Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

US Cyber Command
Cyber Security Data Data Safety Hackers Safety US Cyber Command

The US Cyber Command is Deploying Experts Abroad to Assist Collaborators in Detecting Hackers

 

The US government's Cyber National Command Force (CNCF) is deploying professionals abroad in "hunt forward" operations to assist partner countries in tackling cybercrime and has undertaken 47 operations in 20 countries in the last three years. Though this could aid the global fight against cybercriminals, one expert believes it should be supplemented by increased data sharing between the US and its allies. 

The CNCF's commander, Major General William Hartman, unveiled details of the operations during a speech at the RSA security conference in San Francisco on Monday.   The US actions were carried out at the request of the partner countries, according to Hartman, who added that the CNCF recently sent 43 of its specialists to Ukraine to the cyber battle against Russia.

Emily Taylor, CEO of Oxford Information Labs and a Chatham House associate fellow, praised the CNCF's actions. On Monday, she spoke before Parliament's National Security Strategy Committee as part of a hearing on the subject of ransomware, emphasizing the significance of international data sharing.

“Barriers to the free flow of evidence across borders” need to be removed to compile cases against these criminals quickly, she told the committee. “If there can’t be international cooperation on cyber crime, then there must be some sort of response from the international community that does abide by the rules,” Taylor added.

While countries like Russia are unlikely to prosecute their own cybercriminals, other countries must be able "to call them out for failing" to do so, according to Taylor. 

Taylor added. “International cooperation at this time is incredibly challenging, but we will need something if we actually want these criminals to go to jail,” she said. Other countries, including the United Kingdom, are carrying out similar operations. Last year, Foreign Office minister Leo Docherty told Sky News that UK spies were "already on the frontline" assisting Ukraine's efforts to repel Russian forces.

Taylor believes that more cross-border sharing of digital evidence will be necessary to connect these missions.

“The US, EU and UK are really close allies, you shouldn’t be able to put a piece of paper between them, let alone have international cyber crime investigations thwarted because of lack of data sharing or lack of confidence,” she said.



Read more »
Safety
Company Security Cyber Security Data Ransomware Safety

DDoS is Emerging as the Most Important Business Concern for Edge Networks

 

Businesses are particularly concerned about distributed denial-of-service (DDoS) attacks because they believe they will have the most impact on their operations. This was one of the key conclusions of AT&T's "2023 Cybersecurity Insights Report," which was based on a poll of 1,418 people. AT&T Business's head of cybersecurity evangelism, Theresa Lanowitz, describes the perceived risk and surge in concern about DDoS assaults as "surprising."

She adds, "With edge, the attack surface is changing, and taking down a large number of Internet of Things (IoT) devices can have a significant impact on the business, The near real-time data created and consumed by most edge use cases make DDoS attacks attractive. By its definition, a DDoS attack will degrade a network and response time. Those who have not invested in DDoS protection are indicating the timing is right to do so."

According to the report, ransomware dropped to eighth place out of eight in terms of perceived likelihood of attack type. Nonetheless, Lanowitz observes that over the last 24 months, organizations of all sizes have invested in ransomware prevention.

"However, ransomware criminals and their attacks are relentless," she warns. 

According to another research, cyber adversaries may cycle with the rise and decline of different sorts of attacks. Operating systems embedded in edge IoT devices make it more expensive for a financially motivated adversary to target the device with ransomware, explains Lanowitz.  

She further noted, "It is far more time intensive to write and deploy destructive code for an IoT device running a derivative of a version of Linux than to target a Windows-based laptop."

One of the most pleasantly surprising results in the report, she says, is how organizations are investing in security for an edge: security funds have grown to 22% of overall project costs, allocated evenly with strategy.

"We asked survey participants how they were allocating their budgets for primary edge use cases. The results show that security is clearly an integral part of the edge, and that security is being planned for proactively, " she explained.

She cited survey results indicating that apps, as well as much-needed security for ephemeral edge applications, are included in the overall plan for edge project funding. The expected outcome of what the edge delivers is shifting how organizations budget, plan, and think about focusing on a digital-first business, Lanowitz continues.

Another surprising finding from the survey is that globally, the likelihood of a compromise and impact to the business decreased by 28% and 26%, respectively.

