Microsoft stated that nation-state cyberattacks are becoming more common due to the rise in authoritarianism, intensifying ever since the war in Ukraine began. The statement was made in the annual Microsoft Digital Defense Report 2022. More: - According to the company, attacks that target critical state infrastructure have grown 100% YoY, led by Russia's attempts to cause long-term damage to Ukraine's digital infrastructure.
- Russia was not the only actor to launch massive hacking campaigns this year, as Iran has deployed several hacking campaigns against different targets, especially Israel.
- Iran-backed hackers managed to set off the emergency rocket alert in Israel and attempted to exfiltrate and delete government data.
- Albania was also hit by a cyberattack this year, as the country blamed Iran for sponsoring the attacks.
- Iran denied all responsibility, but the Albanian government decided to cut all diplomatic ties between the two countries regardless.
- The cyberattack shut down the country's border control software as well as its national administration platform named E-Albania.
- The number of password attacks per second increased by 74%, with a large percentage of these attacks ending in ransom demands.
- Microsoft claims that the number of ransomware attacks in the U.S. and Europe has dropped while the number of cases reported in Latin America has increased.
| |
Black Basta ransomware may be linked with the FIN7 hacker group, according to a new report. Researchers believe that a sample from a recently used defense impairment tool proves the connection between the two actors due to their use of SocksBot. More: - Black Basta ransomware group became public in 2022, launching numerous cyberattacks against organizations such as the American Dental Association.
- The group became known for acquiring network login credentials in illegal internet forums and then using them to deploy its malware. Black Basta is likely composed of experienced cybercriminals due to the patterns in which they've spread the malware since their first public showing.
- 43% of the groups' cyberattacks have been directed toward U.S. organizations, while Austrian organizations are the second-most targeted, with 15%.
- The group has targeted several industries, but construction, services, and fashion have been attacked the most.
- The threat actor is known for using PowerShell scripts to scan information about the compromised system or network.
- It proceeds to use Qakbot's and Cobeacon's information-gathering capabilities in addition to Netscan, which is the final scanning tool in the infection chain.
- In recent hacking campaigns, the group has used SocksBot, a malware variant that is known to have been used extensively by FIN7.
- The report concludes that FIN7 developers have either worked in the past or are currently working with Black Basta.
| |
A message from SECURITY COMPASS The only secure developer training that is accredited by (ISC)² Our role-based, language-specific, secure developer training meets developers where they are in their knowledge and learning style to ensure they successfully develop and apply secure coding skills. Go beyond secure coding training. Retain talent, remain competitive, and stay compliant. We offer over 49 courses covering topics including: ● Defending AWS, .NET, Angular, Java, and more ● DevSecOps Fundamentals and DevSecOps for Managers ● Defending Containers, Kubernetes, Docker ● Secure Software Requirements, Design, Testing Explore language-specific, role-based, (ISC)² accredited secure developer training. Visit our page to browse our curriculum, try a free course, or speak to the team. Browse our curriculum | |
The world's most expensive observatory, the Atacama Large Millimeter Array, was forced offline after being hit by a cyberattack. The threat actor responsible for the attack is unknown so far. More: - The Atacama Large Millimeter Array is based in the Atacama desert in Chile.
- This observatory was created as a result of a partnership between U.S., European, and East Asian authorities. The ALMA observatory is used for:
- Mapping gas and dust in the Milky Way and other galaxies.
- Investigating ordinary stars.
- Analyzing gas from an erupting volcano on Jupiter's moon.
- Studying the origin of the solar wind, etc.
- Researchers stated the hackers used ALMA's lack of funding and general lack of cybersecurity focus to breach security protocols.
- The observatory stated that hackers did not steal critical data from its antennas and that the limited email damage that was caused has been contained.
| |
Wallet Connect has raised a $12.5M funding round to improve security for crypto wallets by providing end-to-end encryption between the crypto wallet and a third party. The company is backed by Shopify, Coinbase Ventures, Polygon, Uniswap, etc. More: - Wallet Connect provides APIs that help secure wallets when they sign a blockchain contract with a third party. Blockchain contracts are signed automatically for every action that a user takes involving another party.
- These APIs are used by over 210 wallets and 450 apps, including Ethereum, Solana, Coinbase, MetaMask, Uniswap, OpenSea, Twitter, Stripe, Plaid, WalletConnect, NEAR, Neo, Stellar, Algorand, and Cosmos.
- Company officials stated that after recent updates, the company's next goal is the creation of the fully decentralized WalletConnect Network, a fully interoperable chain that enables users to easily use and integrate their apps with other blockchains,
- The company intends to use the funds to accelerate growth and expand its team.
- Wallet Connect is based in New York.
| |
Mental health in the cybersecurity industry is worsening, and stress levels in the sector may surpass those of frontline workers, according to a new report. Cybersecurity professionals scored worse than the general population in a health-assessment test. More: - The study was conducted by an Australian health organization named Cybermindz, with Dr. Andrew Reeves, the group's director of organizational and behavioral research, leading it.
- According to the study, these results derive from the fact that cybersecurity professionals have the responsibility of protecting key resources such as water, energy, telecommunications, healthcare, financial services, food distribution, and transportation.
- Furthermore, a single failure from a cybersecurity professional can affect millions of people and become news, making them feel as if people are ungrateful toward their contribution to the general safety and well-being of the community they serve.
- Cybersecurity companies have backed the claims, saying that they are seeing more resignations than ever before.
- According to studies, one-third of cybersecurity professionals have thought about quitting their job in the next 24 months.
- The increased number of cyberattacks has also caused future employees to refuse jobs before even getting them, as they do not want to join a cohort of professionals that is increasingly more stressed with each passing year.
| |
Quick Hits: - Whether you’re planning to travel, or just feeling the itch to learn something new, now’s the time to start speaking a new language with Babbel. Plus, for a limited time you can get 55% off.*
- Springfield Technical Community College has received a $1.46M state grant to establish a Cybersecurity Center of Excellence.
- The UK’s data protection regulator has reduced a fine imposed on the Cabinet Office last year after a major breach. The government will now have to pay $56,000, down from $568,000.
- CISA has announced its new guideline for critical infrastructure. The guideline will set a list of base rules that all federal institutions responsible for critical national infrastructure must follow.
- Traditional dog food is packed with harmful filler ingredients. Vet Approved healthy dog food brand “Nom Nom” is offering 50% off a two-week trial to ensure your pup is happy and healthy.*
*This is sponsored content. | |
Upcoming events at Inside: - November 09 - Synthetic data for more efficient, robust and ethical model development - Live AMA with Yashar Behzadi (CEO and Founder of Synthesis AI)* (Register Here)
- November 11 - Meet Our Fund 4, The Replays (Register Here)
*This is a sponsored listing. | |
| | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Security Compass delivers best-practice, role-based, accredited eLearning solutions. | |