A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. Researchers from BlackBerry Threat Research and Intelligence spotted a new RAT written in the Go programming language, dubbed ChaChi, which has been used by PYSA (aka Mespinoza) operators to target victims globally. The name ChaChi comes from two key components of the malware, Chashell and Chisel.  Chashell is a reverse shell over DNS provider, while Chisel is a port-forwarding tool….

In the United States, young adults are more than twice as likely as older Americans to cyber-stalk their current or former romantic partners. New research by NortonLifeLock found three in five Gen Z and Millennial American adults who have been in a romantic relationship (60% of those ages 18 to 39) have digitally checked up on an ex or current squeeze without their knowledge or consent.  The same admission was made by just a quarter (24%) of…

A high-level member of the notorious organized cybercrime group FIN7 is to spend the next seven years in an American prison. Hacker Andrii Kolpakov was an active member of FIN7 from at least April 2016 until his arrest in Lepe, Spain, on June 28, 2018.  The 33-year-old Ukrainian national, who was referred to within the hacking group as a pen tester, pleaded guilty in June 2020 to one count of conspiracy to commit wire fraud and one count of conspiracy…

By Ron Newman, SVP at NTT Ltd. Security Division The last year has forced organizations into change, both planned and unplanned. Companies have had to pivot, rethink their business strategies and accelerate their digital transformations. A recent study found that nearly 90 percent of decision makers believe the COVID-19 pandemic has forced them to rely on technology more than ever before. For many organizations, this includes moving workloads to the cloud, a migration that has…

By Jerome Becquart, COO, Axiad The pandemic forced organizations to accelerate their journey to passwordless with secure authentication methods such as multi factor authentication (MFA), as individuals were expected to access the corporate network from a diverse number of locations, without compromising security or operational capacity. According to Gartner, 60% of large enterprises and 90% of midsize businesses will be using passwordless authentication by 2024. But passwordless in isolation is not enough. In order to…

A trade watchdog in the United Kingdom is launching an investigation into what the world’s largest e-tailers are doing to combat fake reviews on their platforms. The Competition and Markets Authority (CMA) announced earlier today that it has opened a formal probe into Amazon and Google over concerns that the companies’ efforts to protect consumers from falsified reviews are insufficient. Following the announcement, the CMA will now begin gathering information to determine whether the two…

Today we’re featuring a blog from Pablo Chico de Guzmán at Okteto, who writes about how the developers’ love of Docker Compose inspired Okteto to create Okteto Stacks, a fully compatible Kubernetes backend for Docker Compose It has been almost 7 years since the Docker Compose v1.0.0 release went live. Since that time, Docker Compose has become the dominant tool for local development environments. You run one command and your local development environment is up…

  PCI DSS requirements may apply to work-from-home (WFH) environments in different ways, depending on the entity’s business and security needs and how they have configured their infrastructure to support personnel working from home. Additionally, the job functions an individual is performing may also affect how PCI DSS applies—for example, whether an individual requires access to payment card account data or to the entity’s CDE, and the type of access required.

Storage drive maker Western Digital is telling owners of its WD My Book Live device to disconnect it from the internet after reports that some have had their data erased by malicious software. According to an advisory issued by the firm, malicious attackers are compromising the devices – commonly used to back up data such as home movies, photographs, and important documents – resulting in their entire contents being wiped in some cases. Western Digital…