Tech News Centre

The US Pentagon announced on Friday that it had detected a Chinese spy balloon flying over the central United States. The US rejected China's claim that the balloon was a weather research airship and described it as a surveillance vehicle. Brig. Gen. Pat Ryder, the Pentagon press secretary, stated that the balloon was at an altitude of 60,000 feet, was maneuverable and posed no threat at the moment. The US Secretary of State Antony Blinken postponed a planned trip to China in response to the discovery of the balloon. The balloon was spotted over Montana, which is home to one of America's nuclear missile silo fields. The US prepared fighter jets, including F-22s, to shoot down the balloon, but ultimately decided against it due to the potential risks to people on the ground. China expressed regret for the balloon's entry into US airspace and said it was a civilian airship used mainly for meteorological research.

Prilex is a highly advanced malware that has evolved from ATM-focused malware into a unique modular PoS malware, known to be the most advanced PoS threat seen so far. It has a unique cryptographic scheme, performs real-time patching in target software, forces protocol downgrades, manipulates cryptograms, performs GHOST transactions and performs credit card fraud. Recently, three new versions of Prilex have been discovered with the ability to block contactless payment transactions, which have become popular due to the pandemic. These new versions block NFC-based transactions and force victims to use their physical card by inserting it into the PIN pad reader, which allows the malware to capture the data coming from the transaction.

There are several key roles within the cyber security field that are in high demand in the job market. Some of the top profiles in the market include: Cybersecurity Analyst: These professionals are responsible for identifying, assessing, and mitigating security threats to an organization's computer systems and networks. Penetration Tester: Also known as ethical hackers, these professionals are hired to test the security of an organization's systems and networks by simulating a cyber attack. Security Engineer: These professionals design, develop, and implement security systems and solutions to protect an organization's networks and data. Security Operations Center (SOC) Analyst: These professionals monitor and analyze security data to detect and respond to potential security threats and incidents.

IT governance is the framework of policies and procedures that an organization follows to ensure that its IT resources are aligned with its overall business objectives and that it is in compliance with relevant laws and regulations. Compliance refers to the adherence to laws and regulations that apply to the organization and its industry. IT governance is essential for ensuring that IT resources are used in an effective and efficient manner. It helps to ensure that IT investments align with business objectives, that risks are identified and managed, and that the organization is in compliance with relevant laws and regulations. Effective IT governance is based on a combination of best practices, industry standards, and regulations. Some of the key components of IT governance include:     IT strategy and planning: This involves aligning IT resources with business objectives, setting goals and objectives for IT, and developing a plan for achieving them.

Source@goup-ib A new APT group, known as Dark Pink, has been discovered by cybersecurity firm Group-IB. The group, which has been active since mid-2021, has been found to be targeting military branches, government ministries, and agencies in the APAC region, as well as one organization in Europe. As of December 2022, Dark Pink had successfully breached the defenses of six organizations in five APAC countries (Cambodia, Indonesia, Malaysia, Philippines, and Vietnam), and one organization in Europe (Bosnia and Herzegovina).

SIEM (Security Information and Event Management) is a technology used to collect, analyze, and respond to security-related data from various sources in order to identify, investigate, and respond to cyber threats. It is designed to provide a comprehensive view of an organization's security posture by aggregating and correlating security-related data from multiple sources such as network devices, servers, applications, and endpoints. SIEM typically has two main components:     A log management system that collects and stores security-related data from various sources     An analytics engine that processes and analyzes the collected data to detect security threats and anomalies