizona and Pennsylvania reported that during state elections, they saw a dramatic increase in spam emails. In Pennsylvania, the number of malicious emails increased from 1,168 in the fourth quarter of 2021 to 4,460 in the first quarter of 2022 The workers reported that they were targeted with phishing campaigns and malware-infected links. Researchers believe that no worker was breached. This activity shows that threat actors are consistently attempting to take advantage of potential weaknesses found in the U.S. election system, especially after the 2016 election controversy.

IP cameras, VoIP, and conferencing cameras proved to be the IoT devices that are the most prone to being hacked, according to a new report. The devices are being used by almost all industries today. More: When asked about what devices they feel are the least protected in their organization, 65% of business executives stated that IoT devices are the last when it comes to protection from hacking campaigns. 50% of the respondents stated that cyberattacks against these devices have increased recently. Governments are the most targeted (43% of total cases), while manufacturing is the most targeted vertical in the private sector (11% of total cases). IoT devices are believed to hold information on more than 50 million people on the internet.

A message from SECURITY COMPASS This is your show developers! Watch our panel answer questions & offer advice on how we can all improve developer-centric threat modeling. What to expect: Earlier this year, Security Compass ran a survey that probed the mind of developers. During this interactive panel discussion, we discussed our findings with security experts who live in the developer and threat modeling space. What you will learn: 🎯 The connection between developer user stories or requirements, coding, and threat modeling. 📣 How to keep up with the ongoing discovery of software weaknesses. 👨‍💻 Practical advice for developers to stay current on threat modeling practices. Whether you are a developer, lead, architect, or threat modeler, this webinar will leave you with something to think about. Watch Now

A new hacking campaign targeting an unnamed U.S. agency has been tracked. Chinese threat actor Budworm is believed to be behind the attack. More: The group, which has not actively targeted U.S. organizations during the last six years, is known for the wide array of tools it uses to deploy its cyberattacks. Budworm is believed to have shifted its focus to Europe, the Middle East, and Asia in recent years. The group has used tools such as HyperBro backdoor, Cobalt Strike, LaZagne, etc. Two main security flaws were used in the group's recent attacks: CVE-2021-44228 and CVE-2021-45105.

Cybersecurity startup Tehtris has raised a $43M funding round. Jolt Capital led the round. More: Tikehau Ace Capital, Open CNP, and Nouvelle-Aquitaine Co-Investissement also participated in the round. Tehtris has built a software solution that detects and stops cyber threats without human intervention. The company is based in Paris, France.

A message from REMOFIRST Remofirst raised $14.1M to help companies hire the best talent in the world, no matter where their legal entity is located. It can be prohibitively expensive to establish an entity in every country you want to hire talent in, so Remofirst serves as the Employer of Record (EOR) who pays your employees and provides HR benefits on your behalf while you manage their daily duties.  Remofirst handles the formal HR procedures and employment contracts that adhere to your employee’s local laws, so that they are paid in their local currency and you can just approve invoices via our platform.  Best pricing in the market starting at $199/mo Same-day onboarding in 150+ countries 24/7 Customer Support (including help with Visas) 3 months free on your first employee for Inside readers Get STarted

Nudge Security has launched its product, officially emerging from stealth mode. The company is entirely remote. More: Nudge Security aims to help companies avoid social engineering breaches by constantly engaging with them over their day-to-day decisions that may affect the company's overall security. The company has presences in Austin, Texas, and Jackson, Wyoming. Nudge Security raised its $7M Seed round six months ago, shortly after being founded.

Quick Hits: Seven brands got influencer campaigns right, and you can, too. Wisdom from the experts on running a successful influencer marketing campaign.* NSO Group founder Shalev Hulio is starting a cybersecurity company with former Austrian Chancellor Sebastian Kurz. Researchers have tracked a new hacking campaign that can poison a company's entire software supply chain by misleading employees into downloading public npm registry packages. Fast Company has allegedly sent its board members an email, letting them know that their information was not stolen during a recent breach that hit the company. The company claims that it keeps the information about its board member members in a separate database from the one that was hacked. *This is sponsored content.

Upcoming events at Inside: October 19 - AMA with Zecca Lehn (Responsibly VC) (Register Here) October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here) November 02 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here) November 09 - Live AMA with Yashar Behzadi (CEO and Founder of Synthesis AI)* (Register Here) December 07 - Live AMA with Deividi Silva ( Head of Developer Relations at Gun.io) (Register Here) *This is a sponsored listing.

Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. Editor Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords.

Security Compass is on a mission to accelerate software time-to-market while managing risk.

Get started with Remofirst today, start onboarding tomorrow.

767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2022 Inside.com

Did someone forward this email to you? Head over to inside.com to get your very own free subscription! You received this email because you subscribed to Inside Security. Click here to unsubscribe from Inside Security list or manage your subscriptions.