She added, "Perhaps this is a case of irrational exuberance, but our qualitative analysis proves that with the edge there is far more communication and collaboration. Communication, cross-functional work, the line of business leading edge investments, and the use of trusted advisors all play a role in more optimism regarding catastrophic security events."

"Edge computing, with its changing attack surface, means the adversaries are seeing things differently," Lanowitz says. "Likewise, businesses must take that same view of an expanded attack surface, potential new threats, or potential increases in existing threats."

The report comes as DDoS attacks continue to make headlines, with the German government reporting that the Killnet DDoS knocked German websites offline temporarily, and the Serbian government reporting that it prevented five attempts aimed at destroying Serbian infrastructure.

KillNet, a pro-Russian hacktivist group that runs campaigns against countries that support Ukraine, has recently increased its daily DDoS attacks targeting healthcare organizations. In November 2022, over 50 of the most popular platforms available for hire to execute distributed DDoS assaults against important Internet infrastructure were shut down and their operators were arrested as part of Operation Power Off, a large multinational law enforcement sweep.

Read more »
User Privacy
Android Malware data security File Encryption Mobile Security Ransomware User Privacy

Beware of This Dangerous Android malware As It Can Hold Your Phone Hostage

 

A brand-new Android malware has been discovered in the wild that is capable of evading antivirus apps, stealing a tonne of private and financial information, and even encrypting all of the contents on an infected smartphone by using ransomware. 

According to a recent report from the cybersecurity company CloudSEK, this new Android malware, known as "Daam" by its experts, poses a serious threat to the greatest Android phones due to its advanced capabilities. 

As of right now, CloudSEK has discovered the Daam malware in the APK or Android app installation files for the Psiphon, Boulders, and Currency Pro apps, which appear to be sideloaded apps that the Daam malware uses to infect Android smartphones. Psiphon is a VPN programme; Boulders is a smartphone game; and Currency Pro is, as its name implies, a currency converter. 

Your Android phone may be infected with the Daam malware if you installed any of these apps via sideloading rather than through approved app stores like the Google Play Store. The malware can evade detection by antivirus software, and it may already have locked the files on your smartphone by using ransomware, so there may not be a simple remedy. 

File encryption 

The Daam malware is quite complex and has a variety of features intended to steal your data and jeopardise your privacy. For instance, the malware is capable of recording all active VoIP and phone calls, including WhatsApp calls. However, it can also steal your smartphone's files and even contacts. Surprisingly, the Daam malware can not only collect information from your existing contacts but also from newly added contacts. 

The hackers behind this malware campaign's command and control (C&C) server get all of the data that Daam has stolen before sending it back. It's important to note that after installation, dangerous apps used to spread malware request access to private device permissions in order to virtually completely control your Android smartphone. 

As if having all of this private information stolen wasn't bad enough, the Daam malware also encrypts all of the files on an infected Android smartphone using the AES encryption algorithm without getting permission from the user. The device password or PIN on a smartphone can also be changed at the same moment, locking you out totally. 

Mitigation tips

Normally, protecting yourself from mobile malware would only require installing one of the top Android antivirus programmes and turning on Google Play Protect on your phone. 

In this instance, though, the Daam malware was made to evade antivirus apps. Because of this, the best method to safeguard yourself against it is to be extra cautious while downloading new programmes. Although sideloading apps may be practical, doing so puts your Android smartphone at risk of becoming infected with malware. For this reason, you should only download apps from authorised Android app shops. Similar to this, you should still read reviews and check an app's rating before installing it because bad apps occasionally manage to get past Google's security checks.

At the same time, you should refrain from clicking any links sent to your smartphone by email or text message from unidentified senders. These links may take you to malicious websites that could trick you into installing malware or use phishing to collect your information. 

Although the Daam malware is relatively new, it is already quite capable of data theft and making life tough for Android smartphone owners. Because of this, we'll probably continue to hear about it.
Read more »
Vulnerabilities and Exploits
Cyberattacks Cybercrimes Google Docs Google Drive malicious Vulnerabilities and Exploits

Attackers Can Hide Malicious Apps Using the Ghost Token Flaw

 


The Google Cloud Platform (GCP) has recently been patched against a zero-day vulnerability called GhostToken, which allowed attackers to infect the platform to create an invisible and irrecoverable backdoor. A malicious attacker could exploit this flaw and gain access to a victim's account. 

