Author: Admin

Security experts are warning of new backdoor malware designed to work across Windows, Mac and Linux, some versions of which are currently undetected in Virus Total. Dubbed “SysJoker” by researchers at Intezer, the malware was discovered during an attack on a Linux web server running in an education sector organization. It’s believed to date back to the second half of 2021. “SysJoker masquerades as a system update and generates its C2 [command and control] by decoding…

Effective IT organizations rely on these foundations: well-defined, -designed, and -implemented integration with the enterprise; sophisticated process and practice oversight; and a robust, up-to-date technical architecture. But without the right people, pointed in the right direction, your IT efforts will be futile, no matter how good these look in the documentation. A CIO’s success, that is, depends more on human performance than all other factors combined. Nor is the question whether individual humans in your…

Ken Spangler is executive vice president of information technology and CIO of Global OpCo Technologies at FedEx, an $84 billion, Fortune 45 company with 560,000 team members worldwide. Having previously served as CIO for each of FedEx’s businesses, he brings a unique business vantage point to his role today overseeing the global information technology teams that support FedEx Express, FedEx Ground, FedEx Freight and FedEx Logistics. With a customer base spanning 220 countries and territories,…

The US authorities have, for the first time, explicitly identified the prolific MuddyWater hacking group as an Iranian state-sponsored entity, revealing several open-source tools used by the group to target victims. US Cyber Command’s Cyber National Mission Force said in a post yesterday that the actors associated with MuddyWater are “a subordinate element within the Iranian Ministry of Intelligence and Security (MOIS).” According to the Congressional Research Service (CRS), the MOIS “conducts domestic surveillance to identify regime opponents.” It…

Some UK banks are letting their customers down with poor authentication and web security issues, according to a consumer rights group. Which? once again teamed up with independent security consultants 6point6 to appraise the “front-end” security of 15 current account providers. It looked at four criteria: encryption and protection, login, account management and navigation. The report found that, while all lenders followed strong customer authentication (SCA) rules as laid down in European banking regulations, some exposed…

What do you think keeps CIOs up at night these days? CIOs are telling me they are currently functioning under many constraints—everyone is being asked to do more with less. Innovation under these constraints is a must. Successful CIOs recognize that this is not a bad thing. In fact, a constrained environment is often a source of innovation because it helps drive creative solutions. IT departments should not be overlooked when it comes to finding…

Collecting Credentials Many of us are fond of collecting things, but not everyone is excited about Collections #1-5. In 2019, these Collections, composed of ca. 932 GB of data containing billions of email addresses and their passwords, made their way around the Internet. These collections weren’t breaches but compilations of emails and passwords that had been gathered. Even after repeat entries were whittled down, the collection still contained billions of distinct address and password combinations….