New Wave of 'Anatsa' Banking Trojans Targets Android Users in Europe
"Initially the [cleaner] app appeared harmless, with no malicious code and its
AccessibilityService not engaging in any harmful activities," ThreatFabric said.
"However, a week after its release, an update introduced malicious code. This
update altered the AccessibilityService functionality, enabling it to execute
malicious actions such as automatically clicking buttons once it received a
configuration from the C2 server," the vendor noted. The files that the dropper
dynamically retrieved from the C2 server included configuration info for a
malicious DEX file for distributing Android application code; a DEX file itself
with malicious code for payload installation, configuration with a payload URL,
and finally code for downloading and installing Anatsa on the device. The
multi-stage, dynamically loaded approach used by the threat actors allowed each
of the droppers that they used in the latest campaign to circumvent the tougher
AccessibilityService restrictions Google implemented in Android 13, Threat
Fabric said. For the latest campaign, the operator of Anatsa chose to use a
total of five droppers disguised as free device-cleaner apps, PDF viewers, and
PDF reader apps on Google Play.
CIO Gray Nester on fostering a culture of success
It’s easy to be courageous when you’ve already achieved more than you ever
thought you would. I don’t have to be afraid to fail because I’m successful in
the things that matter — my family. That’s where my love comes from. As a
leader, courage and always doing what’s right equate to being honest but also
being kind. There’s a difference between being honest and being truthful. As I
have the opportunity to coach people, I have to deliver hard messages, and those
are honest messages. I can be truthful with you and never address the
opportunity to improve. So, I think courage is the willingness to say things
that may not be popular but that help you achieve the goals and objectives
you’re capable of achieving. We all show up here every day for something
bigger than ourselves. If you believe in assuming positive intent and believe
that people show up every day to be successful, then if you can give them the
tough message, you have to believe they’re going to take that and do something
with it because feedback is a gift. That doesn’t mean that everybody will be
successful in that, but it’s our responsibility as leaders to go out and do
that. That may mean saying, ‘Hey, Business, you’ve got a really bad idea,
and this isn’t going to work, and let me tell you why.’
Navigating the Data Revolution: Exploring the Booming Trends in Data Science and Machine Learning
A significant trend in data science and machine learning revolves around
incorporating artificial intelligence (AI) to drive automation. Industries
across the spectrum are harnessing the potential of machine learning algorithms
to streamline everyday tasks, fine-tune processes, and boost efficiency. Whether
in manufacturing, healthcare, finance, or logistics, the wave of AI-powered
automation is fundamentally transforming the operational landscape of
businesses. ... Natural Language Processing (NLP) has taken center stage in the
expansive realm of machine learning. Thanks to strides in deep learning models
such as GPT-3, machines are rapidly evolving, displaying a remarkable
proficiency in deciphering and generating language that mimics human expression.
This transformative trend is reshaping how we engage with technology, from the
intuitive responses of chatbots and virtual assistants to the seamless
intricacies of language translation and content creation. ... The widespread
adoption of Internet of Things (IoT) devices has triggered a notable upswing in
data generation right at the edge of networks. A trend gaining significant
traction is the fusion of edge computing with decentralized machine learning
geared towards processing data near its source.
The Impact of Technical Ignorance
As most non-technical folks appear unable or unwilling to accept that software
is hard, our responsibility – for better or worse – is to show and explain.
Unique situations require adjusting the story told, but it is necessary – and
never-ending – to have any chance to get the organization to understand:
explaining how software is developed and deployed, demonstrating how a
data-driven organization requires quality data to make correct decisions,
explaining the advantages and disadvantages of leveraging open source solutions;
showing examples of how open source licenses impact your organization’s
intellectual property. Look for opportunities to inject background and substance
when appropriate, as education is open-ended and never-ending. ... Aside from
those employed in purely research and development roles, engineering/technology
for engineering/technology's sake is not feasible, as technology concerns must
be balanced with business concerns: product and its competitors, sales pipeline,
customer support and feature requests, security, privacy, compliance,
etc.
Kubernetes Predictions Were Wrong
The view that Kubernetes would settle into quiet utility and effectively
disappear while also running all our workloads failed to materialize. Nobody
managed to create a single opinionated path for Kubernetes that would take care
of all these choices. The simple reason for this is that the mythical one true
way wouldn’t work for most applications and services. It’s impossible to create
a simple, simple path without acknowledging the context of the application and
organization. This is why platform engineering has gained traction. While
there’s little chance of creating an industrywide path of simplified choices,
creating one within an organization is perfectly feasible. A minimal viable
platform could be a wiki page listing pre-baked decisions and providing a
standard example for each configuration file. This might evolve into a facade
that allows developers to specify what they need along a simple dimension, such
as “size,” with the platform taking care of the details behind the flag.
Platforms should provide simplified ways to do the right thing while letting
expert developers peel back the layers when the standard approach isn’t
suitable.