By exploiting this flaw, he could also manipulate their data and documents within Gmail or Google Docs. As a result, the victim is completely unaware that this is taking place. By the name GhostToken, the issue has been identified by Israeli cybersecurity startup Astrix Security. The issue affects all Google accounts, including enterprise accounts. From June 19 through June 20, 2022, this issue was discovered and reported to Google. More than nine months after the global patch was released on April 7, 2023, the company deployed a global update. 

According to a recent post by Astrix Security, the GhostToken zero-day vulnerability could allow malicious apps to be installed in the target Google Cloud via the GhostToken zero-day vulnerability. 

The flaw allows attackers to hide their malicious apps from the victim's "Application Management" page in their Google Account to hide them from view by a user logged in to their Google Account. A user is unable to revoke access by doing this. This prevents them from doing so. By doing this, it is ensured that the GCP project associated with the OAuth application that they have been authorized to use remains in a state that says "pending deletion" by deleting it. A threat actor equipped with this capability could restore the project. After restoring it, the rogue app is visible again. As well as gaining access to the victim's data, he could make it invisible again by using the access token to obtain it himself. 

An adversary or attacker could exploit the GhostToken vulnerability to access sensitive information in the target account's Google Drive, Calendar, Photos, Google Docs, Google Maps (location data), and other Google Cloud Platform services provided by the target account. The technical team discovered the vulnerability in June 2022, reported it to Google, and asked them to fix it. Despite acknowledging this problem in August 2022, Google did not release a patch until April 2023. This is despite acknowledging the flaw in August 2022. 

The bug was patched before it was exploited by an active user, enabling Google to release the fix before it was exploited. In the users’ app management option, there is an option to show OAuth application tokens for apps scheduled for deletion as part of the patch. 

Despite the tech giant's fix, Google users must also check their accounts to determine whether there are any unrecognized apps. Additionally, to prevent any risk of damage to their devices, users should ensure that third-party apps have minimal access permissions.

A patch released by Google has been rolled out to address this issue, and it now displays apps in a pending deletion state within the third-party access section of the website. As a result, users can uninstall such apps by revoking their permissions.

There was a vulnerability in Google Cloud's Cloud Asset Inventory API that led to privilege escalation, known as Asset Key Thief, which has now been fixed. Using this vulnerability, users can steal private keys for use in Service Accounts, allowing them to access valuable data they manage. The software giant patched the issue discovered by SADA earlier this month, on March 14, 2023, two months after discovery.
Read more »
Privacy
AI Chatbot API Attack Automated accounts CDN Cloudfare Data Fraud Firewall Privacy

Automated Bots Pose Growing Threat To Businesses

The capability to detect, manage, and mitigate bot-based requests has become of utmost importance as cyber attackers become more automated. Edgio, a company created by the merging of Limelight Networks, Yahoo Edgecast, and Layer0, has unveiled its own bot management service in response to this expanding threat. In order to compete with competing services from Web application firewall (WAF) providers and Internet infrastructure providers, the service focuses on leveraging machine learning and the company's Web security capacity to enable granular policy controls.

Bot management is not just about preventing automated attacks, but also identifying and monitoring good bots such as search bots and performance monitoring services. According to Richard Yew, senior director of product management for security at Edgio, “You definitely need the security solution but you also want visibility to be able to monitor good bot traffic.” In 2022, for example, the number of application and API attacks more than doubled, growing by 137%, according to Internet infrastructure firm Akamai. 

The impact of bots on businesses can be seen in areas such as inventory-hoarding attacks or ad fraud. As a result, bot management should involve all aspects of an organization – not just security. Sandy Carielli, principal analyst at Forrester Research noted that “bot management is not just about security being the decision-makers. If you're dealing with a lot of inventory-hoarding attacks, your e-commerce team is going to want to say in. If you're dealing with a lot of ad fraud, your marketing team will want to be in the room.”

