When organizations are attacked by ransomware, only a little more than half are able to recover their data using a backup. This begs the question, “What about the rest? Why might they be unable to recover?” One reason may be that their backup data has been compromised. Backups are a hot target for hackers. If they can get to an organization’s backup data, they have far more leverage.
We decided to try to run a well-known Remote Access Trojan (RAT) called Remcos used by FIN7. This tool has been around for some time and has a reputation for being stealthy and effective in controlling compromised hosts. Sold as a remote computer monitoring tool, this tool has plenty of features that can allow an operator behind the control to do multiple operations against a compromised system.
JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in one of the utilities shipped with Tensorflow, a popular Machine Learning platform that’s widely used in the industry. The issue has been assigned to CVE-2021-41228. This disclosure is hot on the heels of our previous, similar disclosure in Yamale which you can read about in our previous blog post.
As India embraces the digital transformation and aligns with post pandemic lifestyle, working from home, shopping online, and managing money digitally has conveniently become a routine for us. This quick shift in the industry wouldn’t have been possible without quick regulatory advancements by government. Giving convenience a priority, critical functions like opening a bank account, lending a loan, large transactions, are now possible on fingertips.
A few months ago, I wrote a blog on “SASE as a Service” that described how managed services providers (MSPs) can be a catalyzing force for transforming to SASE and bridging the gap between networking and security teams. Since then, AT&T has released a series of managed SASE offers that bring together intelligent networking and cloud-based security in support of our customers.
Discover how to get started with Falco to overcome the challenges of implementing runtime security for cloud-native workloads. If you are adopting containers and cloud, you are probably enjoying benefits like automated deployments and easier scalability. However, you may also find that when it comes to security, this is a whole new world with new rules, and traditional security tools struggle to keep up. As a new paradigm, cloud-native environments need new cloud-native tools.
Organizations are increasingly concerned about cybersecurity risks and with good reason. Risks are constantly changing; take this last year, for example, the pandemic lockdown meant many knowledge workers went remote, which in turn increased the vulnerability of remote desktop services by 40%, saw criminals targeting end-users, and caused phishing and ransomware scams to boom. And then there’s the bottom line.
Many high-growth technology startups are pressured to deliver applications to market ahead of fast-moving competitors. It’s all too easy to allow a “we’ll get to that eventually” mentality to creep in when competing priorities appear to force a tradeoff with development velocity. This introduces unnecessary risks, but they can be mitigated by implementing an effective AppSec program that involves the right tools, processes, and mindset.
On 3rd November, Bleeping Computer reported that the BlackMatter Ransomware-as-a-Service group had posted a message alerting users that its operations were ceasing within 48 hours. The message advised affiliates to obtain their decryption keys so that they could continue to extort current victims.
