Racoon and Vidar malware variants are being spread by fake domains that pretend to sell cracked software. The campaign has been active since 2020. More: - The campaign uses hundreds of fake domains that redirect users to a series of infected links.
- Once the users click the links, they are infected with a payload that is hosted on GitHub.
- The payload downloads an infected ZIP file that, if uncompressed, installs either Racoon or Vidar malware.
- Racoon and Vidar enable threat actors to steal information from devices, web browsers, cryptocurrency tablets, etc.
- The campaign was tracked by the French cybersecurity company SEKOIA.
| |
A U.S. court has decided that the victims of the BitConnect fraud must be paid $17M. The money will be distributed to around 800 individuals. More: - BitConnect was a scheme where its operators essentially convinced internet users that they would be paid back multiple times what they invested if they gave their money to a fake trading bot.
- The fraud affected 4,000 individuals located in dozens of different countries globally.
- The operators behind BitConnect are believed to have stolen over $2B, with its founder having fled to India in 2022.
- He could face up to 70 years in prison if he were to be brought to a U.S. court.
| |
 A message from LACEWORK Discover cloud insights and harden your security posture In the latest installment of the Cloud Threat Report series, Lacework Labs covers the significant increase in efficiencies used by cybercriminals. Get insights into these trends that cover how: - Attackers are automating key discovery and exploits, taking advantage of momentary mistakes
- Simple mistakes turn into misconfigurations that attackers use to compromise your cloud identity infrastructure
- Vulnerabilities continue to stick around for months (sometimes even years) and attackers quickly exploit any new vulnerabilities
- Cryptojacking continues to be a staple in cybercriminal tool belts
Discover detailed intelligence about ongoing infrastructure compromise activities and best practices for hardening your cloud security posture. Read the Lacework Labs Cloud Threat Report, Vol. 4 today. get the report
| |
GitHub is set to launch a new machine learning tool based on CoPilot named GitHub Code Brush. The tool aims to help developers detect bugs and fix their code easily. More: - GitHub Code Brush aims to help developers with issues such as bugs, compatibility, overall code efficiency, etc.
- The tool could be a help for developers in terms of security, but the software has faced criticism and has even been the subject of a legal dispute due to its code-scanning features. Developers have claimed that the tool scans their code without their approval.
- In order to use the tool, users will have to pay for a CoPilot license which costs $10 per month.
- GitHub claims that Code brush was created to empower developers and not automate their role.
- GitHub and ChatGPT count Microsoft as a parent company and investor, respectively.
| |
German arms company and cyber giant Rheinmetall has acquired a stake in hardware company Incooling B.V. The investment amount remains undisclosed so far. More: - Rheinmetall stated that this acquisition would be used to boost its Sensors & Actuators division.
- Rheinmetall is a publically traded company based in Dusseldorf, Germany. The company is active in the cybersecurity space, having won an innovation prize in 2020 for its solutions in cybersecurity.
- The company is also known for the production of military vehicles, autocannons, anti-aircraft systems, etc.
- The company was founded in 1889.
- Incooling BV is a Dutch company known for creating solutions for servers, automation, sensors, alternative mobility, and artificial intelligence.
- The company is based in Eindhoven and was founded in 2019.
| |
 A message from GUSTO Take care of your employees with the #1 payroll and HR platform. What if running payroll took a few clicks instead of a few hours? What if offering benefits was actually easy? What if employees could access their paychecks, W-2s, benefits information, and even money management tools from one well-designed, easy-to-use account? Gusto was built for the people behind incredible businesses like yours. - Next-day payroll with tax filing and easy direct deposits
- No-cost, low-cost, and premium benefits (with automatic calculations and deductions)
- Smart job posts, applicant tracking, offer letters, and onboarding checklists
- Access to certified HR experts for guidance and compliance support
Save time and peace of mind with Gusto’s powerful tools and clear, honest pricing. Setting up your account is free and you won’t pay a cent until you’re ready to run payroll. Join Gusto
| |
Sprinque has raised a $6.4M funding round to provide pay-by-invoice technology for B2Bs. Connect Ventures led the funding round. More: - Sprinque aims to solve B2B transaction issues between buyers and suppliers. When a company buys something online, suppliers hesitate to start manufacturing the product until they receive payment, while sellers have to wait for a few weeks to be able to provide an invoice.
- The company believes that it can solve this problem by providing a pay-by-invoice solution where suppliers and sellers can transact through a white-label API software solution.
- At the time the transaction is confirmed, Sprinque's software runs a security check that it claims to be 95% accurate and determines if the payment is likely to be sent or not.
- Kraken Ventures, Inference Partners, and SeedX also participated in the funding round.
- Sprinque is based in Amsterdam, Netherlands.
| |
Quick Hits: - Enjoy 50% off your first month when you join the Athletic Club. Get award-winning brews delivered monthly and perks like early access + free shipping!*
- Security researchers are set to release a patch for CVE-2022-47966, a security flaw that affects ManageEngine servers.
- The Vice Society ransomware gang has claimed responsibility for a previous cyberattack on the University of Duisburg-Essen. The university continues to say that it will not pay a ransom under any condition, even though the cyberattack has shut down most of its digital infrastructure.
- Researchers from cybersecurity company Avast have released a free decryptor for Bian Lian. The latter is ransomware written in GO, known for its ability to quickly encrypt all of the files that are located in a device.
- As your business grows, so does the number of employees and the information they have access to. In this short video, security experts at Vanta demystify access reviews.*
*This is sponsored content.
| |
Upcoming events at Inside: - January 12 - AMA with Gun.io - Building and managing software development teams w/ Deividi Silva (Watch On Demand)
- January 13 - AMA with LinearB - Improving workflow for developers w/ Ori Keren (Watch On Demand)
- January 16 - Inside Marketing Coffee Break (Register Here)
- January 18 - Inside Interview with Lacework - 4 Common Attack Paths in Cloud Security (Register Here)
- January 25 - Amanda Natividad speaks on zero-click content, how to measure it, and other trends to keep tabs on in 2023. (Register Here) *
- January 26 - Growth Experimentation Workshop: From Strategy to Process by GrowthHackers.com (Register Here)
- February 23 - Startups Book Club, February 2023 (Join The Club)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
| |
