 Fifty-two percent of U.K. cybersecurity professionals have said they are burned out and overwhelmed by their jobs in a new poll. Half of the respondents claimed they would quit in the next 12 months. More: - 93% of respondents said they've regularly missed personal commitments because of their jobs, while 34% said this happens most or all of the time.
- 52% of the surveyed cyber professionals stated that their team spends too much time dealing with unnecessary cybersecurity notifications.
- 48% of respondents claim that their team is fatigued mainly due to working on multiple tasks.
- In terms of what threat vectors are considered the riskiest, they ranked:
- 43% of them said malware,
- 38% said ransomware
- 38% said phishing,
- and 25% business email compromise.
- On average, companies left 27% of their cybersecurity budget unspent.
| |
Researchers have tracked new malware named Decoy Dog that helps hackers avoid detection. Decoy Dog's DNS fingerprint is extremely rare and unique among the 370 million active domains on the internet. More: - Decoy Dog helps threat actors evade standard detection methods, aiming to penetrate networks before switching to deploying malicious activity.
- Most communications from its C2 communication servers were tracked back to Russia.
- Researchers have concluded that the malware has similarities with Pupy RAT.
- Pupy RAT is an open-source toolkit used by several nation-state threat actors. The group can breach Windows, macOS, Linux, and Android systems.
| |
 A message from UPWAY Finding your ideal e-bike should be an easy ride. Upway, the #1 certified electric bike provider, believes there is an e-bike for everyone. Their mission is simple: top-notch quality at an affordable price. They source only from the top bike brands in the world. Here is what you need to know: - Upway carries both new and pre-owned e-bikes, all up to 60% off of retail prices.
- Their team of master mechanics professionally certifies each bike with a 20-point certification process, giving each bike a one-year warranty.
- Each bike comes fully assembled and ready to ride and is delivered to your doorstep within 2-5 business days.
Use code INSIDE for $200 off your next purchase of 500+. Browse e-bikes
| |
Papercut says hackers are attempting to breach its network through two previously tracked security flaws. The hacking campaign could affect over 100 million users in 75 countries. More: - The first vulnerability is tracked as CVE-2023-27350 and has a 9.8 CVSS ranking.
- The flaw could allow hackers to remotely execute malicious code on a server without having login credentials.
- The second security flaw is tracked as CVE-2023-27351 and has a CVSS ranking of 8.2 out of 10.
- Papercut has recommended its users update their software to PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11, and 22.0.9 and later.
- Some security reports claim that there are at least 1,800 exposed Papercut servers.
- While the threat actor responsible for this breach is unknown, analysts believe that the campaign may be tied to the Russia-backed hacker group Clog.
- The suspicions for this are based on the use of Truebot, which is often used by Clop.
| |
EvilExtractor malware activity in the U.S. and Europe is increasing, according to reports. The malware is sold as a RaaS for $59 per month. More: - EvilExctractor is marketed as a legal tool, but security researchers claim that it is mainly sold on hacking forums through a ransomware-as-a-service model.
- According to statistics, the use EvilExtractor spiked in March 2023 and was mostly used through phishing,
- The infection chain begins with a phishing email that contains an infected attachment. The attachment is made to look like a legitimate PDF or Dropbox file.
- When the target opens the file, a PyInstaller file is executed and launches a .NET loader.
- Finally, the EvilExtractor data-stealing module downloads three additional Python components named KK2023, Confirm, and MnMs.zip.
- The first program extracts cookies and password history from browsers.
- The second is a key logger that records the victim's keyboard strokes.
- The third program can activate the webcam, capture video or images, and upload the files to the attacker's FTP server.
| |
 A message from IMPACT Ready to grow your business through influencer partnerships? Get our great visual guide to the essential stages of influencer partnerships, and get more from your influencers from day one. Check Out The Infographic
| |
Token has raised a $30M funding round to provide biometric wearable rings. The funding is structured in convertible notes and was led by Grand Oaks Capital. More: - Token aims to provide a passwordless biometric wearable device that would help companies improve their security.
- The company sells its software solution as the next evolution in a post-Multi Factor Authentication world.
- Phishing attacks in the financial industry reached a record high in 2021, with more than 100,000 hacking incidents reported by the end of the year.
- According to the company, 65% of consumers used a password as their main authentication method, and 51% said they would rather use biometrics.
- Token says that its product stands a chance at gaining market share because it provides users security and a chance to log in without using a password, saving them time.
| |
NetRise has raised $8M to help companies detect cybersecurity threats in their supply chain. The company has raised almost $15M since its inception in 2020. More: - NetRise offers a cloud-based software-as-a-service platform that analyzes and continuously monitors the firmware of IoT devices.
- The company's platform enables device manufacturers and enterprise customers to detect, respond to, and prevent threats throughout their supply chains.
- The platform offers features such as:
- Robust inventory and querying,
- Holistic Risk Visibility,
- Compliance Adherence,
- Real-time tracking,
- Software bills of materials, etc
- Squadra Ventures led the funding round, with participation from Miramar Digital Ventures, Sorenson Ventures, and DNX Ventures.
- The company is based in Austin, Texas.
| |
Quick Hits: - Looking to excel with Google Cloud? The Google Cloud Cookbook offers step-by-step tutorials for practical, hands-on learning.*
- Google is taking down malware infrastructure linked to the Cryptbot info stealer.
- Microsoft is rolling out Phone Link for iOS to all Windows 11 and iPhone users.
- Texas-based risk management software platform Riscosity has raised $7M in a round led by S3 Ventures with participation from Secure Octane Investments and Firebolt Venture.
- The administrators of the Apache Superset software have released patches for previously tracked bugs that could lead to remote code execution.
- Brilliant’s bite-sized interactive lessons make it easy (but not too easy) to sharpen your math, data, and CS skills. Try it free for 30 days.*
*This is sponsored content.
| |
Upcoming events at Inside: - April 27 - Inside Marketing Coffee Break w/Jacob Bowman (Paloma Studios) (Register Here)
- April 27 - Inside.com Book Club - REWORK by 37signals (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
| |