Bot management systems typically identify the source of Web or API requests and then use policies to determine what to allow, what to deny, and which requests represent potentially interesting events or anomalies. Nowadays, 42% of all Internet traffic comes from automated systems — not humans — according to data from Imperva. To deal with this, Edgio inspects traffic at the edge of the network and only allows ‘clean’ traffic through its network. This helps stop attacks before they can impact other parts of the network. Content delivery networks (CDNs) such as Akamai, Cloudflare, and Fastly have also adopted bot management features as well.

Bot management is clearly becoming a more crucial issue for enterprises as automated attacks increase in frequency. Organizations require all-encompassing solutions to address this issue, involving teams from marketing, security, and e-commerce. Employing such technologies enables organizations to safeguard their resources from dangerous bot attacks while keeping track of reputable good bots. 


Read more »
Security
Cyber Data Cyber Security Data Industrial Espionage Safety Security

Industrial Espionage: Here's All You Need to Know

 

Cyberattacks are actively guarded against by all responsible firms. However, one security concern that many firms ignore is industrial espionage. Industrial espionage and cyberattacks are frequently carried out for the same reason: to steal confidential information. 

Industrial espionage, on the other hand, is carried out by a corporate competitor rather than a random hacker. Industrial espionage is the theft of confidential information from a company in order to gain a competitive edge. It can take many forms, but the most sophisticated attacks include an employee of the company being targeted. A rival may try to hire someone at the target company, or they may approach an existing employee and offer them money in exchange for information.

Competitive Intelligence vs. Industrial Espionage

Competitive intelligence and industrial espionage are not the same thing. Both methods entail gathering information about the competition. Competitive intelligence, on the other hand, is only conducted legally. A company performing competitive intelligence takes advantage of publicly available information on the internet. It does not include any kind of surveillance or unlawful conduct. Industrial espionage entails gathering any knowledge that may be profitable.

Industrial espionage targets any information that could be profitable, such as upcoming product details, financial information, client lists, and marketing strategies. Obtaining such information can provide a competitive edge by allowing a business to improve its own products, offer better deals to providers and employees, undercut prices, damage reputation, or copy and release similar marketing strategies. Client information can also be used to identify potential customers and pricing strategies and marketing information can be used to promote similar products or compete with effective strategies.

In order to protect against industrial espionage, all businesses should take the following precautions.
  • Invest in Cybersecurity
  • Encrypt All Private Data
  • Increase Physical Security
  • Require Confidentiality Agreements
  • Prevent Insider Threats
Most businesses should protect themselves against industrial espionage. Every company has information that could be useful to its competition. There are also numerous ways it might be stolen. While insider threats are the most effective means to steal information, physical trespassing is frequently simple and effective. Cyberattacks are another formidable tool that certain competitors may use.

To protect against industrial espionage, all firms should be cautious about who they hire, keep an eye out for displeased employees, secure physical locations, and adopt cybersecurity.
Read more »
Turla
APT Group Cyber Attacks CyberCrime Cyberspace Government attacks LNKs malware Tomiris Turla

APT Groups Tomiris and Turla Target Governments

 


As a result of an investigation under the Advanced Persistence Threat (APT) name Tomiris, the group has been discovered using tools such as KopiLuwak and TunnusSched that were previously linked to another APT group known as Turla. 

Positive results are the result of an investigation conducted into the Tomiris APT group. This investigation focused on an intelligence-gathering campaign in Central Asia. As a possible method to obstruct attribution, the Russian-speaking actor used a wide array of malware implants that were created rapidly and in all programming languages known to man to develop the malware implants. A recently published study aims to understand how the group uses malware previously associated with Turla, one of the most notorious APT groups. 

Cyberspace is a challenging environment for attribution. There are several ways highly skilled actors throw researchers off track with their techniques. These include masking their origins, rendering themselves anonymous, or even misrepresenting themselves as part of other threat groups using false flags. Adam Flatley, formerly Director of Operations at the National Security Agency and Vice President for Intelligence at [Redacted], explains this in excellent depth. Adam and his team can determine their real identities only by taking advantage of threat actor operational security mistakes. 

Based on Kaspersky's observations, the observed attacks were backed by several low-sophisticated "burner" implant attacks using different programming languages, regularly deployed against the same targets by using basic but efficient packaging and distribution techniques as well as deployed against the same targets consistently. Tomiris also uses open-source or commercial risk assessment tools. 

