Tech News Centre

A new report from the cybersecurity firm Securelist has identified a new APT group that has been active since at least 2019. The group, which is named GoldenJackal , is believed to be based in Iran and is known for targeting government and diplomatic entities in the Middle East and South Asia. GoldenJackal has used a variety of techniques to compromise its targets, including phishing, spear phishing, and watering hole attacks. The group has also been known to use custom malware, including backdoors, stealers, and wipers.

In March 2023, security researchers from ESET announced the discovery of a new UEFI bootkit called BlackLotus . This bootkit is capable of bypassing UEFI Secure Boot, a security feature that is designed to prevent malware from infecting a computer's firmware. Once BlackLotus is installed, it can give an attacker complete control over the computer, including the ability to steal data, install other malware, and disrupt the computer's operation. BlackLotus is a sophisticated piece of malware that is difficult to detect and remove. It is also relatively new, so there is limited information about how it works. However, ESET researchers have been able to learn a lot about BlackLotus, and they have published a detailed analysis of the malware.

The Prometei botnet has been an ongoing threat since Cisco Talos first reported on it in 2020. As of November 2022, the botnet has improved its infrastructure components and capabilities, including certain submodules of the execution chain that automate processes and challenge forensic analysis methods. Based on data obtained by sinkholing the DGA domains over a one-week period in February 2023, the Prometei v3 botnet is estimated to be of medium size, with more than 10,000 infected systems worldwide. The actors have been actively spreading improved Linux versions of the bot, continuously improving the current version.

The US Pentagon announced on Friday that it had detected a Chinese spy balloon flying over the central United States. The US rejected China's claim that the balloon was a weather research airship and described it as a surveillance vehicle. Brig. Gen. Pat Ryder, the Pentagon press secretary, stated that the balloon was at an altitude of 60,000 feet, was maneuverable and posed no threat at the moment. The US Secretary of State Antony Blinken postponed a planned trip to China in response to the discovery of the balloon. The balloon was spotted over Montana, which is home to one of America's nuclear missile silo fields. The US prepared fighter jets, including F-22s, to shoot down the balloon, but ultimately decided against it due to the potential risks to people on the ground. China expressed regret for the balloon's entry into US airspace and said it was a civilian airship used mainly for meteorological research.

Prilex is a highly advanced malware that has evolved from ATM-focused malware into a unique modular PoS malware, known to be the most advanced PoS threat seen so far. It has a unique cryptographic scheme, performs real-time patching in target software, forces protocol downgrades, manipulates cryptograms, performs GHOST transactions and performs credit card fraud. Recently, three new versions of Prilex have been discovered with the ability to block contactless payment transactions, which have become popular due to the pandemic. These new versions block NFC-based transactions and force victims to use their physical card by inserting it into the PIN pad reader, which allows the malware to capture the data coming from the transaction.

There are several key roles within the cyber security field that are in high demand in the job market. Some of the top profiles in the market include: Cybersecurity Analyst: These professionals are responsible for identifying, assessing, and mitigating security threats to an organization's computer systems and networks. Penetration Tester: Also known as ethical hackers, these professionals are hired to test the security of an organization's systems and networks by simulating a cyber attack. Security Engineer: These professionals design, develop, and implement security systems and solutions to protect an organization's networks and data. Security Operations Center (SOC) Analyst: These professionals monitor and analyze security data to detect and respond to potential security threats and incidents.