How DSPM Fits into Your Cloud Security Stack
DSPM solutions provide unique security capabilities and are specifically
tailored to addressing sensitive data in the cloud, but also to supporting a
holistic cloud security stack. As the variety and sophistication of attacks
increase over time, new challenges arise that the existing security stack can
hardly keep up with. A new, more aligned, and holistic inventory of security
tools should be considered, consisting of identity threat protection,
data-related risk reduction, privacy management, and a host of other imperative
elements while ensuring continuous monitoring of any cloud asset, including
CSPs, SaaS apps, File Shares, and DBaaS. However, building the most appropriate
cloud security stack to do so may prove challenging in light of the numerous
different – but similar-sounding – security domains in the market. DSPM tools
protect data wherever it resides (IaaS, PaaS, SaaS, DBaaS, and File Shares),
combined with advanced identity-centric data threat protection. They empower
security teams to reduce data risk and achieve unparalleled visibility into data
location, misconfiguration, comprehensive and tailored classification, access
permissions, usage patterns, and potential threats, ensuring continuous data
security and governance.
Face off: Attackers are stealing biometrics to access victims’ bank accounts
Cybersecurity company Group-IB has discovered the first banking trojan that
steals people’s faces. Unsuspecting users are tricked into giving up personal
IDs and phone numbers and are prompted to perform face scans. These images are
then swapped out with AI-generated deepfakes that can easily bypass security
checkpoints The method — developed by a Chinese-based hacking family — is
believed to have been used in Vietnam earlier this month, when attackers lured a
victim into a malicious app, tricked them into face scanning, then withdrew the
equivalent of $40,000 from their bank account. ... “These tools are relatively
low cost, easily accessed and can be used to create highly convincing
synthesized media such as face swaps or other forms of deepfakes that can easily
fool the human eye as well as less advanced biometric solutions,” he said. ...
“Organizations may begin to question the reliability of identity verification
and authentication solutions, as they will not be able to tell whether the face
of the person being verified is a live person or a deepfake,” writes Gartner VP
analyst Akif Khan.
Critical infrastructure attacks aren’t all the same: Why it matters to CISOs
Effectively restraining foreign adversaries would require limiting connectivity
to critical infrastructure, which is only incrementally possible (via
air-gapping, etc.). Better awareness of malign intentions, however, should
dampen the sophistication of intrusion activity, and institutionalization of
critical infrastructure preparedness and mitigation fundamentals should mitigate
threat severity. From this perspective, Wray’s push to spread awareness of the
PRC threat is wise, as is Canada’s attempt to pass stricter regulation of
critical infrastructure operators’ security practices. One limits the
discretionary conditions the Chinese need to build this capability; the other
builds toward an inter-institutional apparatus that is more inherently adaptive,
which should reduce the value of the capability. Stakeholders in the United
States and elsewhere should double-down on efforts that conform to these
parameters. From more consistent de-classification of details of critical
infrastructure attacks to the publicization of critical infrastructure operator
security performance outcomes, public sector stakeholders can limit the
conditions under which foreign activity can find strategic value.
Report: Manufacturing bears the brunt of industrial ransomware
One of the main reasons that the manufacturing sector is so heavily targeted is
because it adopted digitization at a much quicker pace compared to, for example,
the water and wastewater or transportation sectors. But Lee was quick to point
out that other industrial sectors are catching up to the broad digital footprint
– and potential access points – of the manufacturing sector. “The manufacturing
industry really went through that quote unquote, digital transformation and
connectivity very quickly. As a result of not investing in IoT security when
they did that, we’re seeing a lot of ransomware cases, a lot of activists,
criminals, etc., disrupting manufacturing,” Lee said. “Far more than gets
reported publicly.” The manufacturing sector, Lee said, still struggles with
segmenting networks like those that deal with human resources from operational
technology networks that control operations, which can allow a hacker broad
access to the organization. However, that trend is spreading to other sectors,
such as water and wastewater, Lee warned. He expects an increase of ransomware
attacks on water and other utilities as digitization becomes more common.
4 Steps to Achieving Operational Flow and Improving Quality in Tech Teams
Removing dependencies is often a lot of work. Dependencies are often the
result of specialist knowledge that resides in another part of the
organisation, or past architectural choices. It often feels like the
dependencies are inevitable and inescapable. There’s a lot of truth to the
idea that removing dependencies will be painful and time-consuming, but they
only have to be removed once, at which point the team never has to deal with
that dependency again. It’s an investment today in order to get better results
tomorrow. ... Rather than arranging teams in functional silos, arrange them so
they can deliver value independently. This arrangement then allows more work
to move through the system simultaneously, because the different work doesn’t
create delays for other teams. Each of the above contributes to improving
flow. But what about improving quality? The interesting thing is that each of
the steps above improves quality, too. By doing fewer things at once, the
reduced cognitive load will make it easier for the team to produce higher
quality work, while reduced context switching makes it less likely they’ll
miss something important.
Quote for the day:
''To do great things is difficult; but
to command great things is more difficult.'' --
Friedrich Nietzsche
No comments:
Post a Comment