In addition to spear-phishing emails with malicious content attached (password-protected archives, malicious documents, weaponized LNKs), Tomiris uses a wide range of other attack vectors. Tomiris' creative methods include DNS hijacking, exploiting vulnerabilities (specifically ProxyLogon), suspected drive-by downloads, etc. 

To steal documents inside the CIS, the threat actor targets governments and diplomatic entities within that region. There have been instances where victims have turned up in other regions (overseas as the Middle East and Southeast Asia) only to be foreigners representing the countries of the Commonwealth of Independent States, a clear indication of Tomiris's narrow focus on the region. 

An important clue to figuring out what's happening is the targeting. As Delcher explained, Tomiris focuses on government organizations in CIS, including the Russian Federation. However, in the cybersecurity industry, some vendors refer to Turla as a Russian-backed entity. A Russian-sponsored actor would not target the Russian Federation, which does not make sense. 

According to Delcher, it is not simply an educational exercise to differentiate between threat actors and legitimate actors. A stronger defense can be achieved through the use of such software. There may be some campaigns and tools that need to be re-evaluated in light of the date Tomiris started utilizing KopiLuwak. In addition, there are several tools associated with Turla.
Read more »
User Safety
Canada Government Data Leak Data Privacy Tech Firms Technology User Safety

Canada Attempts to Control Big Tech as Data Gets More Potent

 

Whether you're booking a flight, opening a new bank account, or buying groceries, a select few well-known brands control the majority of the market. What this means for the nation's goods—and prices—is examined in the Canadian Press series Competition Ltd. 

Marc Poirier co-founded the search management platform Acquisio 20 years ago, but he will never forget how Google sparked the company's decline. 

It was 2015. The tech behemoth had recently reorganised its companies under the Alphabet brand and was assessing whether recent pushes into riskier projects like self-driving vehicles, internet-beaming balloons, and smart city infrastructure could match the success of its search engine business. The Brossard, Quebec-based business of Marc Poirier was in a lose-lose situation as advertising income and growth stagnated and the company felt pressure to increase earnings.

“I experienced first-hand Google going from partner to fierce competitor,” Poirier stated. “They started selling the same stuff that we built.” 

Sales growth at Acquisio, which sold software to assist advertisers manage bids and budgets for Google, Yahoo, and Microsoft search campaigns, abruptly came to a halt before starting to decline. Poirier began to consider selling, and in 2017 he finally did so through a contract with Web.com. 

Regulators all across the world have made controlling Big Tech a primary priority because of incidents like Poirier's and growing worries about the sheer scale and influence that tech companies have over users, their privacy, communications, and data. 

Google declined to comment on Poirier's particular situation, but spokesman Shay Purdy pointed out that Alphabet underwent significant changes between 2015 and 2017, including its complex restructuring, and claimed that external factors at the time included an economic downturn following a spike in oil prices. 

Many people are expecting that an ongoing review of the country's Competition Act would level the playing field for digital businesses, even as Canada moves closer to new legislation that will shift some revenue from social media giants to news publishers and better safeguard consumer privacy. 

It's not simple, though, to look into and dismantle monopolies in a sector that is constantly changing and formerly functioned under the motto "move fast and break things" popular in Silicon Valley. Tech companies, aware that regulators are following on their heels, are making the work even more difficult. 

The Competition Bureau, Canada's monopoly watchdog, has been given a lot of the job. It has looked into issues including Ticketmaster's deceptive price advertising, Thoma Bravo's acquisition of the oil and gas software business Aucerna, Amazon's market dominance, and other issues. But if real reform is to take place, according to the bureau and tech observers, the federal government must give the regulator additional authority. 

Collecting evidence of anti competitive behaviour is frequently the bureau's first obstacle. Technology companies are known for keeping their operations under wraps, depending on strong non-disclosure agreements and limiting personnel access to prevent product leaks before buzzy releases or competitors gaining an advantage over them. 

In order to make it more difficult to trace a paper trail, Krista McWhinnie notices companies becoming progressively more deliberate about how they record their decision-making or take any action that even seems to hint at anticompetitive purpose. 

“That alone can stop us from being able to remedy conduct that is having potentially quite a big impact in the market,” stated the deputy commissioner of the bureau’s Monopolistic Practices Directorate. 

It is insufficient to justify action under Canadian competition laws, even if the bureau has evidence that a company's practices are seriously hurting competition. Additionally, the bureau must show that a corporation planned to engage in anticompetitive action as well, which is "a very high bar" and "relatively unusual" in other nations. 

According to McWhinnie, "that's frequently a really difficult task that requires a lot of resources." It takes a lot of time, which is one of the factors contributing to the difficulty in bringing these cases quickly. The bureau has come under fire in recent months for moving too slowly on an examination of Google's possible involvement in anti-competitive practices in the online display advertising market, which is set to begin in October 2021. 

The investigation is predicated on the hypothesis that Google's hegemony in online advertising may be limiting the development of rivals, leading to higher costs, less variety, and less innovation, as well as harming advertisers, news publishers, and consumers. 

“Every day that Google is allowed to monopolise ad revenue, more harm is inflicted on the Canadian news industry, which has a negative impact on democracy as a whole,” stated Lana Payne, Unifor’s national president, in a press release. 

Google pointed The Canadian Press to a research on the economic impact of its services, which showed that the use of its search, cloud, advertising, and YouTube products generated $37 billion in revenue for Canadian companies, non-profits, publishers, creators, and developers. More than the total economic impact of the forestry and aviation industries, this is equal to 1.5% of Canada's gross domestic product, according to the statement.

Jim Balsillie, a former BlackBerry CEO and current head of the Council of Canadian Innovators, feels that Canada's problems with competition are caused by a lack of tools and a subpar approach to defending consumer rights in the digital age. The sheer quantity and specificity of consumer data that many large internet companies collect, together with their ability to use AI to mix it with that data to glean personal insights and sway public opinion, is what gives them their power and control.

Data gathering isn't only a Big Tech strategy. Balsillie cites pharmacies as having reams of health information on customers, cellular providers as knowing your whereabouts to within 10 metres, and banks as knowing what you're buying. 

According to Jennifer Quaid, estimating the potential worth of all that data—a crucial component of figuring out whether businesses are engaging in anticompetitive behavior—is not an easy task.

It's challenging to quantify the effects of mergers or tech company policies on innovation, creativity, and consumer behaviour, especially when the company deals in data "that isn't necessarily valuable at the time but ends up becoming valuable when it's aggregated with other information," said the competition law professor at the University of Ottawa's Civil Law Section.

Quaid and Balsillie concur that the problem would be made simpler if the Competition Bureau had a wider array of tools at its disposal, enabling it to impose more significant fines and overhauling some of the regulatory regimes that have allowed some monopolies to flourish unchecked.
Read more »
Vulnerabilities and Exploits
Crypto Crypto heist DeFi Hack North Korean Hackers United States Cyber Security Vulnerabilities and Exploits

OFAC Takes Action Against Accused Providing Material Support To North Korean Hackers

 

The U.S. Treasury Department has recently identified three over-the-counter (OTC) cryptocurrency traders in China and Hong Kong, as well as a China-based banker, who is believed to have assisted North Korea’s Lazarus Group in converting stolen crypto into fiat currency. The Department of Foreign Assets Control (OFAC) took action against the accused for providing material support to the North Korea-based Lazarus hacking group.

North Korea’s Lazarus Group is a notorious hacker group responsible for some of the largest crypto heists in recent years. According to OFAC’s report, the group is linked to illicit financial and cyber activity that supports North Korea’s development of weapons of mass destruction (WMD) and ballistic missile programs.

Under-Secretary of the Treasury for Terrorism and Financial Intelligence, Brian E. Nelson stated that North Korea’s operations to raise funds for WMD and ballistic missile programs directly threaten world security and cited three intercontinental ballistic missiles launched by North Korea this year as evidence of the same.

Chainalysis, a blockchain analysis firm, estimates that North Korean hackers such as the Lazarus Group have stolen an estimated $1.7 billion in cryptocurrencies in 2022 alone through numerous breaches traced to them. Moreover, they were one of the major forces behind the DeFi hacking trend, stealing $1.1 billion in DeFi protocol attacks. 

The accused individuals were allegedly involved in obtaining cryptocurrencies from North Korean citizens who were fraudulently undertaking IT services in other countries and then directing OTC traders to transfer funds to front firms for purchasing items such as tobacco and communication equipment. 

The actions taken by OFAC against those who provided material support to the North Korean hackers serve as a warning that cyber security vulnerabilities must be addressed at all times and malicious actors will be held accountable for their actions. 
Read more »
ToolKit
DNS Flaw malware Remote Access Software Sensitive data ToolKit

Decoy Dog Malware Toolkit: A New Cybersecurity Threat

 

A new cybersecurity threat has been discovered that could potentially put millions of people at risk. According to a report from Bleeping Computer, researchers have found a new malware toolkit called 'Decoy Dog' after analyzing 70 billion DNS queries. The malware toolkit was discovered by a team of researchers who were looking for new ways to protect against cyber attacks.

The Decoy Dog malware toolkit is an advanced cyber attack tool that allows hackers to access and control computer systems remotely. It is a modular tool that can be customized to fit the specific needs of an attacker. The malware is also capable of evading traditional security measures such as firewalls and antivirus software.

The researchers found that the Decoy Dog malware toolkit is being distributed through various channels such as email, social media, and file-sharing sites. Once the malware is installed on a victim's computer, it can be used to steal sensitive information such as login credentials, financial data, and personal information.

One of the ways that the Decoy Dog malware toolkit is able to evade detection is through the use of a tool called Pupy. Pupy is a remote access tool that is used to control compromised systems. It is designed to be stealthy and can operate undetected by antivirus software.

The researchers warn that the Decoy Dog malware toolkit is a serious threat and that users should take steps to protect themselves. They recommend that users keep their software up-to-date and avoid opening suspicious emails or downloading files from untrusted sources. They also suggest that users should use reputable antivirus software and regularly scan their systems for malware.

The Decoy Dog malware toolset poses a significant risk to cybersecurity, to sum up. It is an effective weapon for cybercriminals due to its modular design and capacity to bypass conventional security measures. Users must be on the lookout for these hazards online and take precautions to safeguard themselves.

Read more »
Server
cloud storage Cyber Security Data Data Safety data security Server

Cloud Storage: Is Stored Data Secure ?

 

The popularity of cloud storage is on the rise, both for personal and professional use. However, many people are concerned about the security of their data in the cloud. While some worry about the future-proofing of their cloud storage, others are concerned about the privacy of their personal information. 

Despite these concerns, the advantages of cloud storage in terms of convenience, scalability, and cost-efficiency make it a popular choice. Cloud storage involves storing digital data on remote servers and accessing it through an internet connection. This type of storage is fast, accessible from anywhere, easily scalable, and can serve as a backup in case of disaster. 

Additionally, third-party providers take care of server maintenance and security, freeing up the user's time for other tasks. Although security concerns exist, secure and affordable cloud storage services are available.

Cloud storage is a versatile option that can be utilized by both individuals and organizations. It offers various benefits comparable, and even superior, to traditional physical storage methods. While evaluating the security of cloud storage, it's important to consider its usefulness in providing added safety through features such as backups and the convenience it offers. it is used for:

  • Sharing Your Files With Ease
  • Cloud Disaster Recovery (CDR)
  • Backing Up Your Data
What Makes Your Data Safe in the Cloud?

Data stored on the cloud is generally more secure than stored on your hard drive. After all, cloud servers are housed in very secure cloud data centers that are constantly monitored.

So, how does cloud storage security work? What are the important security procedures in place to protect your data on the cloud?
  • Firewall-as-a-Service (FWaaS)
  • Round-the-Clock Monitoring
  • Encryption from beginning to end
  • AI-Powered Tools and Auto-Patching
While no system is perfect, cloud storage is surprisingly secure and more handy than on-site storage. All your data in the cloud is secured, continuously monitored, and safeguarded against cyber attacks. Even in the event of a disaster, your data will be preserved thanks to redundant servers.

Overall, cloud storage is a rather secure option for storing your data, and it's not going away anytime soon.
Read more »
Subscribe to: Comments (Atom)